Global Security Industry Statement on Cybersecurity Threats
As representatives of the security practitioners and security solutions providers responsible for protecting people and assets around the globe, our organizations have long championed and promoted robust cyber readiness education and adherence to international cyber security standards. We share a unified vision to continuously strengthen cyber readiness practices by all stakeholders within the security ecosystem.
It is our belief that a substantial number of manufacturers and integrators today recognize the importance of developing strong cyber hardening features within the design of products and systems. Equally important, security professionals responsible for the implementation of these solutions expect a clear commitment to cyber readiness from their technology partners. We realize that even with the best device hardening, tools and technology, the risk of cyberattack is never zero. Building a community of partnership and trust among the industry and its many stakeholders helps us share information and learn about the evolving threat landscape so we can be better prepared and learn from common challenges. To help meet these expectations and protect sensitive information from being compromised as a result of increasingly sophisticated cyberattacks, ASIS International, the Electronic Security Association (ESA), The Monitoring Association (TMA), PSA Security Network and the Security Industry Association (SIA) have delivered a substantial volume of compelling content in the form of in-person and virtual educational conferences and workshops, online training, articles and recommended best practices intended to educate the security workforce about minimizing cyber risk.
Examples of these efforts and resources include:
- ASIS Cybersecurity Homepage: Access articles and resources on a variety of cybersecurity topics from ASIS’ Security Management publication.
- Security Technology Archive: Explore issues from past issues of ASIS’ Security Technology magazine.
Electronic Security Association
- 2021 Data Privacy Champion: ESA was recognized by the National Cyber Security Alliance in 2021 and offers Cyber Threat Preparedness CEU courses to the industry.
- Cyber Security Advice for Integrators: ESA also publishes articles with cybersecurity advice in its magazine and e-newsletters. Industry professionals can subscribe at esaweb.org/subscribe.
The Monitoring Association
- Minimizing Your Cyber Risk in the Monitoring Center: TMA has developed a certificate program designed for monitoring center IT staff. Over four recorded sessions, participants learn how to mitigate external attacks and insider threats to minimize cyber risk.
- Cybersecurity in the Monitoring Center: In 2020, TMA released a stand-alone module on cybersecurity in the monitoring center that is part of the online Monitoring Center Operator Level 2 course. This module will help students understand how they can minimize the risk of an attack by reviewing materials about cybersecurity threats, how common attacks work, when and where individuals and companies are vulnerable to attacks and what they can do to defend their organization.
PSA Security Network
- PSA Cybersecurity Program: PSA has a focused Cybersecurity Committee made up of integrator members actively promoting cybersecurity within the industry. This group recently published a white paper on CIS Controls relevant to the electronic security market.
- PSA TEC: PSA offers a cybersecurity training track at the annual PSA TEC education conference.
Security Industry Association
- Challenges & Recommendations for Connected Physical Security Products: This report explores threats faced by today’s connected physical security products, offers recommendations to design and deploy secure solutions and provides a road map for adopting a secure development life cycle.
- Beginner’s Guide to Product & System Hardening: These executive-level recommendations from the SIA Cybersecurity Advisory Board are a solid starting point for developing and initiating a comprehensive enterprise cybersecurity strategy to mitigate business risk.
ASIS, ESA, TMA, PSA and SIA will continue to elevate the importance of these types of educational and information-sharing initiatives throughout the industry. We will not waver in this mission.