Four Steps to Secure Open‑Source Software After CSRB’s Log4j Investigation

Open-source code appears in 92 percent of all applications. Those publicly available components comprise 70 percent of the average piece of software. While that shortcut propels rapid tech advances and the global economy, the Log4j event that rocked the cybersecurity world last winter shows the giant security risks of using free code all the time. This article presents four key steps that fund managers can take to use open-source software more securely, and it includes comments from Cyber Safety Review Board members about their new report on Log4j, which they called an endemic threat to companies for the next decade. See our three-part series on open-source software: “What Is It, and How Are Fund Managers Using It?” (Feb. 21, 2019); “Benefits and Risks” (Feb. 28, 2019); and “How Fund Managers Can Mitigate the Risks” (Mar. 7, 2019).

To read the full article

Continue reading your article with a HFLR subscription.