The British Security Industry Association’s (BSIA) cybersecurity group has released a code of practice for installers responsible for safety and security systems.
Installation of safety and security systems – cybersecurity code of practice, the BSIA’s Cybersecurity Product Assurance Group (CySPAG) says, will assist in providing confidence in the supply chain promoting secure connection of products and services. The code of practice will assist in duty of care to other network users, particularly in protecting the integrity of cyber measures already in place, or the such measures in new solutions.
Steve Lampett, Technical Manager, BSIA, said: “We have long been concerned with the ever-increasing use of internet connected devices and systems in electronic security and how the growing links to home and business networks can leave individuals and companies vulnerable to cyber-attacks. It is also significantly important to acknowledge that there is a combined stakeholder effort in providing a cyber secure solution, i.e. manufacturers, designers and installers working in collaboration to provide a credible cyber secure solution.
“Our new code of practice for installers takes a practical approach to address cybersecurity risks, takes the sector forward in terms of managing that risk and has the potential to become a real game changer for the industry. This will not be the end goal but should steer industry practitioners into thinking differently about how we utilise new technology in security and equip the professional security industry for the future.”
And Glenn Foot, Chairman of CySPAG, said: “Unlike many cybersecurity schemes where the product is the main focus, CySPAG has taken a much broader view of and recognised that not only manufacturers of products, but the installer and client are key links to a cyber secure system. This code of practice is an industry first and leads the way in ensuring professionals with the security industry are taking all reasonable precautions when installing security equipment that has a cyber exposure.
“CySPAG has strong representation from various roles across the industry and has focused on what is practicable for installers to do and what can be expected of clients. The code of practice is the first step in a journey for this industry, and CySPAG is committed to continue to support the industry with firstly comprehensive training modules for installation companies and also a linked code of practice for manufacturers. The overall aim is to ensure products are produced and installed securely.”
The recommendations of this code of practice apply besides other standards and codes of practice for systems and equipment to be installed, the group adds. Any documentation or checklists mentioned in this code of practice may be combined with those required by the other standards or codes, applying to safety and security systems and their components but can be applied to other devices and systems.
The BSIA will also be holding a BSIA Broadcast, Cyber-attacks – reducing the risk on installations on Tuesday, August 18, as a forum. You can register using this link; https://bit.ly/2OI6ZgO.
To download Installation of safety and security systems – cybersecurity code of practice, visit the BSIA’s CySPAG page.
