3rd Party Risk Management , Application Security , Business Continuity Management / Disaster Recovery

CISO Playbook: Log4j Response - Hard Work, Lasting Lessons

Pooja Shimpi and Deepayan Chanda on Detection, Collaboration and Open-Source Risk
Pooja Shimpi, global cybersecurity BISO, APAC; Deepayan Chanda, enterprise security architect, both in financial services and both CyberEdBoard executive members

The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders, and it left them with a mitigation project that carries them well into the New Year. Security leaders Pooja Shimpi and Deepayan Chanda discuss how they have tackled Log4j - and significant lessons learned about incident response and information sharing.

See Also: OnDemand | Secure Your Vendor's Access from Attacks on Third-party Vulnerabilities

In this video interview with Information Security Media Group, Shimpi and Chanda - both executive members of the CyberEdBoard - discuss:

  • Initial response to Log4j vulnerability;
  • Lessons learned from mitigation efforts;
  • Advice to other security leaders overseeing their own mitigation efforts.

Shimpi has over 14 years of experience in cybersecurity with reputed international banks. She has expertise in driving various initiatives across multiple domains of information security. She was featured in the Epic Women in Cyber 2021 Medium.com blog, her interview on cybersecurity has been published in Cyber Security Observatory - APAC series and she has participated as a guest speaker in various events. She is also actively involved in global inclusion and diversity programs, mentoring initiatives.

Chanda, an enterprise security architect with a large financial institution, has over 25 years of industry experience. He is a security strategist and adviser who solves enterprise cybersecurity problems with a strong focus on balancing security and business goals. Chanda has worked with many enterprise cybersecurity and large financial organizations, been a mentor and adviser to cybersecurity startups and written many books on cybersecurity. He served in the Indian Air Force. Chanda's latest book is "Penetration Testing With Kali Linux."

CyberEdBoard is ISMG’s premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.

Join the Community - CyberEdBoard.io.

Apply for membership


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.