The British Security Industry Association (BSIA) has updated its manufacturers’ code of practice that recommends on the design, testing and manufacture of safety and security products with cyber exposure, whilst aligning with major new UK legislation.
Manufacturers of safety and security systems' Cybersecurity code of practice, is based on international industry best practices regarding cybersecurity and refers to recognised guidance and standards applied to safety and security systems.
BSIA manufacturers' cyber assurance
Crucially, it aligns with the UK’s consumer connectable product security regime, the UK Product Security and Telecommunications Infrastructure (PSTI) Act: 2022, which came into effect this week for Relevant Connectable Products. A previous iteration of this code of practice was released in 2021 already encompassing many of the key requirements of the Act and in many aspects going beyond them.
The code of practice, which underpins the BSIA manufacturers' cyber assurance registration scheme
The code of practice, which underpins the BSIA manufacturers' cyber assurance registration scheme, will assist in providing confidence throughout the supply chain promoting the secure connection of products and services. Its aim is to deliver client assurance regarding connected solutions, assisting the supply chain in their duty of care to other network users, particularly with respect to protecting the integrity of existing cybersecurity countermeasures or the implementation of such countermeasures in new solutions.
Latest security standards and legislation
Graham Evans, Technical Officer, BSIA, said: "We are pleased to announce the release of our updated issue of the Manufacturers of safety and security systems Cybersecurity code of practice, incorporating the relevant references to the UK Product Security and Telecommunications Infrastructure (PSTI) Act: 2022."
“We are delighted to see the requirements in the Act are aligned to our code of practice and once again demonstrate the forward-thinking of our members to ensure their products and services keep pace with the latest security standards and legislation.”
Best practices and recognition for manufacturers
Glenn Foot, Chairman, BSIA Cybersecurity Product Assurance Group (CySPAG), said: “The PSTI Act is a welcome addition to the world of cybersecurity, but it must be noted that it only covers the basics, and there are likely to be additional requirements in the future."
“Cyber-responsible manufacturers should be striving to exceed these minimum requirements in order to give their customers the highest level of confidence in relation to cyber security. To support manufacturers in exceeding the PSTI requirements, the CySPAG scheme provides guidance on best practices and recognition for manufacturers for going beyond the bare minimum for Cyber Security.” Manufacturers of safety and security systems Cybersecurity code of practice, is available for members via the CySPAG website. Details on how to join the CySPAG registration scheme, which is open to both BSIA and non-BSIA manufacturers are also on the website.
