An organization is adopting IoT devices at an increasing rate and will need to account for firmware updates in its vulnerability management programs. Despite the number of devices being deployed, the organization has only focused on software patches so far, leaving hardware-related weaknesses open to compromise. Which of the following best practices will help the organization to track and deploy trusted firmware updates as part of its vulnerability management programs?
A. Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.
B. Apply all firmware updates as soon as they are released to mitigate the risk of compromise.
C. Sign up for vendor emails and create firmware update change plans for affected devices.
D. Implement an automated solution that detects when vendors release firmware updates and immediately deploy updates to production.
A. Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.
B. Apply all firmware updates as soon as they are released to mitigate the risk of compromise.
C. Sign up for vendor emails and create firmware update change plans for affected devices.
D. Implement an automated solution that detects when vendors release firmware updates and immediately deploy updates to production.