Protecting customers from the risk of product-related cyber crime was the focus of the inaugural meeting of a new Working Group convened by the British Security Industry Association (BSIA). Members of the Cyber Security Product Assurance Group (CySPAG) have met for the first time to define its objectives and lay the groundwork for future projects that specifically aim to provide education and guidance on Best Practice in cyber resilience for product manufacturers, installers and end users alike.
The Working Group’s initial discussions involved representatives of no less than 18 BSIA member companies emanating from a range of industry sub-sectors. The focus was on the increasing connectivity of security systems and how the growing links to both home and business networks can leave individuals and companies vulnerable to cyber attacks.
Paul Phillips, technical manager at the BSIA and convenor of the new Working Group, said: “Any single system can be subject to a number of vulnerabilities at different stages of its lifecycle. That being the case, a given system’s resilience depends not only on initial product design, but also on proper installation and configuration as well as responsible use and maintenance by the end customer. The CySPAG’s primary objective is to provide Best Practice guidance at every stage of this chain, from design and testing right through to installation and maintenance.”
The potential implications of system and network vulnerability can vary greatly depending on the nature and the application of the product or system itself. For the domestic user, the greatest risk may be the ability of hackers to access personal data via the home network, whereas at the commercial end user point of the scale it could be the ability of thieves or terrorists to shut down surveillance cameras, sensors and alarm systems prior to an attack.
Highlighting the myriad risks and ways in which these episodes can be mitigated will be the initial core focus of the BSIA’s new Working Group, which aims to provide all member companies with an essential toolkit of information that they can use to provide informed guidance to customers and industry partners whatever their industry sector.
Phillips concluded: “The development of the CySPAG is just one element of the Association’s renewed focus on the issue of cyber security. This wider project is also set to deliver a dedicated web page providing advice and guidance as well as an informative seminar to be launched in the early part of the summer.”
*BSIA member companies interested in becoming involved with the CySPAG can do so by contacting Paul Phillips via e-mail: firstname.lastname@example.org