Hikvision, the provider of security products and solutions, releases the first version of its product security white paper, introducing the security challenges of IoT products and sharing Hikvision’s practices to continuously improve the security throughout the whole product lifecycle.
The product security white paper outlines Hikvision’s comprehensive approach to product security covering device security, data security, application security, network security, privacy protection, and security compliance, which can greatly enhance the product security and the risk resistance in various application scenarios.
Current security threats
Interconnection of IoT devices is becoming much more common today"
“Interconnection of IoT devices is becoming much more common today, while the consequent risks are fast growing. Product security remains among our top priorities on multiple dimensions such as R&D, production, and delivery. We also hope to raise the awareness of security issues and establish trust and cooperation with all the stakeholders by sharing our insights”, said Dr. Wang Bin, Vice President, Director of Network and Information Security Laboratory of Hikvision.
In addition to the newly released product security white paper, Hikvision also released an updated cybersecurity white paper, which comprehensively illustrates the current security threats for IoT and relevant challenges for the whole security industry, and it shares Hikvision’s ongoing efforts to improve its cybersecurity system.
Supply chain management
According to the updated cybersecurity white paper, the existing security research and development process of Hikvision has been enhanced with more advanced technical means and tools, which meets higher standards in terms of design, development, verification, risk mitigation, and configuration management. Meanwhile, the company has optimised the operation mechanism and the professional qualifications of its security teams.
The white paper also highlights the security issues related to supply chain management. The company has adopted effective technical and management systems to ensure supply chain security with reference to the international standards, extending the protection scope of cybersecurity systems and building a security ecosystem together with supply chain partners.