Our team is continually on the lookout for ways to ensure our partners become and remain cyber secure, especially when it comes to the risks involved in deploying hundreds of security cameras and intercom stations on their networks.
Today, we attended the Cybersecurity Association of Maryland (CAMI) presentation by Talos about cyber security preventative measures and incident response. Matt Golueke attended this morning with the purpose of continuing to help bridge the gap between our physical/electronic security partners and cyber security best practices awareness through solution and relationship introductions.
What is the CYBERSECURITY ASSOCIATION OF MARYLAND (CAMI)?
CAMI is leading the advancement of cybersecurity through advocacy and collaboration. It is a trusted community for companies that view cybersecurity as a strategic issue to receive actionable resources and connect with their peers. More about CAMI >>
Why does connecting with CAMI and its members matter when deploying electronic security systems?
The biggest cyber risk when deploying a security system is opening your network to a vulnerability as a result of installing inappropriate devices or not programming them properly. Knowing how to mitigate the risk starts with education and relationships that can help improve your level of understanding and take steps to implement improvement measures as a trusted partner.
What are top security system manufacturers doing about cyber security?
Commend, a leading manufacturer of high-performance intercom and public address solutions, published a white paper on the topic of cyber security and possesses multiple IEC and ISO certifications >>
As a result of Bosch Security and Safety Systems' sustained cybersecurity efforts, their security cameras have achieved Underwriters Laboratories (UL) 2900-2-3 Level 2 cybersecurity certification. This certification confirms that Bosch performs the necessary penetration testing and internal practices to address cybersecurity.
As more video security cameras get connected to the Internet of Things (IoT), the role of video security is changing. Cameras are no longer part of a “closed” system, solely focused on gathering, recording, and viewing images. They are transitioning into intelligent sensors that collect significantly more data than video security images alone. The surge in data collection also increases the risk of cybercriminals looking to steal sensitive data.
Every Bosch security camera has a built-in Secure Element with Trusted Platform Module (TPM) functionality. The hardware securely stores all certificates and cryptographic keys needed for authentication and encryption. Depending on the camera model, the Secure Element supports RSA encryption key lengths of up to 4096 bits, ensuring data remains safe beyond 2030. All cameras offer extensive user management capabilities to ensure only authorized users have access to camera data. They support a Public Key Infrastructure set-up and provide software sealing to detect any change in the cameras' configuration settings. Data security measures built-in at the edge by design:
- Secured connections (HTTPS) supported
- Password enforcement at setup
- Unsecure ports disabled by default
- Unsecure remote communication disabled by default
- Protection against execution of untrusted and malicious code
- Firmware updates only possible via Bosch signed firmware files
- Embedded Login Firewall improves robustness against Denial of Service (DoS) attacks
- Supported by Bosch remote device management via the cloud for “over-the-air" firmware updates ensuring the system meets the highest reliability standards
In this video from the Security Technology Forum 2022, David Brent from Bosch Security Systems discusses the importance of bolstering your cyber security appetite as it relates to physical and electronic security, whether your organization is installing the devices or using the devices >>
BOSCH CYBER SECURITY DOCUMENTS >>
Bosch cyber security classes here >>
Contact our team to discuss implementing cyber security measures for your video surveillance, intercom, and other security systems here >>