News

HP Wolf Security Study Reveals Alarming Platform Security Gaps In Device Lifecycle

Published

10 months ago

December 12, 2024

HP Inc. (NYSE: HPQ) has released a new report highlighting the far-reaching cybersecurity implications of failing to secure devices at every stage of their lifecycle.

This was made known in a statement released on December 12, 2024.

The findings show that platform security, securing the hardware and firmware of PCs, laptops, and printers, is often overlooked, weakening cybersecurity posture for years to come.

The report, based on a global study of 800+ IT and security decision-makers, ITSDM, and 6000+ work-from-anywhere employees, shows that platform security is a growing concern, with 81% of IT decision-makers agreeing that hardware and firmware security must become a priority to ensure attackers cannot exploit vulnerable devices.

However, 68% report that investment in hardware and firmware security is often overlooked in the total cost of ownership for devices. This is leading to costly security headaches, management overheads, and inefficiencies further down the line.

According to the statement, Key findings from across the five stages of the device lifecycle include:
Supplier Selection: In addition, 34% say a PC, laptop or printer supplier has failed a cybersecurity audit in the last five years, with 18% saying the failure was so serious that they terminated their contract. 60% of ITSDMs say the lack of IT and security involvement in device procurement puts the organization at risk.

Onboarding and Configuration: More than half (53%) of ITSDMs say BIOS passwords are shared, used too broadly, or are not strong enough. Moreover, 53% admit they rarely change BIOS passwords over the lifetime of a device.

Ongoing Management: Over 60% of ITSDMs do not make firmware updates as soon as they’re available for laptops or printers. A further 57% of ITSDMs say they get FOMU (Fear Of Making Updates) in relation to firmware. Yet 80% believe the rise of AI means attackers will develop exploits faster, making it vital to update quickly.

Monitoring and Remediation: Every year, lost and stolen devices cost organizations an estimated $8.6bn. One in five WFA employees have lost a PC or had one stolen, taking an average 25 hours before notifying IT.

Second Life and Decommissioning: Nearly half (47%) of ITSDMs say data security concerns are a major obstacle when it comes to reusing, reselling, or recycling PCs or laptops, while 39% say it’s a major obstacle for printers.

“Buying PCs, laptops or printers is a security decision with long-term impact on an organization’s infrastructure. The prioritization, or lack thereof, of hardware and firmware security requirements during procurement can have ramifications across the entire lifetime of a fleet of devices – from increased risk exposure, to driving up costs or negative user experience – if security and manageability requirements are set too low compared to the available state of the art,” warns Boris Balacheff, Chief Technologist for Security Research and Innovation at HP Inc.

Balacheff continues: “It’s essential that end-user device infrastructures become resilient to cyber risks. This starts with prioritizing the security of hardware and firmware and improving the maturity of how they are managed across the entire lifecycle of devices across the fleet.”

The report highlights the growing need for IT and security to be part of the procurement process for new devices, to set the requirements and verify vendor security claims, Oversights in the supplier selection process and onboarding and configuration limitations impact device security across the lifecycle.

52% of ITSDMs say procurement teams rarely collaborate with IT and security to verify suppliers’ hardware and firmware security claims.
45% of ITSDMs admit they have to trust suppliers are telling the truth as they don’t have the means to validate hardware and firmware security claims in RFPs.
48% of ITDMS even say that procurement teams are like “lambs to the slaughter” as they’ll believe anything vendors say.

78% of ITSDMs want zero-touch onboarding via the cloud to include hardware and firmware security configuration to improve security.
57% of ITSDMs feel frustrated at not being able to onboard and configure devices via the cloud.
Almost half (48%) of WFA workers who had a device delivered to their home complained that the onboarding and configuration process was disruptive.

“You will always need to choose technology providers you can trust. But when it comes to the security of devices that serve as entry points into your IT infrastructure, this should not be blind trust,” comments Michael Heywood, Business Information Security Officer, Supply Chain Cybersecurity at HP Inc. “Organizations need hard evidence – technical briefings, detailed documentation, regular audits and a rigorous validation process to ensure security demands are being met, and devices can be securely and efficiently onboarded.”

