Cyber Security Product Assurance Group (CySPAG)
Protecting customers from the risk of product-related cyber-crime is the focus of a new working group convened by the British Security Industry Association (BSIA).
The Cyber Security Product Assurance Group (CySPAG) met for the first time in 2017 to define its objectives and lay the groundwork for future projects that aim to provide education and guidance on best practice in cyber resilience to product manufacturers, installers and users.
The group’s initial discussions were attended by representatives of 18 BSIA member companies from a range of industry sub-sectors, and focused on the increasing connectivity of security systems and how the growing links to home and business networks can leave individuals and companies vulnerable to cyber-attacks.
Any single system can be subject to a number of vulnerabilities at different stages of its life-cycle, so its resilience depends not only on initial product design but also on proper installation and configuration as well as responsible use and maintenance by the end customer. The CySPAG group’s primary objective is to provide best practice guidance at every stage of this chain, from design and testing to installation and maintenance.
The potential implications of system and network vulnerability can range greatly depending on the nature and the application of the product or system itself. For the domestic user, the greatest risk may be the ability of hackers to access personal data via the home network, whereas at the opposite end of the scale could be the ability of thieves or terrorists to shut down surveillance cameras, sensors and alarm systems prior to an attack.
Highlighting the myriad risks and ways in which these can be mitigated will be the initial core focus of this working group, which aims to provide all member companies with an essential toolkit of information that they can use to provide informed guidance to customers and industry partners whatever their industry sector.
The development of the CySPAG working group is just one element of the Association’s renewed focus on the issue of cyber security. This wider project is also set to deliver a dedicated web page providing advice and guidance as well as an informative seminar, to be launched in early summer.
BSIA member companies interested in becoming involved with the CySPAG working group can do so by contacting Steve Lampett on firstname.lastname@example.org
For more information about the education, guidance and standards development offered by BSIA membership, visit www.bsia.co.uk/join-the-bsia