A new working group convened by the British Security Industry Association (BSIA) aims to cover the risk of product-related cyber-crime.
The Cyber Security Product Assurance Group (CySPAG) met for the first time last month to define its objectives and lay the groundwork for projects that aim to provide education and guidance on best practice in cyber resilience to product manufacturers, installers and users.
The group’s initial discussions were attended by representatives of 18 BSIA member companies from a range of industry sub-sectors, and focused on the increasing connectivity of security systems and how the growing links to home and business networks can leave individuals and companies vulnerable to cyber-attacks.
Paul Phillips, Technical Manager at the BSIA is convenor of the group. He said afterwards: “Any single system can be subject to a number of vulnerabilities at different stages of its life-cycle, so its resilience depends not only on initial product design but also on proper installation and configuration as well as responsible use and maintenance by the end customer. The CySPAG group’s primary objective is to provide best practice guidance at every stage of this chain, from design and testing to installation and maintenance.”
The potential implications of system and network vulnerability can range greatly depending on the nature and the application of the product or system itself. For the domestic user, the greatest risk may be the ability of hackers to access personal data via the home network, whereas at the opposite end of the scale could be the ability of thieves or terrorists to shut down surveillance cameras, sensors and alarm systems prior to an attack.
Highlighting the risks and ways in which these can be mitigated will be the initial focus of the BSIA’s new working group, which aims to provide all member companies with a toolkit of information that they can use to provide informed guidance to customers and industry partners, whatever their industry sector.
Paul Phillips adds: “The development of the CySPAG working group is just one element of the Association’s renewed focus on the issue of cyber security. This wider project is also set to deliver a dedicated web page providing advice and guidance as well as an informative seminar, to be launched in early summer.”
BSIA member companies interested in becoming involved with the CySPAG working group can contact Paul Phillips on [email protected].
Visit www.bsia.co.uk/join-the-bsia.
