The British Security Industry Association’s (BSIA) cybersecurity group has launched a code of practice.
The aim of ‘Manufacturers of safety and security systems – cybersecurity code of practice’, as developed by the BSIA’s Cybersecurity Product Assurance Group (CySPAG), is to assist in providing confidence throughout the supply chain, promoting secure connection of products and services and delivering client assurance. Also, the code should aid firms in the supply chain in duty of care to other network users, such as in protecting the integrity of cyber security countermeasures, or building in such countermeasures in new products. This follows the ‘Installation of safety and security systems – cybersecurity code of practice’ released by CySPAG in 2020.
Steve Lampett, Technical Manager, BSIA, said: “Here at the BSIA we have long considered and debated how our industry sector can provide effective cyber secure solutions to end users via its supply chain and we feel that to do this our supply chains must find ways to collaborate and support processes that achieve this.
“The publication of this new code of practice now provides a complete process for supply chains when utilised together with installers adhering to the Installation of safety and security systems – cybersecurity code of practice. This should provide peace of mind for end users in terms of cybersecurity of their systems, not only when they are installed but throughout the entire contract period. The release of this code of practice is the next step in acknowledging a collective stakeholder effort of installers, manufacturers, and designers in providing a cyber secure solution.
“We hope to continue to drive the sector forward with this practical approach when addressing and managing cybersecurity risks. The idea is to steer safety and security practitioners into thinking outside the box on using new technology and equipping our industries with professional tools for the future.”
The group makes the point that the recommendations of this code of practice apply in addition to other standards and codes of practice relating to systems and equipment to be installed. Any documentation or checklists mentioned in this code of practice may be combined with those required by the other standards or codes of practice, applying to safety and security systems and their components but can be applied to other devices and systems.
To download Manufacturers of safety and security systems – cybersecurity code of practice, and other documents, visit the BSIA’s CySPAG page.
