Gartner advises there are 15-20 firmware components in every endpoint, 20-30 components in every server, and is present as the “digital DNA” in every networked and connected device. Is there an emerging trend where Cybersecurity Risk Executives and threat teams are moving from traditional views of firmware as a ”black box”, specified and constructed by vendors in a vacuum and beyond scope of their assessments and mitigation techniques? Are attackers turning to firmware-based exploits and if so why? Off-the-shelf boot-level attack kits are readily available and UEFI-level tactics are being shared in dark web forums that can go unnoticed by traditional vulnerability, risk and end endpoint security programs. During this session we will discuss the apparent collision between new firmware-oriented attack vectors and traditional Cybersecurity tools, roles and boundaries.