1. Understand that the threat to firmware is real
Security managers need to know that the risk of an attack in firmware is quite real and that firmware must be updated like any other software. While many of the manufacturers are starting to include firmware improvements in routine BIOS updates, itís still hit or miss, so firmware updates are something security and IT managers need to manage themselves. Check the support page of your vendorís website for firmware updates that may be available for systems in your infrastructure.
Image Source: hacksmods.com