International. With the Internet of Things (IoT), the number of devices connected to the network has increased by orders of magnitude, and then the opportunities for hackers to breach systems are also multiplying. To protect people's assets and data in this challenging environment, a comprehensive, multi-layered approach to cybersecurity is needed.
Miguel Arrañaga, Pre-Sales Director of Hikvision Mexico, comments that, in the past, most security and surveillance systems worked independently, which meant that they were not connected to other systems or to the public Internet. Now things have changed and the IoT in particular makes it possible to automate surveillance alerts and share them with other systems and users across the organization. The systems also frequently connect to cloud-based systems with video data passing through the WAN and public Internet to be stored off-site.
The rapid growth in the size and complexity of IoT-connected networks and devices presents new opportunities, multiplying the interaction between people and devices on a global scale, but at the same time also amplifies the risks of security breaches and other malicious attacks. These types of breaches usually result in financial losses that reduce customer trust and other negative outcomes.
Cybersecurity threats now span networks, applications, and devices
The complexity of surveillance networks and applications, and the growing number of IoT devices connecting to networks, create multi-layered cybersecurity risks, all of which must be addressed simultaneously.
To cover all the bases, organizations need to not only consider potential vulnerabilities in IoT sensors and devices. They must also consider network security, along with end-to-end data protection, application security, and a host of other factors.
At the transport layer, or network layer, for example, criminals have the opportunity to exploit switches and ports to steal or alter data. At the application layer, as described in the OWASP, application security hackers seek to exploit system and configuration vulnerabilities to access data and "take control" of connected devices. Additionally, at the device layer, physical and cyber attack methods are being used to steal data or interfere with or disable device operations.
These multi-layered security threats mean that a single "point" solution for cybersecurity can no longer be effective. Instead, all cybersecurity strategies should take a multi-layered approach that adequately protects the network, applications, and devices against potential attacks.
How Hikvision covers all cybersecurity bases
To help restrict the risk of a security breach, Hikvision has created a multi-layered approach that addresses a wide range of cybersecurity threats simultaneously. We also maximize cybersecurity by following architectural and device best practices and are certified with FIPS and Common Criteria certification.
"Our multi-layered approach is based on maximizing device security with tightly coupled hardware and software components that are robust and reliable. In several of our devices, we use high-performance security chips that govern secure boot process data encryption and secure update processes. Many devices also use randomly generated encryption keys to minimize the risk of unauthorized access."
He comments that all executable codes must also be signed with certificates recognized by Hikvision, which expands the operating system's "chain of trust" to specific applications and prevents unauthorized applications from running.
"Secure protocols ensure that data is protected while transmitting it from devices. Hikvision's additional network security features include WAN security ports security, IP filtering, and more, ensuring that stored and in-flight data is protected against common attack methods."
