Video security systems have become a critical asset across industries, with leaders confident in their systems’ resilience against cyber threats. Research from Hanwha Vision Europe shows that more than nine in 10 security and IT managers in the UK, France, Germany, Spain and Italy believe their video systems are well-protected.
However, the research uncovered a lack of implementation of adequate security practices, leading the report authors to the conclusion that perhaps this confidence may be misplaced.
The research revealed that overall, confidence is high across different organisation sizes, countries and sectors. In Italy, confidence reaches 97%, while Spain, albeit still high, has a lower confidence level at 83%. Sectors such as finance boast a nearly universal confidence level of 99%, with data centres at a more modest 80%. But on the contrary, while 92% of IT and security managers believed their video systems to be highly secured against cyber crime, just 23% implemented basic video security measures.
Indeed, the research found that respondents also display a worrying lack of awareness of relevant cyber security legislation such as the Network and Information Security Directive 2nd edition (NIS2), which came into effect in October 2024, and the Cyber Resilience Act (CRA). Best practices that align and comply with these regulations and improve cyber-resilience overall are also not being regularly implemented, finds the research according to Hanwha Vision.
Fewer than half (47%) of respondents are familiar with NIS2 and only 23% are aware of the CRA. Larger organisations do show slightly higher awareness at 45% on average, but this is still low given the rise in cyber-attacks on businesses in 2024 – hitting an annual high of 1,876 per week in Q3 of 2024.
It is the view of the researchers that simple yet essential measures including changing default passwords and updating firmware—a baseline for cyber security—are overlooked or forgotten by many, leaving systems vulnerable to more easily preventable attacks.
Fostering a resilient culture alongside implementing fundamental steps such as securing physical access to network devices, implementing 802.1x certificate-based access, and creating least-privilege user accounts, are paramount to ensuring cyber secure video surveillance.
Security and operations teams must understand their roles in protecting video systems against attack. However, the research indicates that many companies aren’t widely promoting best practices across their workforces leading to vulnerabilities.
Small businesses are particularly vulnerable, with only 17% implementing these security measures, compared to four in 10 (41%) larger enterprises. This is particularly concerning given that many businesses do not survive the financial impact of a cyber-attack.
The good news according to the company is that these shortfalls can be quickly rectified by some of the following actions:
● Audit the system and identify weak spots.
● Implement current cyber security best practices such as creating user-level accounts with the least privileges required and securing physical access to network devices. It can be worth consulting with a video cyber security expert to assess the specific video surveillance ecosystem and practices to implement.
● Schedule regular security assessments and remain updated with the evolving threat and regulatory landscape.
● Disseminate information across the workforce with regular knowledge refreshers.
● Work with reputable manufacturers and installers who prioritise cyber security in their video systems.
Despite these concerns, it is the company’s view that by prioritising a few critical actions, organisations can strengthen their video security systems, better protect sensitive data, and improve overall cyber resilience. Some of these actions could help to finally bridge the gap between the confidence that security and IT leaders feel and the reality of some of their current practices.
