Page 172 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 172

components. This is compounded by poor BIOS administration security practices. More than half (53%)
            of ITSDMs admit to using BIOS passwords that are shared, used too broadly, or are not strong enough.
            The same number say they rarely change these passwords over the lifespan of a device.

            Without  strong  BIOS  passwords,  threat  actors  could  gain  unauthorized  access  to  firmware  settings,
            significantly weakening devices by turning off security features. Over half of ITSDMs (55%) would like to
            set BIOS passwords to protect firmware settings but say they can’t because it is too complicated or costly.




               3.  Ongoing management woes

            More than three quarters (78%) say they need to continuously validate the integrity of devices across the
            lifecycle. This is because the security of the device infrastructure depends on low-level firmware security
            and configurations.

            However,  poor  firmware  update  practices  are  widespread,  and  make  ongoing  integrity  monitoring  a
            significant challenge. Over 60% of ITSDMs do not make firmware updates as soon as they're available
            for laptops or printers, while 57% say they hesitate to deploy updates because of risks of disruptions to
            their users and applications. This hesitancy is concerning as 80% of respondents fear the rise of AI could
            mean attackers can develop exploits much faster.



               4.  Remediation struggles

            Establishing  and  maintaining  a  strong  device  security  posture  involves  managing  threats  that  target
            hardware  and  firmware  across  device  fleets.  This  means  IT  and  security  teams  must  be  able  to
            continuously  monitor  and  remediate  security  issues  quickly.  However,  organizations  report  being  ill-
            equipped  to  tackle  hardware  and  firmware  level  platform  threats,  with  60%  of  ITSDMs  saying  that
            detection and mitigation of such attacks is impossible, viewing post-breach remediation as the only path.

            For laptops, monitoring and remediation must also extend to lost or stolen devices. Work-from-anywhere
            employee behavior is a key factor behind thefts and losses, with one in five remote workers having lost
            a device or having one stolen. The study also revealed that, on average, there was a 25-hour delay in
            notifying IT when an employee device was lost or stolen. This gap gives threat actors a dangerous head
            start. To address these monitoring and remediation gaps, organizations need to look beyond detection,
            focusing on built-in capabilities to prevent, contain and recover against hardware and firmware attacks.



               5.  A risky second life

            The end of the device lifecycle is fraught with risk. As a result, many organizations often destroy devices
            over security concerns because they find it too difficult to give them a second life, compounding e-waste
            and running counter to sustainability goals. In fact, some 69% of ITSDMs say they have many devices
            that could be repurposed or donated if they could be securely decommissioned.







                                                                                                            172
   167   168   169   170   171   172   173   174   175   176   177