Wai King Wong, Country Manager ANZ, Axis Communications, tells Intelligent CIO how ensuring critical components of a security ecosystem are as risk-free as possible reduces the overall threat of bad actors infiltrating organizations.
It is imperative that the vendors who make and distribute physical devices have cyber safety at the very core of their company DNA. Looking for potential cost savings while ignoring the pedigree of the vendor is just no longer a viable option in the modern world, where cyberattacks are a constant threat. A vendor should have a thorough cyber-hardening plan in place, which evaluates all potential threat vectors and moves to eliminate them.
Regular firmware updates from the vendor will ensure that operational software is up-to-date, and patched against the latest cyberthreats, as well as maintaining proper integration with other leading solutions that may need to interact with that device, thus ensuring that all devices, solutions and operating software work together to toughen an integration against attack.
This also accounts for integrators who provide managed services – it is imperative that devices are constantly updated and upgraded, to ensure they do not have vulnerabilities. A security ecosystem is no longer a set-and-forget prospect but needs constant maintenance and vigilance. Therefore. Taking a pro-active approach to maintaining a camera’s operational efficiency and cyber safety is an absolute must.
Working closely with other vendors in a secure ecosystem of solutions is becoming ever-more important also. With deeper and more prevalent integrations between complementary technologies, vendor partners need to work closely with one another in an effort to ensure that solutions are secure at every stage of development and deployment.
Educating partner companies as well as integrators is imperative, and therefore it becomes increasingly important for vendors to maintain close ties, and work with one another to reach out to the broader security community and interact on education programs, seminars and workshops.
The physical construction of a device is perhaps the most overlooked element of cybersecurity. However, many products and their components are made and assembled across several manufacturing plants, often in different countries.
It is not uncommon for a camera to have its physical structure made in one country, lenses in another, computing chip in a third, wiring in a fourth, and then assembled in yet another country.
This exposes that device to risk – each step of the process holds risk of tampering and interference from external sources, and the less control a vendor has over the design, engineering and manufacturing process of their products, the more exposed to risk those products are.
Ideally, a vendor will own and control all elements of this manufacturing process in-house, with layers of security built into every step of a camera’s journey – however, this is not often the case. It is important to examine a camera’s pedigree very carefully before deploying it and making sure that it has a trustworthy lineage.
Cybersecurity is always a concern and must be top-of-mind at every level. Ensuring critical components of a security ecosystem such as cameras and other hardware are as risk-free as possible and reduces the overall risk of bad actors and foreign powers infiltrating private and public organizations and helps protect the interests of governments and individuals.