The Log4j vulnerability emerged as a critical cybersecurity risk factor at the end of 2021, threatening to leave millions of devices open to attack.
The scope of the flaw, which targets a widely used Java-based logging utility, is pushing IT executives to reassess how they protect systems and shore up defenses against open source vulnerabilities.
Though many businesses quickly patched their systems, the threat of Log4j looms large in 2022. Sophisticated threat actors could be waiting to use the exploit, catching targets in a lower level of awareness, according to Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA).
Tech executives can guide how their businesses respond, recover and prepare for future threats. Half of CIOs will prioritize security management in 2022 as CEOs seek to lower risk exposure, according to an IDG report. Cybersecurity also gained relevance for boards of directors, a response to the the increasing threat of operational disruption.
For CIOs, Log4j tested the role tech leaders play in cybersecurity response, from collaborating with other C-suite members to addressing the technical challenges of remediation.
In response to Log4j, Akamai began by gathering information, according to CTO Robert Blumofe.
"The first piece I think is pretty standard across most organizations: learning about the vulnerability, identifying which systems are impacted and patching as quickly as possible," said Blumofe.
The company used third-party tools and in-house products to detect vulnerable Java applications, and relied on its Web Application Firewall (WAF) to provide protection and allow patching to take place under less pressure.
Each company addressed the vulnerability according to its own roadmap, but speed is one common element.
Global Payments took swift action to respond to the vulnerability, said Guido Sacchi, SEVP and CIO.
"All our systems have been patched and brought up to speed with the latest upgrades," said Sacchi. "There's been a lot of work just to make sure that our systems are taken care of.
In addition to updating its WAFs, Global Payments ran indicators of compromise through its system, relying on information from the Financial Services Information Sharing and Analysis Center to ensure there were no signs of compromise.
Security posture adjustment
The massive scope of the Log4j vulnerability is pushing leaders to revisit their security products and remediation tactics, alongside their security stance ahead of possible future risk.
Global Payments took a close look at possible cyber risks coming in undetected from the vendor side.
"We have a very mature vendor management program, and follow up directly with vendors to make sure what's present in our infrastructure is taken care of," Facchi said.
Akamai relies on zero trust to reduce the possibility of compromise, according to Blumofe. Under this approach, each endpoint can only see and reach other endpoints required to perform their tasks.
"We expect this approach to greatly reduce the threat surface when a vulnerability arises," said Blumofe. "And in many cases, [it can] stop the attack chain before we are impacted.”