Steve Orrin, chief technology officer at Intel’s federal arm, has said that agencies need to be proactive in protecting their network information technology stacks against emerging threats like firmware hacks.
Orrin wrote in a Fifth Domain piece published Tuesday that firmware threats inject low-level software to manipulate systems before booting and during runtime.
He said that in order to mitigate such attacks, agencies must first assess system components for updates and understand their supply chain that comprises the entire IT ecosystem.
Agencies must also ensure security at all layers of the IT stack and deploy secure booting capabilities to prevent cases such as misconfigurations and malware attacks.
Additionally, Orrin said that agencies should perform inventory audits focused on the entire software ecosystem and consider third-party services to ensure visibility throughout their system stacks.
“Traditional security practices and threat system models are not sufficient in today’s sophisticated hacker environment,” said Orrin. “Today, agencies must match hackers’ sophistication and savvy with their own aggressive and comprehensive defensive stances. That means securing the entire stack, from start to finish and top to bottom.”
According to Archintel ,by 2025, the global SCMS market is expected to be over $22 billion.