New Survey Results: Cyber Decision Makers Are Unaware about the State of Firmware Security

Posted on September 29, 2022
Author: RunSafe Security

Table of Contents:

New Survey Results: Cyber Decision Makers Are Unaware about the State of Firmware Security

Are Cyber Risk Decision Makers Truly Informed?

What Tools Are Available to Fill Cyber Knowledge Gaps?

 

The software world continues to undergo dramatic change. From digital transformation to devops and shift left, organizations are re-inventing their software development lifecycle processes with an eye for automation and agile or continuous practices.

With that said, understanding risk across your software infrastructure includes understanding the supply chain in detail.  Most organizations are still struggling to secure the embedded firmware their devices and supply chains rely upon, leaving themselves extremely vulnerable. 

Protect Cyber Vulnerabilities

Are Cyber Risk Decision Makers Truly Informed?

Eclypsium conducted a survey to determine how much cyber risk decision makers in financial services companies know (or don’t know) about the state of firmware security in their device fleet and supply chains. 

Eclypsium surveyed a total of 350 IT security DM respondents, from organizations with a minimum of 1,000 employees in May 2022. The respondents originated from a variety of locations, including the US (150), Canada (50), Singapore (50), Australia and New Zealand (50) and Malaysia (50). All respondents were from organizations in the financial services sector.

Key Findings

  • 76% of IT security decision makers (DMs) in the finance industry have gaps in their awareness concerning their organization’s firmware blind spot.
  • 91% are concerned about the gap in firmware security in their organization’s digital supply chains.
  • 92% admit that cyber criminals are better equipped to attack firmware than their organization is at protecting it.
  • 88% are aware that their organization has been the victim of a firmware- level attack in the last two years.
  • 93% of IT security DMs are surprised by the lack of insight into current firmware threats.

What Tools Are Available to Fill Cyber Knowledge Gaps?

RunSafe Security protects firmware for several organizations and specializes in reducing risk across your software supply chain—whether open source, third party, or proprietary code. See what RunSafe’s product lineups can do for you with a hassle-free trial.

RunSafe Security’s 2025 Product Security Predictions

RunSafe Security’s 2025 Product Security Predictions

Product security has come a long way since  the early 2000s to the current iterations we’re seeing today. From CISA’s focus on Secure by Design to the growing emphasis on software supply chain security, software manufacturers, software buyers, and regulatory...

read more