The Critical Need for Comprehensive Device Lifecycle Security: Insights from HP’s Latest Report
HP Report Unveils Critical Cybersecurity Gaps in Device Management
HP has released a new report revealing alarming cybersecurity risks tied to the insufficient security of devices throughout their lifecycle. The findings stem from a global study involving over 800 IT decision-makers and 6,000 work-from-anywhere employees, highlighting that platform security—specifically hardware and firmware—remains a neglected area in cybersecurity strategies.
With 81% of IT leaders agreeing on the pressing need for enhanced hardware security, the report exposes a significant gap: 68% of decision-makers indicate that investments in this critical area are often sidelined in evaluations of the total cost of ownership. This oversight can lead to substantial long-term costs and efficiency losses as organizations grapple with data breaches and weak device management.
Key vulnerabilities identified across the five stages of device management reflect these gaps. A shocking 34% of IT decision-makers reported that their device suppliers failed cybersecurity audits, while 53% acknowledged lax practices around BIOS password management. Compounding the issues, over 60% delay essential firmware updates due to a phenomenon dubbed “Fear Of Making Updates.”
Additionally, the study illuminated the economic impact of lost or stolen devices, which could cost businesses up to $8.6 billion annually. Alarmingly, 70% of work-from-anywhere employees possess obsolete devices, creating potential risks as organizations struggle to securely decommission such equipment.
Boris Balacheff, Chief Technologist for Security Research and Innovation at HP, stresses the significance of a holistic approach to device security. "Choosing technology providers requires diligence and verification—not blind trust,” he warned, emphasizing the need for thorough vendor audits.
As businesses evolve in their operational models, HP’s report underscores the urgent need to prioritize device security from procurement to decommissioning to safeguard against an increasingly hostile cyber landscape.