HP Survey Says $8.6 bn Lost Yearly to Cybersecurity Challenges, Stolen Computers

Olawale Ajimotokan

A report by HP Wolf security study has revealed that organisations are losing an estimated $8.6 billion yearly to cyber security gaps, stolen device epidemic and e-waste.

The report which was based on global study of over 800 IT and security decision-makers (ITSDMs)

and and over 6000 work-from-anywhere (WFA) employees, highlighted the far-reaching cybersecurity implications of failing to secure devices at every stage of their lifecycle.

The findings show that platform security – securing the hardware and firmware of PCs, laptops and printers – is often overlooked, weakening cybersecurity posture for years to come.

The data for the sample was drawn from surveyed by Censuswide on IT and security decision makers in the US, Canada, Uk, Japan, Germany and France.

The report highlighted cybersecurity challenges facing organizations across the lifecycle of their endpoint devices – from supplier audit failures to weak BIOS passwords, Fear of Making Updates (FOMU) among others.

It shows that platform security is a growing concern with 81 per cent of ITSDMs agreeing that hardware and firmware security must become a priority to ensure attackers cannot exploit vulnerable devices.

However, 68 per cent report that investment in hardware and firmware security is often overlooked in the total cost of ownership (TCO) for devices. This is leading to costly security headaches, management overheads and inefficiencies further down the line.

Some major findings from respondents across the five stages of the device lifecycle were that laptop or printer supplier has failed a cybersecurity audit in the last five years, while more than half of ITSDMs say BIOS passwords are shared, used too broadly, or are not strong enough. Moreover, 53 per cent admitted they rarely change BIOS passwords over the lifetime of a device.

Also nearly half (47 per cent) of ITSDMs say data security concerns are a major obstacle when it comes to reusing, reselling, or recycling PCs or laptops, while 39 per cent say it’s a major obstacle for printers.

The Chief Technologist for Security Research and Innovation at HP Inc, Boris Balacheff warned end-users of device infrastructures to be resilient to cyber risks by prioritizing the security of hardware and firmware and improving the maturity of how they are managed across the entire lifecycle of devices across the fleet.

“Buying PCs, laptops or printers is a security decision with long-term impact on an organization’s infrastructure. The prioritization, or lack thereof, of hardware and firmware security requirements during procurement can have ramifications across the entire lifetime of a fleet of devices – from increased risk exposure, to driving up costs or negative user experience – if security and manageability requirements are set too low compared to the available state of the art,” Balacheff warned.

Related Articles