Embracing Digital Transformation
Episode #341: The Hidden Cyber Threats in Printers and IoT Devices
Host: Dr. Darren Pulsipher
Guest: Jim Lareau, CEO of Symphion, IoT Cybersecurity Expert
Date: April 9, 2026
Episode Overview
This episode exposes the overlooked cybersecurity risks associated with printers and IoT devices in enterprise settings, especially within critical sectors like healthcare. Dr. Darren Pulsipher talks with Jim Lareau, who brings a unique background as both a trained engineer and seasoned trial lawyer, about why these seemingly benign endpoints pose serious threats, how the industry’s approach contributed to their vulnerability, and what organizations can do to gain control over this hidden attack surface. The conversation blends technical insights, regulatory implications, and the deep-rooted cultural challenges that keep organizations from securing this persistent attack vector.
Key Discussion Points, Insights & Memorable Quotes
Jim Lareau’s Origin Story & The Printer Problem
- Jim’s unique path: Engineer by training, became a Texas trial lawyer, now CEO of Symphion, focusing on printer and IoT endpoint security.
- “I'm a engineer by education from Rice University... But I went to the dark side and became a Texas trial lawyer… Now we're focused on the printer endpoint.” (01:24)
- Contextualizing printers as critical, overlooked endpoints:
- Printers still account for 20% of enterprise network endpoints—often seen as passive, benign, and forgotten.
- “Across all enterprise, all industries, printers... account for 20% of their network endpoints. In healthcare... they're 20 plus percent... critical in the critical workflows.” (04:30)
The Scope and Nature of the Risk
- Unprotected endpoints:
- “99% [of printers] are outside of protection. They're unprotected.” (06:08)
- Enterprises routinely manage over 30,000 printer endpoints.
- Multiple attack vectors:
- “The threat landscape for a printer on the network is really 360 degrees. It can be... from outside the network, internal network, physical access, hard drive access, access from the systems it communicates with, like email or LDAP or the file server system.” (07:38)
- Printers have evolved into complex business machines, now with:
- Built-in web, email, fax, FTP servers
- Large, often unprotected hard drives
- “A multifunction device has a built-in web server. It has a built-in email server, a fax server, a FTP server... business enabling ports, protocol services... remote control and communications. They're all sitting wide open.” (11:29)
- Real-world attacks and neglect:
- Numerous public attacks (e.g., 2015: hacktivists pushing content to 150,000 printers; 28,000 printers received unsolicited security tips).
- Manufacturers build hardening features—but overwhelmingly, these are not configured or used due to operational risk and lack of ownership.
Printers as the “Mount Everest” of IoT Risk
- Comparison to critical infrastructure/OT:
- “It’s very much like an operational technology or an OT device... maybe the poster child of what's wrong with critical infrastructure and cyber security.” (12:57)
- “In the Internet of Things world... [the printer] is the top of Mount Everest as far as the most mature, most configurable IoT endpoint. Manufacturers have competed on features to build in business. [Soon] they're going to put AI in the printers.” (13:38)
Fundamental Causes: Cultural, Organizational & Procurement Problems
- Printers are procured like disposable medical supplies—by supply chain, not IT or security.
- “They’ve grown up... like rubber gloves and syringes... managed print services... tens of billions of dollars in the market...” (11:29)
- “It's an organizational problem... The risk needs an owner. It needs a budget for the risk and it needs an enforcement standard and someone to audit that enforcement.” (21:27)
- Reset to factory default is common practice after printer servicing, erasing all security hardening.
- “The human behavior of the print industry for 40 years has been to reset to factory defaults after a service.” (25:25)
Exploitation Scenarios: From Cloning to Credential Harvesting
- Printers as network beachheads:
- “I could go get [stored administrator-level credentials] off a printer that's sitting out in the X ray department and nobody will even know it.” (00:00, 17:57)
- Attackers can:
- Clone endpoints, escalate privileges, harvest credentials, and pivot to other systems.
- “So I could go get that off a printer that’s sitting out in the X ray department and nobody will even know it.”
- “I can totally clone that. I can totally clone that endpoint. Do whatever I want.” (00:18, 19:22)
- Healthcare impact:
- Hospital workflows, admissions, specimen management are printer-dependent.
