CGI Voices, hosted by Pete Tseronis
In the ever-changing world of federal agency management and technology, you need expert guidance to stay on course. Emerging cyber threats, rapidly advancing technology, and ever more complicated management and governance puzzles challenge even the most experienced federal agency leaders.
Get insights you can act on through the new CGI Voices podcast, hosted by agency veteran Pete Tseronis.
Pete is the founder of Dots and Bridges and is a former Chief Technology Officer at the Departments of Education and Energy. He also served as deputy CIO and assistant CIO at Energy. He is a member of the National Institute of Standards and Technology’s advisory board and co-chair of the IoT Smart Infrastructure Working Group at ACT-IAC.
CGI Voices, hosted by Pete Tseronis
Securing the forgotten risk vector: firmware
Firmware is ubiquitous in any IT environment. The code—usually hardwired onto a microchip—bridges the hardware and software in any computer, including Internet of Things devices and other surprising places. Because it is hidden and because it can be difficult to update, many IT organizations pay little attention to developing cybersecurity strategies.
That omission can be a costly mistake. CGI Vice President Chris Lavergne and Director Dave Crawford, both cybersecurity experts, join CGI Voices host Pete Tseronis on this podcast episode to explain the current state of firmware and how agencies can better account for it in their planning.
Timestamps/Chapters
00:05:34 - Chapter: Grappling with an increasing target-rich environment--the IoT, firmware and smart technologies
00:09:28 - Chapter: What is firmware, anyway?
00:17:38 - Chapter: Identifying resources and scoping out the challenge
00:31:14 - Chapter: Back to basics
00:34:47 - Chapter: The unique squishiness of the IoT
00:37:51 - Chapter: Asset visibility and vulnerability detection
00:43:27 - Chapter: Parting shots
Have feedback or want to contact a CGI expert? You can email us at Voicespodcast@cgifederal.com.
Related links
How CDM concepts can aid a zero trust transition, by David Crawford and Chris Lavergne
Reduce the noise to strengthen agency cybersecurity defenses, by John Nemoto and Chris Lavergne
CGI Federal Cybersecurity services
Executive Order on Improving the Nation’s Cybersecurity
Known Exploited Vulnerabilities Catalog | CISA
Common Vulnerabilities and Exposures- CVE - CVE (mitre.org)
Common Platform Enumeration- NVD - CPE (nist.gov)
CISA BOD 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks
Producer: Michael Hardy
Engineer: Lexie Floor
Assistant Engineer: Donovan Samuel
Want to watch instead of listening? Find this podcast on our YouTube channel.
Learn more about us at www.cgifederal.com