3rd Party Risk Management , Application Security , Business Continuity Management / Disaster Recovery

CISO Playbook: Dawn Cappelli on Mitigating Log4j Zero-Day

Rockwell Automation CISO Shares Lessons Learned from Triage, Response
Dawn Cappelli, VP and CISO, Rockwell Automation

Like CISOs everywhere, Dawn Cappelli of Rockwell Automation awoke last Friday to news about the Log4j vulnerability and the risk it posed to her company, customers and partners. Here is how she approached triage, response and capturing insights to be shared with other security leaders.

See Also: The State of Organizations' Security Posture as of Q1 2018

In this video interview with Information Security Media Group, Cappelli, VP and CISO at Rockwell Automation, discusses:

  • How she approached the first 24 hours of Log4j mitigation;
  • Strategies for communicating with customers and partners;
  • The "unknown unknown" that still concerns her about adversaries looking to exploit this vulnerability.

Cappelli is vice president and chief information security officer at Rockwell Automation. She joined Rockwell from Carnegie Mellon University, where she was founder and director of the CERT Insider Threat Center. She is recognized as one of the world's leaders in insider threat mitigation and has worked with government and industry leaders on national strategy issues.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.