- Security TWENTY
- Women in Security
Hikvision UK & Ireland has welcomed the upcoming UK ‘Secure by Default’ standards, which aim to provide a guarantee for users that network video security products are as secure as possible in their default settings in the box. The voluntary standard is due to be launched by UK Surveillance Camera Commissioner Tony Porter on Thursday, June 20, the third and final day of IFSEC International, as part of the first National Surveillance Camera day.
According to the security consultant leading the cyber strand of the Surveillance Camera Commissioner’s strategy, Mike Gillespie, the concept behind the new set of standards is that network video products will ship to installers in the most hardened, cyber-security-optimal form possible, with default settings which provide minimal vulnerabilities on first use.
Hikvision was among the manufacturers invited to take part in the process of developing these landmark standards, working with the UK Surveillance Camera Commissioner alongside four other major video surveillance manufacturers. The standards form part of a wider set of cyber security proposals from the Surveillance Camera Commissioner for the UK Home Office.
As featured in the May 2019 print issue of Professional Security magazine, Gary Harmer, UK & Ireland Sales Director for Hikvision, said the initial standard offers an introductory base level for product conformance, with further certification levels to follow.
Harmer said: “The Surveillance Camera Commissioner will outline the initial self-certification process at IFSEC International on June 20. Going forward we expect that higher levels of product cyber security will be introduced, including different grades such as we have seen in the intruder alarm market, and these would likely require third-party certification. This is just the beginning in terms of default network video security standards. We will continue to collaborate across the security industry and beyond to support the development of increasing standards and further security levels for all.”
Hikvision points to its other cybersecurity standard work, gaining:
– ISO 27001: Information security management
– ISO 28000: Supply Chain Security Management
– CMMI5: Capability Maturity Model Integration 5
– ISO9001: Quality management
– FIPS: 140-2 IPC and NVR certified by National Institute of Standards and Technology (NIST)
– Common Criteria: IPC passed CC ELA 2+ certificate
– FIRST: member of Forum of Incident Response and Security Teams.
Gary Harmer described the Secure by Default scheme as a further step forward for the industry, which Hikvision fully supports. “The process of developing these standards has been one of open collaboration between companies across the network video security industry. It’s a truly positive and genuine initiative geared towards creating a more secure environment for all stakeholders in the network security ecosystem.”