The British Security Industry Association (BSIA) has launched a security equipment manufacturer’s cybersecurity registration scheme through its special interest group, the Cybersecurity Product Assurance Group (CySPAG).
The new self-declaration registration scheme is based on the requirements of BSIA Form 343 Manufacturers of safety and security systems cybersecurity code of practice. Its aim is to provide a level of confidence to the supply chain – including end users – that product procured for use in safety and security systems have been produced by CySPAG registered manufacturers who have processes in place to manufacture, supply products using cyber risk mitigation techniques and provide ongoing support throughout the product lifecycle.
To support the scheme, the BSIA has created a CySPAG registration website, which allows companies to self-declare that their product(s) are produced using the process described in the BSIA’s Manufacturers of safety and security systems cybersecurity code of practice. Once accepted, the company will receive a certificate and can use a CySPAG badge of assurance on their products. The self-declaration will be valid for 12 months from the date of acceptance to the scheme, at which point the self-declaration must be renewed for ongoing registration.
The scheme is open to both members of the BSIA and also non-members, with registration fees based upon the company’s status. Over the coming months the BSIA is planning to launch a scheme for installers.
Glenn Foot, Chairman of CySPAG and Product Manager, Eaton, said: “We are delighted that CySPAG has launched this new scheme. It is important that the industry takes responsibility for itself rather than being dictated to by other organisations.”
Steve Lampett, Technical Manager, BSIA, said: “This scheme should provide confidence throughout the supply chain that cyber security has been addressed at a product level and if installed correctly will remain secure for the life of the product.”