More than 80 percent of enterprises have experienced at least one firmware attack in the past two years. Only 29 percent of security budgets goes to firmware security, according to Microsoft survey. Security teams are more focused on detection and incident response rather than prevention of firmware attacks, report says. Only 36 percent of businesses have invested in hardware-based memory encryption and less than half (46 percent) are investing in hardware security features such as kernel data protection. A full 21 percent of decisionmakers admitted that their firmware data goes unmonitored today.
Source: https://threatpost.com/enterprises-firmware-cyberattacks/165174/