New security equipment manufacturers cybersecurity guide released
The BSIA has released its latest cybersecurity guide, aimed at security equipment manufacturers.
The CySPAG Security equipment manufacturers cybersecurity registration scheme is a self-declaration and registration scheme based on the requirements of BSIA Form 343 Manufacturers of safety and security systems cybersecurity code of practice, which is available from the BSIA's CySPAG registration website.
For the purposes of this scheme a manufacturer is the organisation that takes responsibility for the design, testing, manufacture and/or ongoing support of safety and security products that have a cyber exposure. The CySPAG Security equipment manufacturers cybersecurity registration scheme provides a level of confidence to the supply chain, including end users, that products procured for use in safety and security systems have been produced by CySPAG registered manufacturers who have processes in place to manufacture, and supply products using risk mitigation techniques.
This includes the processes that provide ongoing support necessary to manage and maintain product cyber exposure over the product security update support life-cycle and the communication processes necessary to inform the supply chain of vulnerabilities. BSIA Form 343 Manufacturers of safety and security systems cybersecurity code of practice provides the requirements for claiming compliance to this scheme and this document outlines how to register compliance with CySPAG.
The self-declaration will be valid for 12 months from the date of acceptance to the scheme, at which point the selfdeclaration must be renewed for ongoing registration.