Printers, once overlooked as mere office hardware, are now becoming weak points in enterprise cybersecurity, according to new findings by HP Wolf Security. The report uncovers widespread negligence around printer security, particularly when it comes to firmware updates and lifecycle management.
Only 36% of IT and security leaders apply firmware updates in a timely manner, despite teams spending an average of 3.5 hours monthly per printer to manage related issues. Steve Inch, HP’s global senior print security strategist, emphasized that modern printers are smart, connected devices storing sensitive data — making them prime targets for cybercriminals.
“If attackers compromise these devices, they can extract confidential information for extortion or sale,” said Inch. “Printers with outdated firmware or poor security standards provide an easy entry point into corporate networks.”
The report reveals systemic failures in printer procurement and lifecycle practices. Just 38% of organizations reported collaboration among procurement, IT, and security teams to define printer security requirements. Additionally, many fail to involve IT in vendor discussions or review technical security documentation, leaving critical gaps unaddressed.
Shockingly, over half of the respondents admitted they can’t verify whether a printer was tampered with during manufacturing or transit. Once installed, only a third can detect firmware vulnerabilities or unauthorized hardware changes. At the end-of-life stage, 86% cited data security as a barrier to safe disposal or resale, with many opting to destroy drives — or entire printers — to mitigate risks.
HP Wolf Security urges companies to integrate printer security into broader cybersecurity frameworks. This includes cross-functional coordination, prompt firmware updates, selecting devices with secure erasure features, and enforcing policy-based configuration tools.
“By embedding security into every stage of the printer lifecycle, businesses can enhance endpoint resilience, reduce long-term costs, and strengthen overall infrastructure,” said Boris Balacheff, HP’s chief technologist for security research and innovation.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: ITPro.com
