Another year has passed and another Christmas with Covid has passed. It seems like every time we start to see daylight with a return to normalcy, a new variant is announced. Fortunately, the latest variant seems to have diminished in terms of potency. I hope all of you had the chance to unwind, visit with family and were also able to stay healthy and safe.
A holiday wouldn’t be complete without a new vulnerability being detected. Organizations have spent the last few weeks identifying and patching Log4J vulnerabilities. One thing is persistent from a security perspective: Software needs to be patched, kept under maintenance and retired when it is no longer needed. For those of you still needing some Log4J assistance, CISA offers some very useful information. Be sure to check with your vendors as well.
Gary Hutcheson (EBSCO Industries) gave members some insight into the SOC processes at EBSCO on January 4th. His thoughts on using internal staffing as well as external augmentation for monitoring is something many companies can utilize due to financial limitations. Gary also discussed some of the pains of dealing with Log4J in an environment where he manages multiple lines of business. I want to thank Gary for sharing with the membership. Part of what makes any organization useful is the sharing of information and it is something we, as a membership, need to pay attention to in 2022.
On February 3rd, Dustin Childs from Trend Micro will be presenting on ZDI (Zero Day Initiatives). Please make plans to attend the event. In fact, I would suggest adding entries on your calendar for the remainder of the year. ISSA usually meets on the first Thursday of the month at 11:00 AM Central.
We have open slots for most of the 2022 calendar year. So if you have a topic you want to hear about or if you have an interest in speaking, please let us know by sending an email to [email protected].
Willie Clemons Central Alabama ISSA President