Home > NewsRelease > Low-Cost Goods and Services May Cost More in the End
Low-Cost Goods and Services May Cost More in the End
James Goepel -- Fathom Cyber LLC James Goepel -- Fathom Cyber LLC
For Immediate Release:
Dateline: Philadelphia , PA
Monday, July 08, 2019


We have written before about the importance of good vendor selection and vendor risk management processes or companies. The article below helps reinforce this. As research conducted by Finite State and ReFirm Labs shows, many low cost devices, including network equipment, mobile devices, and IoT devices, include flaws in their firmware (the low-level software that controls how the equipment operates) that can allow an attacker to take complete control over the equipment. When reported to the vendors, in some cases the vulnerabilities are allowed to persist, and in other cases they are simply moved to other parts of the firmware, suggesting that these are intentionally planted.

Some organizations may feel that their internal data is not worth a criminal’s time, and that the risks associated with the low-cost goods may be acceptable. However, it is important to recognize that most organizations have partner and customer data, such as business plans, buying habits, intellectual property, and the like. This information is often the criminals’ ultimate goal, not merely the data belonging to the organization itself.

As your company evaluates new equipment, it is important to understand that price alone should not be the determining factor. In some cases, low-cost goods can wind up costing you more by introducing vulnerabilities that ultimately lead to cybersecurity incidents and data breaches.


News Media Interview Contact
Name: James Goepel
Title: CEO and General Counsel
Group: Fathom Cyber
Dateline: North Wales, PA United States
Direct Phone: 215-648-1950
Cell Phone: 703-593-5460
Jump To James Goepel -- Fathom Cyber LLC Jump To James Goepel -- Fathom Cyber LLC
Contact Click to Contact
Other experts on these topics