What are the cybersecurity issues in video surveillance?

November 2019 Editor's Choice, Surveillance, Information Security

Cybersecurity has become a growing concern for consumers and companies in every sector at every step of the supply chain. The surveillance industry is no exception. Far from the days of CCTV cameras, which held information for a finite time and were not connected to the Internet, the advances in digital video mean that connected IP cameras and associated devices on the network are at risk of being hacked. The importance of the data captured by surveillance cameras – and what can be done with it – has led to a new breed of cybercriminals, looking for insights to steal and sell.

However, even if cybersecurity is recognised as a serious risk, only a handful of organisations feel adequately prepared to mitigate a cyber threat. Many blame their vulnerabilities on legacy systems, but the reality is that no device – old or new – is 100% immune to hacks; at some point, you must open a door to let someone in or out of your system, it’s inevitable.

Protecting your network and the data you hold on your customers doesn’t require you to install military-grade encryption on every device. On the contrary, the first steps are also the most efficient and simple: getting to grips with understanding the Internet of Things (IoT), identifying the vulnerabilities of your system and implementing the best practices to keep them safe.

Potential vulnerabilities in security systems?

Businesses invest vast sums to deploy physical security technology. However, too often physical security systems, such as cameras, can be a back door into IT networks, making them a prime security risk to a business. Proactively implementing the latest cyber defences remains the best practice in ensuring the highest level of cybersecurity.

There are many factors that can contribute in making a network vulnerable, many of which are linked to poor ‘cyber health’ of the network. Sometimes, it’s a lack of alignment between your IT and security teams. Failing to put in place and follow IT security policies can also lead to dire consequences; it’s not a coincidence that so many cyberattacks are due to human error. Similarly, systems that are not well maintained, updated and cared for also suffer from dramatically increased susceptibility from cyberattacks.

New cyber vulnerabilities are discovered frequently, but whether they pose a critical risk depends on two factors: first is the probability that a vulnerability can be easily exploited, second is the impact that its exploitation could have on the rest of the system. Look out for weak passwords, legacy systems and untrained personnel. Finally, consider that the higher the number of devices in your system, the higher the chance of vulnerabilities.

Cybersecurity for your surveillance devices

Maintaining cybersecurity across all devices can be difficult. Businesses should approach cybersecurity in two steps. The first is awareness; if you are not aware of potential cyber vulnerabilities, threats and issues you cannot do anything to prevent them. Step two is mitigation; once you’ve identified a potential problem, you need to take the necessary steps to patch it before it turns into a serious threat.

In other words, you need to keep learning and teaching your staff about possible vulnerabilities, so that you can spot them as early as possible. This is best done when you have clear policies in place for the management of accounts, passwords and devices.

Device lifecycle management is particularly crucial. Proactive maintenance is the best way to ensure a more stable and secure system, that’s why you should always install updates when your manufacturer releases them.

Finally, governments are introducing schemes that list the requirements a system needs to satisfy in order to be recognised as effectively secure; following these guidelines also helps businesses to be compliant with legislations like GDPR.

Cybersecurity needs in different sectors

The suggestions above are generally valid for every sector that is using security cameras, although with some differences in the approach. In finance, for example, the damage of a cyberattack to an institution’s reputation as a safe place can, over time, be more costly than any immediate loss. On the other hand, oil and gas infrastructures face more maintenance challenges, because of the remote locations of their facilities.

Data centres need to have very tight access policies in place, while smart cities need to rely on shared responsibility, that involves both public realities such as the police or the firefighters, as well as private ones like small businesses.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

World-first safe K9 training for drug detection
Technews Publishing SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
The need for integrated control room displays
Leaderware Editor's Choice Surveillance Training & Education
Display walls provide a coordinated perspective that facilitates the ongoing feel for situations, assists in the coordination of resources to deal with the situation, and facilitates follow up by response personnel.

Read more...
Six key security technology trends in 2025
Axis Communications SA Surveillance
Axis Communications examines some new trends for the security sector in 2025, as well as some new, old trends that are once again highlighted because of their benefit to the end user in the race to obtain optimal value from technology installations.

Read more...
Cyber top business risk as climate change hits record high
Editor's Choice
Globally, companies identify cyberattacks, particularly data breaches, as their primary business concern for the coming year, with business interruption ranked second. In Africa and the Middle East, cyber incidents, shifts in legislation and regulation, and macroeconomic developments are the three foremost business risks.

Read more...
As technology converges, so does cybercrime
Editor's Choice
Cybercrime is no longer siloed: it involves complex collaborations and coordination between different malicious entities, including state actors, organised crime and even drug and human trafficking networks.

Read more...
The need for integrated control room displays
Editor's Choice Surveillance Training & Education
Display walls provide a coordinated perspective that facilitates the ongoing feel for situations, assists in the coordination of resources to deal with the situation, and facilitates follow up by response personnel.

Read more...
Identity is a cyber issue
Access Control & Identity Management Information Security
Identity and access management telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations.

Read more...
The bane of burnout
Editor's Choice Security Services & Risk Management
The World Economic Forum has recently formally acknowledged burnout as an occupational syndrome, giving it a status that is even more worthy of being taken seriously and resolved as quickly as possible.

Read more...
Federated identity orchestration
Technews Publishing SMART Security Solutions Editor's Choice Access Control & Identity Management Security Services & Risk Management AI & Data Analytics
Understanding exactly who resides at the end of a digital device is key, and simple identity number verification by the Department of Home Affairs is no longer a viable solution on its own.

Read more...
Identity and authentication
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security Security Services & Risk Management
Identity authentication is a crucial aspect of both physical security and cybersecurity. SMART Security Solutions obtained insights into the topic and the latest developments from three companies.

Read more...