What Auditors Need to Know When Evaluating Firmware Compliance

Presented by

John Loucaides, VP of Federal Technology

About this talk

Recent updates to NIST 800-53 and other compliance standards emphasize that controls must extend down to firmware and hardware. To keep pace with widespread attacks and new standards, organizations must incorporate firmware security into risk management and compliance processes and address blind spots that have given attackers a new foothold. But what does this mean, and what should you be looking for? In a follow-on to his popular ISACA presentation, Eclypsium’s John Loucaides will delve deeper into the questions auditors should ask, and the tools that are available to implement controls and verify due diligence within an organization. Eclypsium’s VP of Federal Technology, John Loucaides will discuss: - What is firmware, and why is it important? - Why firmware and hardware security is being called out in compliance frameworks - What questions to ask when conducting your audit - Evidence of compliance that can be produced - How Eclypsium is helping businesses collect this evidence
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (49)
Subscribers (3263)
Eclypsium is the industry’s leading enterprise firmware protection platform - providing a new layer of security to protect your IT infrastructure from firmware attacks. Eclypsium defends enterprises and government agencies from vulnerabilities and threats hidden within firmware that are invisible to most organizations today.