Relative to other cyber incidents in the last few months, Log4j is proving severely problematic. If you are in the middle of your impact and mitigation assessment, hands down the most important resource available is the webpage CISA launched yesterday to address the current Log4j activity. Per OODA CEO Matt Devost: “This is a great page and we should highlight that it exists for OODA Loop members.  CISA has done a great job here.” Log4j is also the first US-CERT notification to put front and center private sector collaboration through the newly formed DHS CISA Joint Cyber Defense Collaborative (JCDC).