In a stern warning issued Tuesday, the Federal Trade Commission (FTC) put companies on notice that any failure to protect against Log4shell could become costly. This announcement underlines the new requirement that every company must take under the Federal Trade Commission Act (the “FTC Act”). As a result, reasonable steps to mitigate a known software vulnerability are now a legal obligation:
Article Link: FTC Warning in Wake of Log4j: Secure Your Software Supply Chain