The Log4J issue greatly increased awareness and concerns on the cybersecurity risks of Open Source Software (OSS). Not only was the Log4J software extremely widely-adopted, but it had worldwide code contributors and no centralized support - these attributes apply to nearly all OSS. This raised broad concerns on whether the risks associated with OSS had been under-appreciated. C-level executives were concerned to learn that there wasn't a 'single throat to choke' to hold contractually responsible. Cybersecurity professionals realized that Log4J exposed weaknesses related to the lack of rapid and complete understanding of all underlying software package dependencies (some up to 9 levels deep). Cybersecurity professionals need to separate the facts from fears and have a comprehensive understanding of the strengths and weaknesses of using OSS.