In this episode of the podcast (#167): two stories this week – one from Pittsburgh and one from New York – have highlighted anxiety about Chinese made cameras and other security gear deployed in U.S. government agencies and in cities and towns. We’re joined by Terry Dunlap the co-founder of ReFirm Labs to talk about why software supply chain risks are real -and growing.
Sarah Zatko of the Cyber Independent Testing Lab joins us to talk about CITL’s big new study of firmware security. In our second segment, we’re joined by Allan Thomson who is the Chief Technology Officer at LookingGlass Cyber Solutions to talk about the growing use of cyber threat intelligence and the need to evolve cybersecurity practices to keep ahead of fast-evolving threats.
A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors.