2018 was the year that most stakeholders in the Physical Security Industry finally got the message that the Cyber Security threat was capable of causing untold harm to their business. That unless they invested in making sure that their products or services were not vulnerable to cyber attack, it could impact on their business and probably bring massive claims for the ensuing damages.
Security experts had been warning for years that IP devices unless protected from cyber attacks could close buildings and operations down and cause serious safety problems and likely bring damages against manufacturers and installers.
New legislation such as General Data Protection Regulations (GDPR) being introduced across Europe came into operation in 2018 and included updated definitions of personal information and will apply to companies operating in the European Union. The UK Information Commissioner’s Office (ICO) has indicated that GDPR will apply to buildings, including location tracking and sensor technology.
Building services such as BMS and Physical Security systems are targets for organised criminals who wish to research an organisation as part of a targeted attack. For example, an access control system could provide the name, photo, location, department, privilege and potentially biometric information of a member of staff. Such a breach of personal information, if not discovered and notified, could lead to large fines for the organizations that have not complied with the GDPR legislation.
So now one of the critical buying propositions of physical security is “What have you done to make this equipment less vulnerable to cyber attacks”? The owners and operators of buildings, particularly those having large building estates need to know that manufacturers and installers fully understand what needs to be done to reduce vulnerability and make sure it is applied to their equipment and systems.
For buyers in the enterprise market today it must be one of the most important buying propositions along with the performance and cost of the equipment. Recent investigations on the sales performance of some of the leading suppliers of video surveillance products has shown that there is a correlation between companies that have a poor record of susceptibility to cyber vulnerability and a relative decline in sales performance.
We believe that with time this link will become much stronger and ultimately will reduce such companies to serious decline in sales.