- “Our hospital cannot operate without the printer. So it's still embedded in the revenue, at risk of workflows…” (15:48)
The Insurance & Regulatory Consequences
- Coverage denials:
- “You'll get denied coverage probably... Underwriting... is looking for [endpoint security]. You can’t fib... they'll use that to come deny coverage later.” (20:20)
- Default equals negligence:
- “It's almost like you're... de facto negligent because you're not taking care of this endpoint.” (21:01)
What Can Organizations Do?
- Most organizations are unaware or don’t know how to start:
- “They don't know what to do. They don't know what to do and we gotta fit in. Everybody's IT ecosystem is like we're all humans, right?... Some of them had never heard.” (27:50)
- Assign risk ownership, budget, and operational enforcement:
- This is an “air-to-breathe” principle for effective endpoint security.
- Solutions include:
- Software/services that manage the full lifecycle: inventory, firmware, certificates, passwords, and policy enforcement across diverse, aging fleets.
- “We built a closed loop system... software that controls across all makes, models, versions, ages and firmwares... no operational lift for the customers, made it affordable.” (23:38)
- “One of the things we just launched in January is a closed loop system for [certificates]... we gather the CSR, submit it to their CA, get it issued and put it back on, put it on the device and manage it life cycle.” (24:50)
Notable Quotes & Timestamps
- “I could go get that [administrator credentials] off a printer... and nobody will even know it.”
— Jim Lareau, (00:00, 17:57) - “I can totally clone that endpoint. Do whatever I want.”
— Darren Pulsipher, (00:18, 19:22) - “Across all enterprise... printers... account for 20% of their network endpoints.”
— Jim Lareau, (04:30) - “99% [of printers] are outside of protection. They're unprotected.”
— Jim Lareau, (06:08) - “The threat landscape for a printer... is really 360 degrees.”
— Jim Lareau, (07:38) - “A multifunction device has a built-in web server. It has a built-in email server, a fax server, a FTP server... and it's not being utilized [safely].”
— Jim Lareau, (11:29) - “It's almost like... you're de facto negligent because you're not taking care of this endpoint.”
— Jim Lareau, (21:01) - “It's more a programmatic approach to this... includes documentation, everything that you would want... for basic cyber hygiene. It's a standards based program.”
— Jim Lareau, (31:15)
Key Segment Timestamps
- [01:24] – Jim Lareau’s background; transition from engineering to trial law and eventually to IoT cybersecurity.
- [04:30] – Eye-opening statistics on printer endpoints’ share and significance in enterprises.
- [06:08] – The scale of unprotected printers and fleet management challenges.
- [07:38] – Detailed breakdown of printer attack surfaces.
- [09:17] – USB and network vulnerabilities, historic hacks, and lingering operational gaps.
- [11:29] – Printers as business computers, not mere peripherals; the misalignment of procurement and security.
- [13:38] – Printers as the “Mount Everest” of IoT risk and the future with AI-enabled devices.
- [17:23] – Discussion of how printers transmit and store credentials for other enterprise systems.
- [19:22] – Potential for full compromise and lateral network attacks via printers.
- [20:20] – Cyber insurance and legal fallout for unprotected endpoints.
- [23:38] – Closed loop system for endpoint certificate management and operationalization.
- [25:25] – Deeply ingrained “set and forget” industry behavior; security settings wiped after maintenance.
- [27:50] – Education, widespread lack of awareness, and need for cultural change.
- [31:15] – Symphion’s consultative, customizable approach and standards-based recommendations.
Conclusion
Printers and similar IoT devices sit at the intersection of technological complexity, operational legacy, and organizational neglect. This episode powerfully demonstrates why these endpoints represent a huge, hidden cyber threat—one that parallels some of the most vulnerable critical infrastructure. Solving it requires not just technical products, but broad cultural and organizational transformation. As Jim Lareau highlights, actionable solutions do exist, but organizations must first acknowledge the scope of the problem, assign ownership, and enforce standards as rigorously as they do for any other digital asset.
For more information or to contact Jim Lareau:
Visit symphion.com and click the “Take Action Now” button.
(30:09)