A shared responsibility

November 2018 Cyber Security, CCTV, Surveillance & Remote Monitoring

Nothing man-made is ever 100% secure. Intentional backdoors are bad design and show a significant lack of understanding around the basics of a cybersecure world. In addition, programming mistakes can not be avoided completely.

Cybersecurity is a shared responsibility, none of the stakeholders in the market can fight cybercrime alone, we all need to work together to get ahead in the cyber game. Let’s take a look at the different responsibilities of the different stakeholders.

The user

The main responsibility of the user is to pay for cybersecurity measurements. This can either be done in a ‘DIY’ way, meaning the IT department applies fixes themselves, or to pay an integrator/installer to look after maintenance. A system’s lifespan is easily 10-15 years. Assuming that nothing needs to be done to keep the system in good shape is very short sighted.

The integrator/installer

This stakeholder plays an essential role in the cyber game. The integrator/installer needs to ensure that all his/her own devices, laptops, mobile devices etc. are patched with the latest updates for the OS and run a sophisticated virus scanner. Selected passwords should be complex enough and individual at least per customer and site. The general habit to use one master password to make the service of the devices easier has to be avoided.

Remote access to installations should be limited and all devices being connected to the customer’s system should be checked very carefully for viruses to avoid any kind of infection.

Without maintenance the cybersecurity will very likely decrease over time. The probability is almost 100% that a vulnerability will be found in the system’s context, meaning the OS, the software or the hardware.

The consultant

Another essential component is the work of the consultants, the ones specifying the components for security systems. They need to not only specify the right product features and properties, they also have the responsibility of specifying ongoing maintenance.

The distributor

For a pure distributor, the topic of cybersecurity is very simple. They are just handling the logistics and do not touch the product itself. However, value-add distributors need to consider the same aspects as integrators or installers do.

First and foremost, transparency is key: They need to let their customers know what they are buying. Without this transparency it is typically the price which influences the customer’s buying decision the most. They also need to guarantee to supply firmware upgrades in case of vulnerabilities from their original supplier. The habits of the industry show that a detected vulnerability in the original suppliers’ devices is typically, not fixed in the devices of their many OEM partners.

The manufacturer

Manufacturers’ responsibilities are relatively simple to understand:

• Do not include any intentional aspects, like backdoors, hard coded passwords etc.

• Supply the right tools to make cyber management for many devices as simple and affordable as possible.

• Record relevant aspects in hardening guides or other documentation.

• Enable the use of standard mechanisms make devices as secure as possible.

• Inform the partners and channel about vulnerabilities and available patches.

The consumer

Our own behaviour is also a key aspect to a cyber mature mindset. How often do we change the router’s password? How complex are our own passwords? Do we use different passwords or one master password for most of the applications? Lazy user behaviour is still one of the biggest benefits for hackers. Simple to guess passwords and ones that are used across all logins put consumers at risk of having their accounts hijacked.

One stakeholder alone cannot accomplish the mission to make and keep a system cyber secure. Only by having all stakeholders take responsibility for keeping data safe will we be successful in fighting cybercrime.

For more information contact Axis Communications, +27 11 548 6780, sasha.bonheim@axis.com, www.axis.com


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Platforms and community lead the future
May 2019, Milestone Systems , Editor's Choice, CCTV, Surveillance & Remote Monitoring, News, Integrated Solutions
Milestone Systems took a look into the future of open platforms and the power of community at MIPS EMEA in Copenhagen in March this year.

The consequences of false alerts
May 2019, Leaderware , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Craig Donald discusses the impact of false alarm rates on the utility of intelligent security technology systems.

The enemy within – insider ­security threats
May 2019, Wolfpack Information Risk , Editor's Choice, Cyber Security, Financial (Industry)
Insider threats in today’s financial world are insidious and destructive and your defence against insiders should start long before the person assumes his/her position.

Does your control room add value?
May 2019, Fidelity Security Group, G4S South Africa, Progroup , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure, Commercial (Industry)
Whether on- or offsite, control rooms are a critical aspect of security today and care must be taken in the design and rollout of these nerve centres.

Delivering greater control room value
May 2019, Cathexis Technologies , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
A truly integrated security system requires that all aspects of the security system work seamlessly together, while being managed by the heart of the system, which is the control room.

HD PIR camera with strobe light
May 2019, Hikvision South Africa , Perimeter Security, Alarms & Intruder Detection, CCTV, Surveillance & Remote Monitoring
Hikvision’s Turbo HD passive infrared (PIR) camera uses advanced video surveillance technologies to capture infrared light given off by human bodies.

AI enhances intruder detection
May 2019, Dahua Technology South Africa , Products, CCTV, Surveillance & Remote Monitoring
Dahua Technology launched its new XVR series, XVR5000-I/XVR7000-4KL-I featuring full-channel SMD Plus to benefit customers with an AI upgrade.

LoJax: Be very careful
May 2019 , Cyber Security
Even replacing drives won’t kill this malware, which is still active more than nine months after researchers from Arbor Networks detailed it.

The world’s first surveillance camera day
May 2019 , News, CCTV, Surveillance & Remote Monitoring, Conferences & Events
As part of the National Surveillance Camera Strategy for England and Wales, the Surveillance Camera Commissioner is holding the world’s first Surveillance Camera Day on 20 June.

Assessing impacts: The meteors of security and AI
May 2019 , Cyber Security
As security threats evolve and artificial intelligence pervades, what impact are they set to have on business over the next year?