The importance of encryption and ‘Secure by Default’

0
813

The ‘Secure by Default’ initiative requires manufacturers to encrypt their products at the design stage to make it more difficult for hackers to gain access. The Surveillance Camera Commissioner’s code of practice suggests that CCTV systems must use the minimum encryption of HTTPS for communication with web interfaces. Of course, this is just a minimum requirement, and manufacturers can decide if they want to incorporate higher levels of security. And by implementing this basic level of encryption, manufacturers restrict cyber criminals from hacking their systems and better protect against cyber crime.

Encryption helps to protect data from being misused or tampered with. There are different levels of encryption – the harder the encryption, the more difficult it will be for cybercriminals to crack the code and hack a system.

With the world becoming increasingly connected, data is being constantly created, shared and captured in every aspect of our daily lives. This includes personal data which can be stolen or tampered with to commit crimes such as fraud. The Cyber Security survey reported that 32% of businesses and 22% of charities experienced a cyber security breach or attack.

Now, of course, these attacks won’t be just due to weak encryption. However, these examples do suggest that the digital world requires far more robust methods to protect data, and at the heart of achieving that lies encryption. Unfortunately, many businesses don’t realise its importance and often use un-encrypted security systems or easily hackable encryptions. This poses a real threat as hackers could use the weakness to access CCTV systems and steal footage.

The European Union developed the General Data Protection Regulation (GDPR) to better protect society and keep up with the modernisation of the internet. With this improved Data Protection Act legislation, businesses are liable for the unauthorised access, processing and misuse or destruction of personal data and measures must put in place to stop this from happening. Video Surveillance businesses have the responsibility of protecting the CCTV footage recorded. To prevent such data from being stolen, vigorous encryption methods must be used to deter cyber criminals.

Under the new GDPR, consequences of a breach or a cyber attack include hefty fines and public embarrassment. For instance, according to media reports, UK Watchdog plans to fine Marriott International £99 million for a data breach that leaked the personal details of 339 million guests. The role of encryption is clear. “End-users must be able to have confidence in the intrinsic security of the products they have installed. It’s vital for manufacturers to be seen as addressing cyber crime issues and taking responsibility for the products they sell.”