BSIA’s Cyber Security Product Assurance Group issues Code of Practice for installers

‘Installation of Safety and Security Systems – Cyber Security Code of Practice’ will assist in providing confidence throughout the supply chain by promoting the secure connection of products and services and delivering client assurance regarding connected solutions.

In addition, the Code of Practice will help the supply chain in its Duty of Care to other network users, particularly so with respect to protecting the integrity of existing cyber security countermeasures already in place or the implementation of such countermeasures in new solutions.

Steve Lampett, technical manager at the BSIA, said: “We’ve long been concerned with the ever-increasing use of Internet-connected devices and systems in electronic security and how the growing links to home and business networks can leave individuals and companies vulnerable to cyber attacks. It’s also important to acknowledge that there’s a combined stakeholder effort in providing a cyber secure solution. In short, manufacturers, designers and installers working in collaboration to provide a credible cyber-secure solution.”

Lampett continued: “Our new Code of Practice for installers adopts a practical approach towards addressing cyber security risks. It takes the sector forward in terms of managing that risk and has the potential to become a real game-changer for the industry. The Code of Practice should steer industry practitioners into thinking differently about how we use new technology in security and equip the professional security industry for the future.”

Broader view

Glenn Foot, chairman of the CySPAG, added: “Unlike many cyber security schemes where the product is the main focus, the CySPAG has taken a much broader view of matters and recognised that not only the manufacturers of products, but also the installers and clients are key links to a cyber-secure system. This Code of Practice is an industry first and leads the way in ensuring professionals with the security industry are taking all reasonable precautions when installing security equipment that has a cyber exposure.”

Further, Foot observed: “The CySPAG is underpinned by strong representation from various roles across the industry and has focused on what’s practical for installers to do and what can be expected of clients. The Code of Practice is the first step in a journey for this industry. For its part, the CySPAG is committed to continue to support the industry with comprehensive training modules for installation companies and also a linked Code of Practice for manufacturers. The overall aim is really to ensure that products are produced and installed securely.”

The recommendations of this Code of Practice apply in addition to other standards and Codes of Practice relating to systems and equipment to be installed. Any documentation or checklists mentioned in this Code of Practice may be combined with those required by the other standards or Codes of Practice applying to safety and security systems and their components, but can be applied to other devices and systems.

*On Tuesday 18 August, the BSIA will be hosting a broadcast entitled ‘Cyber Attacks: Reducing the Risk on Installations’ to provide a forum for the industry such that interested parties can ask questions relating to the Code of Practice. Use the following link https://bit.ly/2OI6ZgO to register

**To download ‘Installation of Safety and Security Systems – Cyber Security Code of Practice’ visit the BSIA’s CySPAG page