Challenges and frustrations around the ongoing management, monitoring and remediation of devices, 71% of ITSDMs say the rise in work-from-anywhere models has made managing platform security more difficult, impacting worker productivity and creating risky behaviors:

One in four employees would rather put up with a poor-performing laptop than ask IT to fix or replace it because they can’t afford the downtime.
49% of employees have sent their laptop to be repaired, and say this took over 2.5 days to fix or replace the device, forcing many to use their personal laptop for work or to borrow one from family or friends, blurring the lines between personal and professional use.
12% had an unauthorized third-party provider repair a work device, potentially compromising platform security and clouding IT’s view of device integrity.

Monitoring and remediating hardware and firmware threats to prevent threat actors accessing sensitive data and critical systems is vital. However, 79% of ITSDMs say their understanding of hardware and firmware security lags behind their knowledge of software security. Moreover, they lack mature tools that would give them the visibility and control they would want to manage hardware and firmware security across their fleets:

63% of ITSDMs say they face multiple blind spots around device hardware and firmware vulnerabilities and misconfigurations.
57% cannot analyze the impact of past security events on hardware and firmware to assess devices at risk.
60% say that detection and mitigation of hardware or firmware attacks is impossible, viewing post-breach remediation as the only path.

“Post-breach remediation is a losing strategy when it comes to hardware and firmware attacks,” warns Alex Holland, Principal Threat Researcher in the HP Security Lab. “These attacks can grant adversaries full control over devices, embedding deep within systems. Traditional security tools are blind to these threats as they tend to focus on the OS and software layers, making detection nearly impossible. Preventing or containing these attacks in the first place is critical to stay ahead, or else organizations risk a threat they cannot see and cannot remove.”

Second life and decommissioning: how data security concerns are leading to an e-waste epidemic

Platform security concerns are also impeding organizations’ ability to reuse, recycle or resell end of life devices:

59% of ITSDMs say it’s too hard to give devices a second life and so they often destroy devices over data security concerns.
69% say they are sitting on a significant number of devices that could be repurposed or donated if they could sanitize them.
60% of ITSDMs admit their failure to recycle and reuse perfectly usable laptops is leading to an e-waste epidemic.

Complicating matters further, many employees sit on old work devices. This not only prevents devices from being repurposed, but it also creates data security risks around orphaned devices that still may carry corporate data.

70% of WFA employees have at least 1 old work PC/laptop at home or in their office workspace.
12% of WFA workers have left a job without returning their device right away – and almost half of these say they never did.

More than two thirds (69%) of organizations say their approach to managing device hardware and firmware security only addresses a small part of their lifecycle. This leaves devices exposed, and teams unable to monitor and control platform security from supplier selection to decommissioning.

Addressing these platform security gaps, HP Wolf Security recommends a comprehensive approach to managing device hardware and firmware security across the entire lifecycle. This includes collaborative supplier selection and auditing, secure zero-touch onboarding and configuration, ongoing monitoring and management, effective monitoring and remediation, and secure decommissioning and second-life management.

News

Snoop Dogg ‘In Love’ With Australian Rules Football

Published

5 hours ago

September 25, 2025

Editor

American rapper Snoop Dogg said he was “in love” with Australian Rules football Thursday, ahead of a controversial performance at the sport’s grand final.

The 53-year-old will take to the stage at the Melbourne Cricket Ground on Saturday, which will be jammed with up to 100,000 fans watching as Geelong face Brisbane.

“I’ve been coming to this country for years and I understand what this game is and what it means,” he told Australian media at a function where no questions were permitted.

“I know that it’s not just a sport, it’s a way of life. I just fell in love with the sport,” he added.

“I always would watch it, but never really understood it.

“It reminded me of American football, rugby and a couple of other things, but now that I understand it, I like it and want to know more about it before the grand finale.”

AFL, which is similar to Ireland’s Gaelic football, traces its roots back to 1858 and is Australia’s most popular spectator sport.

Snoop Dogg was a controversial pick for the grand final entertainment, given his past use of misogynistic and offensive lyrics in some of his songs.

The AFL was accused of hypocrisy for hiring him in August while at the same time banning Adelaide star Izak Rankine for four games over a homophobic slur against an opponent.

AFL chief Andrew Dillon defended the decision to hire the American, whose real name is Calvin Broadus.

“I’ve been really confident with the choice of Snoop,” he said.

“He’s performed at the Olympics, he’s performed at a Super Bowl, and he’ll suit our stage.”

AFP

News

Key Takeaways From Nigeria’s UNGA Address

Published

6 hours ago

September 25, 2025

Editor

Nigeria went into the 80th session of the United Nations General Assembly, UNGA with an ambitious agenda.

Speaking on behalf of the country on Wednesday, Vice-President Kashim Shettima outlined demands that touch on everything from global governance to economic opportunity.

Prior to the debate, Nigeria would press for representation in the UN security council, global finance architecture changes, and address the Palestinian statehood debate.

The Vice President pushed for those reforms, stressing that they were crucial to Africa’s future and the balance of international order.

DAILY POST highlights major takeaways from Shetimma’s speech.

DEMAND FOR UN COUNCIL SEAT

Shettima started his speech by criticising what he described as the “slow pace of progress” at the UN.

He explained that the troubling signs had forced nations to dismiss the fairness of the multilateral institution and charged the global body to make changes that work.

One of the changes, Shettima argued, is Nigeria’s permanent representation at the UN security council.

“A stabilising force in regional security and a consistent partner in global peacekeeping, our case for permanent seat at the Security Council is a demand for fairness, for representation, and for reform that restores credibility to the very institution upon which the hope of multilateralism rests.

“We are despised by terrorists because we choose tolerance over tyranny. Their ambition is to divide us and to poison our humanity with a toxic rhetoric of hate,” he said.

FAIRNESS IN MINERAL MINING

The Vice president frowned at the exploitative mining on the continent, lamenting that they leave African nations impoverished.

Shettima agreed that international investments offer a way out of decay but noted that African countries must also benefit from the process.

“We know in Nigeria, that we are more stable when those communities that have access to key resources are able to benefit from those resources. This has been our journey in the oil producing region of the Niger Delta,” he said.

“I believe that we will strengthen the international order, when those countries that produce strategic minerals benefit fairly from those minerals — in terms of investment, partnership, local processing and jobs,” he said.

BRIDGING THE DIGITAL DIVIDE

Shettima also made the case for Africa’s inclusion in technological advancements to bridge the digital divide through the creation of a “dedicated initiative” that would bring researchers, private sector, governments and communities together.

He said, “As we stand on the threshold of new and dramatic technological change, we are still absorbing the impact of the revolution in information and communication of the past 20 years.

“We understand better than we did, the opportunities technology offers as well as the safeguards we need to enable growth and mitigate the potential for corrosion. Some worry about fake news. We have plenty of that, with the potential of devastating real-world consequences in countries rich and poor.”

ESTABLISHMENT OF GLOBAL FINANCE COURT

The second demand was a call for measures that would oversee the restructuring of the global finance architecture.

Shettima said the increasingly difficult security outlook in the world has prompted many countries to count the cost of the emerging world order.

“We in Nigeria are already familiar with such difficult choices: infrastructure renewal or defence platforms? schools or tanks.

“We can take that progress to the next level, a level that presents new opportunities for trade, investment and profit, if we can access reforms to strengthen the international financial architecture,” he added.

CLIMATE CHANGE NOT AN ABSTRACT ISSUE

Shettima took a different position from US President Donald Trump who called climate change the “greatest con job” of all time.

The vice-president asked the UN to re-examine the best use of its scarce resources by addressing climate change.

“It is not an abstract issue about an indeterminate fate, to be settled at some distant point in the future,” he said.

CONDEMNATION OF ISRAEL, SUPPORT FOR PALESTINE

Nigeria has long recognised Palestine as a state since 1988. But at UNGA, Shettima joined the clarion call for a two-state solution.

He condemned Israel’s war in Gaza, saying the tensions scar the wider region.

“We do not believe that the sanctity of human life should be trapped in the corridors of endless debate. That is why we say, without stuttering and without doubt, that a two-state solution remains the most dignified path to lasting peace for the people of Palestine.

“The people of Palestine are not collateral damage in a civilisation searching for order. They are human beings, equal in worth, entitled to the same freedoms and dignities that the rest of us take for granted,” he stated.

News

Ajayi Crowther Varsity Appoints First Female VC

Published

8 hours ago

September 25, 2025

Editor

The Governing Council of Ajayi Crowther University, Oyo, has announced the appointment of Prof. Ebunoluwa Oduwole as the new Vice-Chancellor of the university.

This was contained in a statement issued by the university and made available to The PUNCH on Thursday.

In the statement, the outgoing Vice-Chancellor, Prof. Timothy Adebayo, was hailed as an exceptional and distinguished administrator, “whose leadership over the past five years elevated the institution to new heights.”

Adebayo’s tenure as ACU VC comes to an end at the end of this month.

Speaking during a ceremony held to celebrate Prof Adebayo after the University’s Governing Council meeting on Wednesday, Chairman of the council and Pro Chancellor of the University, Dr Olutoyin Okeowo, said that the external auditor’s report submitted to the council indicated ‘tremendous’ growth while also unveiling Prof Ebunoluwa Oduwole as the incoming Vice-Chancellor.

READ ALSO:

Okeowo said, “Between the period that Prof Adebayo became the Vice-Chancellor in 2020 and now, this University has witnessed tremendous growth. I must say that this growth is being recorded at a time that the nation is going through a challenging economy.

“Those in economic management and finance expert will understand this; if you look at the micro economic indices of the country in the past five years, you would see that it has been quite challenging. Most institutions that are not well managed or do not have someone that is very creative and disciplined at the helms of affairs are not likely to stand the economic storm we have had in this country.

“But Prof Adebayo has been able to ensure yearly growth of this University. I want o say this is highly commendable. On behalf of Anglicans in the Supra West, I want to say thank you.”

The Pro-Chancellor expressed appreciation for the support of the University’s management, principal officers and all staff in ensuring the success of Prof. Adebayo’s tenure, noting that the council recognises their contributions and remains grateful to everyone.

READ ALSO:

Okeowo continued, “In our meeting today, it was made clear that a tree does not make a forest. Prof Adebayo has achieved so much simply because he has a team; dedicated team, principal officers and members of the University’s staff. You all contributed to his success in the past five years, so on behalf of all Anglicans in the Supra West, I want to say thank you to you all. It is a team work that worked so well”

The council chairman restated the goal of the council to develop the University and elevate its ranking among the best institutions in the world.

“When we came on board, we had a clear goal and objective that this University must be ranked among the best 1000 Universities in the world. That is still our objective and I have the assurance that you can still deliver on that,” he said

Okeowo also introduced Prof Adebayo’s successor, Prof Ebunoluwa Oduwole, calling for the cooperation of all staff to ensure that she also records a successful tenure in office.

READ ALSO:

“Let me also use this opportunity to welcome the incoming Vice Chancellor, Prof, Mrs Ebunoluwa Oduwole. She is making history as the first female Vice-Chancellor of this University. I am sure that you will give her the best cooperation so that she will excel in all ramifications. Support he also with your prayers,” said Okeowo.

While praising the outgoing Vice-Chancellor, Archbishop of Ibadan Province, The Most Rev’d Willliams Aladekugbe, who is also a member of the governing council, said it was not a mistake that Prof. Adebayo was chosen five years ago to lead the University.

“The choice of Adebayo was not a mistake but a blessing. Under his watch, the University has recorded several achievements in academic and infrastructural developments. It means God was with us while making the choice,” said Aladekugbe.

READ ALSO:

The outgoing VC Adebayo had, on June 20, 2025, lauded the Mind Education programme, which has been integrated into the university’s curriculum, as a “highly impactful initiative” that is already yielding significant positive outcomes for its students.

Speaking after a three-day Mind Education Camp, spearheaded by the Dean of the Faculty of Education, Professor Ronke Ogunmakin, and supported by a team of Mind Educators from South Korea, Adebayo highlighted the programme’s global reach and proven track record.