TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources CYBERSECURITY OPERATIONS COMMENTARY Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts. What Organizations Need to Change When Managing Printers Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints. February 9, 2026 3 Min Read SOURCE: RAWPIXEL.COM VIA ADOBE STOCK PHOTO Question: Managed printers are still unprotected. What needs to change on the leadership level to effectively secure printers? Jim LaRoe, CEO of Smyphion: Managed is not the same as protected. When most enterprises "manage" their printers, they focus on uptime and the cost of toner, paper, and repairs. That's not security. Not protection. Printers often make up 20% to 30% of an organization's endpoints. They receive, transmit, process, and store the most sensitive data, and are the softest path to compromise — because no one owns their protection. Here’s the uncomfortable truth: the leadership challenge precedes the technical challenge. There is an ownership vacuum. Printer endpoints are typically owned by the supply chain (cost-focused), usually adjacent to IT (operations-focused) and security (risk-focused). No one has been accountable for their protection. No policies, controls, or KPIs for security means no protection. LOADING... Related:Why You Should Train Your SOC Like a Triathlete A blind spot in the budget. If there's no line-item for printer security, there's no priority. Security without a durable budget becomes a project, not a control or a policy. Supply chains often seek to include security in managed service provider contracts in RFPs. "Management" leads to false confidence. Managed print services optimize print service delivery, uptime and cost. While devices may be managed for toner and break-fix, the managed printer service industry often leaves factory defaults in place, leaving printers open and at risk. Security (protection) adds cost and makes them less competitive; therefore, basic cyber hygiene is not being done. Also, they lack the technology to address the disparities in makes, models, types and ages of printers comprising print fleets. LOADING... Complacency and distraction are part of the problem. Legacy tech is easy to ignore while everyone chases the "new hotness." Attackers don't care. They move through the path of least resistance — default creds, open services, open access, no one watching. Printers have it all for them. Leadership must make organizational changes before addressing the technical issues. Name the risk — and its owner. Assign a single Printer Endpoint Security Owner under the CISO. Publish the owner across Security, Infrastructure/Endpoint, Network, and Supply Chain/Procurement. Until someone is on the hook, nothing moves. Define "protected" at the policy level. Write a plain-language security standard for printer endpoints: identity and access controls, change governance and monitoring. Keep it vendor-agnostic and outcome-based. Don’t settle for an incomplete program. Fund it as a control, not a project. Create a standing budget for continuous cybersecurity hygiene and monitoring of the print fleet. Projects harden once; programs keep it hardened. Given that 20-30 percent of your endpoints are unprotected and virtually invisible, with no cyber hygiene and the associated risk to your business, a security spend should be easily justified. Bake security into procurement. Update RFPs and MSAs: require cross-OEM compatibility, automated compliance reporting, support for enterprise auth/crypto standards. "Managed" deliverables must include protection outcomes, not just device uptime. Integrate into risk and audit. Put printer endpoints in the risk register. Include them in pen tests, tabletop exercises, and compliance audits. If auditors don't ask, you still should. Measure like you mean it. Executive reports, weekly; policy coverage rate across fleet, exception count by business unit (with named owners), time-to-correct configuration drift, percent of devices reporting, percent covered by the current standard, prevalence of reoccurrences. Transparent numbers end arguments. Create consequence and cadence. Quarterly review with the CISO and business unit leaders. Tie open exceptions to accountable owners. Reward teams that hit the standard; escalate those who don’t.The litmus test is simple: could a reasonable auditor verify that your print endpoints are protected with the same rigor as laptops and servers — without a hero, without a meeting, and without vendor spin? If the answer is no, you have an ownership and governance problem, not a technology problem. Related:Securing the Win: What Cybersecurity Can Learn From the Paddock More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Ransomware and the Supply Chain: A Fireside Chat with the CISOs Who Literally Wrote the Book on Third-Party Risk The Hidden AI Attack Surface: How GenAI Tools Expand Data Exposure Risk Beyond the Model: The Expanded Attack Surface of AI Agents AI-Powered Threat Hunting: Staying Ahead of Evolving Attack Patterns AI-Powered Cloud Security Posture Management More Webinars You May Also Like CYBERSECURITY OPERATIONS Japan Goes on Offense With New 'Active Cyber Defense' Bill by Nate Nelson, Contributing Writer FEB 13, 2025 CYBERSECURITY OPERATIONS JSON Config File Leaks Azure ActiveDirectory Credentials by Elizabeth Montalbano, Contributing Writer SEP 02, 2025 CYBERSECURITY OPERATIONS From FBI to CISO: Unconventional Paths to Cybersecurity Success by Kristina Beek SEP 23, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Latest Articles in The Edge СLOUD SECURITY 'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption FEB 6, 2026 CYBERSECURITY OPERATIONS Cyber Success Trifecta: Education, Certifications & Experience FEB 5, 2026 CYBER RISK Dark Patterns Undermine Security, One Click at a Time FEB 3, 2026 CYBERSECURITY OPERATIONS From Quantum to AI Risks: Preparing for Cybersecurity's Future JAN 29, 2026 Read More The Edge Edge Picks APPLICATION SECURITY AI Agents in Browsers Light on Cybersecurity, Bypass Controls CYBER RISK Browser Extensions Pose Heightened, but Manageable, Security Risks CYBERSECURITY OPERATIONS Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds ENDPOINT SECURITY Extension Poisoning Campaign Highlights Gaps in Browser Security Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us NEWSLETTER SIGN-UP Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466. Home| Cookie Policy| Privacy| Terms of Use