Thursday, December 12, 2024
Latest:
NETWORK ADMINISTRATIONSsnmp

Securing the forgotten risk vector: firmware

Firmware is ubiquitous in any IT environment. The code—usually hardwired onto a microchip—bridges the hardware and software in any computer, including Internet of Things devices and other surprising places. Because it is hidden and because it can be difficult to update, many IT organizations pay little attention to developing cybersecurity strategies.

That omission can be a costly mistake. CGI Vice President Chris Lavergne and Director Dave Crawford, both cybersecurity experts, join CGI Voices host Pete Tseronis on this podcast episode to explain the current state of firmware and how agencies can better account for it in their planning.

Timestamps/Chapters
00:05:34 – Chapter: Grappling with an increasing target-rich environment–the IoT, firmware and smart technologies
00:09:28 – Chapter: What is firmware, anyway?
00:17:38 – Chapter: Identifying resources and scoping out the challenge
00:31:14 – Chapter: Back to basics
00:34:47 – Chapter: The unique squishiness of the IoT
00:37:51 – Chapter: Asset visibility and vulnerability detection
00:43:27 – Chapter: Parting shots

Related links

How CDM concepts can aid a zero trust transition, by David Crawford and Chris Lavergne- https://www.cgi.com/us/en-us/federal/blog/CDM-concepts-aid-zero-trust-transition
Reduce the noise to strengthen agency cybersecurity defenses, by John Nemoto and Chris Lavergne- https://www.cgi.com/us/en-us/federal/blog/reduce-noise-strengthen-cybersecurity
CGI Federal Cybersecurity services- https://www.cgi.com/us/en-us/federal/cybersecurity
Executive Order on Improving the Nation’s Cybersecurity- https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/
Known Exploited Vulnerabilities Catalog | CISA- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Common Vulnerabilities and Exposures- https://cve.mitre.org/
Common Platform Enumeration- https://nvd.nist.gov/products/cpe

Producer: Michael Hardy
Engineer: Lexie Floor
Assistant Engineer: Donovan Samuel

Want to listen to the podcast? Listen on your favorite podcast platform – https://cgifederalvoices.buzzsprout.com/2203081/13846639-securing-the-forgotten-risk-vector-firmware

Learn more about us at www.cgifederal.com

source

by CGI in the United States

simple network management protocol

You May Also Like

How To Send Email Using Postfix Mail Relay Server With Gmail – Best For Nagios Alerts

Devops Day 07 ll DevOps ll Dev

What is IDP.Generic and How to safely remove It from Windows?

Alice AUSTIN