Sorry, you need to enable JavaScript to visit this website.

FBI CJIS Security Policy – Firmware Integrity: Is your agency prepared?

June 20, 2024 1:00 pm 01:00 pm - 02:00 pm
ET
FBINAA Webinar June 20

 

Nefarious actors have been attacking firmware as a mechanism to threaten national security, infiltrate your network, and to steal your organization’s sensitive data. Accordingly, updates to the FBI CJIS Security Policy (CJISSECPOL) now require all criminal justice information hardware, network appliances, and infrastructure to ensure the security of their firmware by employing firmware integrity checks.

CJISSECPOL version 5.9.2 added a new section for system requirements. Policy area 5.15 is now dedicated to System and Information Integrity (SI). SI-7 Software, Firmware, and Information Integrity expands security focus beyond hardware and software and into firmware. Specifically, the most updated language calls for integrity checks and integration on Detection and Response.

To effectively combat firmware threats, it's crucial to understand their primary targets. These threats tend to target one of three areas:

  • High value laptops: Laptops serve as a great mobile tool as they bring great computing capacity and capability to any environment. This mobility also makes them a vulnerable target when used in untrusted environments and less than secure networks.
  • Critical servers: Servers contain a number of complex components which can be targeted. A compromised server can facilitate data theft, enable attackers to lie in wait, or disrupt user access.
  • Network and security: By attacking networking appliances, attackers can move laterally within your system and avoid easy detection. In fact, they can even target network controls dedicated to security, compromising the very tools meant to protect.

In this session you will learn why firmware integrity matters to the security of data. You will also be introduced to Panasonic Connect’s firmware integrity solution, Smart Compliance, and receive a high-level demonstration of the product.

Key takeaways:

  • Understanding the threat to the technology supply chain
  • Be able to reference the CJISSECPOL firmware integrity requirement
  • View a demonstration of how Panasonic Connect’s Smart Compliance can ensure firmware integrity

 

Speakers:

  • Drew Rasmussen, Sales Engineer, Eclypsium
  • Marcus Claycomb, Business Development Manager, Panasonic Connect North America
    Ret. Commander Melbourne Police Department - FBINA Session #273
  • Sean Georgia, National Strategic Account Manager, Panasonic Connect North America
    Ret. Major PA State Police - FBINA Session #265

Thursday, June 20, 2024 at 1:00pm (EST)

Learn more about our TOUGHBOOK solutions:

TOUGHBOOK Product Family Hero

Computers & Tablets

TOUGHBOOK Services teaser

TOUGHBOOK Services

TOUGHBOOK Solutions

TOUGHBOOK Solutions