Hackers Are Targeting Your Firmware. Are You Ready? – John Loucaides – ESW #223



Sponsored By


sponsor
Visit https://securityweekly.com/eclypsium for more information!

83% of businesses have experienced at least one firmware attack in the past two years – and yet most organizations lack visibility into this attack surface. We’ll discuss why hackers are increasingly targeting firmware and what enterprises need to do to detect and prevent these attacks.

Segment Resources:
Assessing Enterprise Firmware Security Risk in 2021 – https://eclypsium.com/2021/01/14/assessing-enterprise-firmware-security-risk-in-2021/

https://github.com/chipsec/chipsec

The Top 5 Firmware Attack Vectors – https://eclypsium.com/2018/12/28/the-top-5-firmware-and-hardware-attack-vectors/

Request a demo of the Eclypsium platform – https://eclypsium.com/

This segment is sponsored by Eclypsium.

Visit https://securityweekly.com/eclypsium to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Hackers Are Targeting Your Firmware. Are You Ready?

Guests

John Loucaides

John Loucaides – VP Federal Technology at Eclypsium

@JohnLoucaides

John Loucaides is the VP of Research and Development at Eclypsium, the comprehensive cloud-based device security platform that protects enterprise devices all the way down to the firmware and hardware level. Headquartered in Portland, Oregon, the company was named to Fast Company’s annual list of the World’s Most innovative Security Companies for 2020, the CNBC Upstart 100 list, and Gartner’s Cool Vendor list for Security Operations and Threat Intelligence. John has extensive history in hardware and firmware threats from experience at Intel Corporation and the United States government. At Intel he served as the Director of Advanced Threat Research, Platform Armoring and Resiliency, PSIRT, and was a CHIPSEC maintainer. Prior to this, he was Technical Team Lead for Specialized Platforms for the federal government.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements