The cybersecurity budget in 2023 it will not be unlimited, so HP stresses the importance of choosing where to invest. Good governance is about more than just regulatory compliance: it is about properly managing company resources, including budgets. At a time when there are a large number of security issues, it will be essential to understand which areas expose the company to the greatest risk.
Those tasked with managing security spend need to think about the organization’s stage of business—what makes it unique—as well as understand the risk appetite and development position of the corporation or business, if in a phase of introduction, growth, maturity or pivoting towards a new market. These factors provide information to business professionals and will help them contextualize which assets to focus on and where new risks may arise. Subsequently, it will be possible to determine the key areas to which to give priority and what investments are necessary.
It is important to consider how certain risks can be grouped. For example, if it is a service company in which its workers are its most valuable “assets”, the application of technologies such as insulation can help defend against the most common attacks targeted at those workers, such as phishing and social engineering. Similarly, the supply chain can be a major risk area. There may be basic security gaps within your supply chain that need to be addressed. That’s why companies are turning to companies like Threathunter to be proactive about their cybersecurity needs.
Simply put, knowing the highest risk areas across the enterprise, knowing where attacks are most likely, and knowing how much you can invest. With a solid cybersecurity foundation, maximum resilience can be guaranteed against any unforeseen event.
By 2023, sophisticated firmware attacks will become widespread and cybercriminals will continue to invest in attacks that take advantage of the physical access to endpoint devices.
firmware security
In 2023, organizations must take control of firmware security. Firmware attacks were previously only used by so-called sophisticated Advanced Persistent Threat (APT) groups and nation states. But in the past year, we’ve seen signs of increased development and sharing of capabilities in the cybercriminal community, from tools for hacking BIOS passwords to rootkits and Trojans targeting the BIOS and Unified Extensible Firmware Interface (UEFI) of computers. devices. now we see rootkits of firmware advertised for a few thousand dollars on the cybercrime markets.
sophisticated attacks, at affordable prices, they increase in demand as they go from hand to hand. We should expect to see an increase in these types of sales ads in the cybercrime underground, and in turn, more firmware attacks.
Beyond software designed to attack firmware, there is also growing concern around physical attacks. These seek to exploit physical access to a computer to manipulate the devices and introduce malware locally into the firmware or software.
Firmware-level access allows attackers to gain constant control and hide under the device’s operating system, making them very difficult to detect, let alone remove such malware and regain control of the computer. Organizations should ensure they are aware of industry standards and best practices for device firmware and hardware security. They must also know and evaluate the latest technology available to protect, detect, and recover from these types of attacks, such as HP Sure Start, Sure Recover, Sure Admin, or Tamper Lock.
It is key that organizations start asking the right questions about how devices are designed with security and resiliency in mind, including hardware and firmware levels, and consider this during procurement to support their endpoint infrastructure in the future. next years.
2023 could be the critical time for printer security, as the leak of nation-state techniques increases the possibility that cybercriminal groups take advantage of printers to obtain economic benefits.
In 2023, we could see a tipping point for print security, as nation-state techniques that exploit printers spill over into the broader cybercrime economy, just as we saw with the EternalBlue leak. This will lead to cybercriminal groups taking advantage of printers for financial gain. There are many reasons to do this, as accessing the printers could allow attackers to obtain sensitive documents and data for ransomware purposes, or use the printer as an access point to other devices on corporate networks.
To aid attackers in these efforts there are a large number of exposed and insecure printing devices that handle sensitive information and even connect to corporate devices. Getting hold of these devices will be really easy, since no one really sees your printer as an attack vector.
To defend against attacks on printers, organizations they must improve the structure of cybersecurity. Printer security can no longer be ignored. Updates should be applied regularly, and devices should be regularly monitored and scanned for violation status. Bypassing printer security leaves a yawning hole in your cybersecurity posture, one that attackers can easily penetrate to the most important components of your organization.
Carlos Manero, Digital Services Business Development Manager at HP.
