Hanwha Vision’s top 10 cybersecurity measures

Robust cybersecurity is essential for all organisations, Hanwha Vision states.

However, there is a significant gap in how prepared security and IT managers believe they are for a cyber-attack and the steps their organisations are taking to mitigate threats.

Research

Research from Hanwha Vision Europe shows that while overall confidence in video surveillance systems’ security is high, many organisations fall short on fundamental cybersecurity measures.

Over 1,150 IT and security Managers/Directors from organisations with 50+ employees across the UK, France, Germany, Italy and Spain, in industries including data centres and telecoms, financial services, transport, manufacturing and retail, were asked about their cyber resilience and knowledge of threats and legislation.

To address this gap, Hanwha Vision compiled a list of practical actions and training tips that will make cybersecurity a continuous exercise, ensuring that your video system is as protected as possible against malicious actors and evolving threats.

Hanwha’s 10 cybersecurity measures

1. Secure physical access

• Physical security is a foundational step in your cybersecurity, but it can be more challenging for video systems, given that devices are often in public and occasionally remote locations, for example, city centres or solar sites
• Assess the location of your video devices and how best to limit device tampering. Keep access to sensitive equipment such as Network Video Recorders (NVRs) and server rooms secured and for authorised personnel only

2. Enable 802.1x Certificate-Based access control

• Use 802.1x protocols to authenticate devices on the video surveillance network to add an extra layer of security and prevent unauthorised access

3. Create user-level accounts

• Unique user credentials and user-level accounts with the least privileges will also minimise the risk of a data leak
• Only give users access to the permissions necessary for their role and put processes in place to easily revoke access if a user leaves your organisation

4. Use a secure VPN for remote access

• When users are accessing your video system remotely, make sure they are using a VPN or another means to encrypt data and reduce the chances of interception
• Edge-based AI cameras can also decrease the risk of sensitive video data being accessed as analytics are carried out on the device itself, with only metadata and insights communicated back to control rooms

5. Change default usernames and passwords

• While it may seem obvious, default credentials are a common point of entry for attackers. Ensure all device credentials are unique and changed regularly
• Educating users on password best practices, such as creating a strong password and not writing it down or sharing it with others, is also important

6. Update devices with the latest firmware

• Regular firmware updates often contain security patches for vulnerabilities
• Set reminders to check and update firmware regularly
• Only work with manufacturers that have dedicated resources to keep track of threats and vulnerabilities and which regularly update their devices to mitigate these risks

7. Disable guest or non-authenticated RTSP access

• Prevent unauthorised access to video streams by disabling guest access or requiring authentication for Real-Time Streaming Protocol (RTSP) feeds

8. Utilise tampering and defocus detection analytics

• Use tampering detection to send real-time alerts if cameras are covered or moved, and defocus detection to notify if image clarity is compromised

9. Enable network disconnect detection

• Enable network disconnect detection for devices, to notify of any interruptions that could indicate tampering

10. Regularly check device logs

• Review logs to monitor for unusual activity and detect normal and abnormal behaviour patterns
• This will help you identify potential issues before they escalate

An ongoing, collective effort

Staying ahead with cybersecurity doesn’t have to be overwhelming or intensive, Hanwha Vision notes.

Reputable manufacturers and installers can provide guidance on emerging trends, best practices and timely alerts to bolster your cyber-resilience.

A proactive and collaborative approach will enable you to focus on the capabilities offered by modern video systems, ensuring they enhance a company’s operations rather than be the weak link in its cybersecurity strategy.