Header image

Security Buyers 'Not Prioritising' Hardware and Firmware

Around half left to trust suppliers on security claims.


Securing the hardware and firmware of PCs, laptops and printers is often overlooked.

According to research by HP Wolf Security, found 81 percent of IT and security decision-makers say hardware and firmware security must become a priority to ensure attackers cannot exploit vulnerable devices.

However, 68 percent of those surveyed said that investment in hardware and firmware security is often overlooked in the total cost of ownership for devices. This leads to costly security headaches, management overheads and inefficiencies further down the line.

The survey also found 52 percent of decision makes say procurement teams rarely collaborate with IT and security to verify suppliers’ hardware and firmware security claims, while 45 percent admit they have to trust suppliers are telling the truth as they don’t have the means to validate hardware and firmware security claims.

“You will always need to choose technology providers you can trust, but when it comes to the security of devices that serve as entry points into your IT infrastructure, this should not be blind trust,” said Michael Heywood, business information security officer, Supply Chain Cybersecurity at HP.

“Organisations need hard evidence – technical briefings, detailed documentation, regular audits and a rigorous validation process to ensure security demands are being met, and devices can be securely and efficiently onboarded.”


Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

No events found.