The British Security Industry Association (BSIA) has updated its manufacturers’ code of practice that recommends on the design, testing and manufacture of safety and security products with a cyber exposure, while aligning with UK law.
Manufacturers of safety and security systems Cybersecurity code of practice, is based on international industry best practice around cybersecurity and refers to recognised guidance and standards applied to safety and security systems. It aligns with UK’s consumer connectable product security regime, the UK Product Security and Telecommunications Infrastructure (PSTI) Act: 2022, which came into effect this week for Relevant Connectable Products, also known as IoT (Internet of Things) or ‘smart’ products such as connected cameras, fitness watches and even coffee-making machines. A previous iteration of this code of practice as released 2021 already took in many of the requirements of the Act and in many aspects going beyond them, the BSIA reports.
The code of practice, which underpins the BSIA manufacturers cyber assurance registration scheme, will assist in providing confidence throughout the supply chain promoting secure connection of products and services, the trade association says. Its aim is to deliver client assurance regarding connected solutions, assisting the supply chain in their duty of care to other network users, particularly around protecting the integrity of existing cybersecurity countermeasures or the implementation of such counter-measures in new products.
Graham Evans, Technical Officer at the BSIA, said: ‘We are pleased to announce the release of our updated issue of the Manufacturers of safety and security systems Cybersecurity code of practice, incorporating the relevant references to the UK Product Security and Telecommunications Infrastructure (PSTI) Act: 2022.
“We are delighted to see the requirements in the Act are aligned to our code of practice and once again demonstrates the forward thinking of our members to ensure their products and services keep pace with the latest security standards and legislation.”
And Glenn Foot, Chairman, BSIA Cybersecurity Product Assurance Group (CySPAG), said: “The PSTI Act is a welcome addition to the world of cybersecurity, but it must be noted that it only covers the basics, and there are likely to be additional requirements in the future.
“Cyber responsible manufacturers should be striving to exceed these minimum requirements in order to give their customers the highest level of confidence in relation to cyber security. To support manufacturers in exceeding the PSTI requirements, the CySPAG scheme provides guidance on best practices and recognition for manufacturers for going beyond the bare minimum for cyber security.”
Manufacturers of safety and security systems Cybersecurity code of practice, is available for BSIA members via the CySPAG website. Details on how to join the CySPAG registration scheme, which is open to BSIA and non BSIA manufacturers is also on the website.
