Read only root file system in istio-system/istiod

Could anyone help. We are on a crunch with resolving security issues in our environments. We are encountering ‘Containers should run with a read only root file system in your Kubernetes cluster. Immutable filesystem protects containers from changes at run-time with malicious binaries being added to PATH.’ error with our Istiod pod ‘istio-system/istiod-xxxxxxxxx’. Is there anyway to update this so we can get cleared on this error. We know what the parameters to fix the issue but not sure if we can apply it against our Istio/istiod. But the way, we had to add a parameter in the ‘service account’ and the ‘deployment’ to resolve this. Looking at the Istiod yams file, not sure how to go about adding these. Any help would be greatly appreciated as we are implementing this patch in a week. Thank You.