There’s a big difference between NSCA members and other integrators in the field—and it often comes down to understanding the gravity of cybersecurity controls
NSCA members are the cream of the crop—we insist on that. Put simply, we expect NSCA member firms to live up to expectations that many other integrators do not.
This is reflected in the solutions you provide to solve customers’ business challenges and in how you support your customers. But we’ve also added something else to this list of expectations: Protecting your customers by understanding important codes and standards for cybersecurity and privacy. This separates truly professional integration companies from the rest.
NSCA members are educated and responsible when it comes to understanding security and privacy—and making sure that customers’ networks and information are protected. To truly be of value to customers and connect viable solutions to their networks, you should know how to deploy security and privacy controls.
Connectivity: Codes and Your Customers
Technology plays an important role in all facets of our day-to-day lives. From connected coffee makers and smart cars to automated buildings, the proliferation of technology has also created cyberthreats that significantly impact quality of life and work. Threats like ransomware, denial of service, and hackers are just as devastating to a small company as they are to a large, sophisticated IT organization.
Integrators now play a critical role in the design, deployment, and maintenance of customers’ networks and IoT. Technologies like smart systems and connected devices are unique and present new security and privacy challenges for you and your customers. To that end, it’s important to understand and manage such risks and be cognizant of cyberthreats and steps to prevent or mitigate threats.
The resources featured in the sidebar below provide useful guidance for integrators in terms of elementary cybersecurity best practices designed to reduce risks. For example, changing default passwords on routers is a foundational cybersecurity practice but is often overlooked, becoming a key vulnerability that serves as a springboard for larger cybersecurity incidents.
Integrators that want to manage and enhance their customers’ cybersecurity posture should incorporate the guidance and best practices shared here. Cybersecurity hygiene can be a core competency for integrators and, more importantly, provide invaluable privacy and security benefits to customers in this digital ecosystem.
NSCA members should operate with the understanding that such guidance will only expand to more comprehensive controls. Just as NSCA embraces its role as a trusted partner to integrators, NSCA members become trusted partners to their customers by staying a step ahead of cyber standards. That’s how you earn your seat at the big table.
Sid Bose is a data security and privacy attorney at Ice Miller LLP. He’s also a member of NSCA’s Emerging Technologies Committee.
Cyber Codes & Resources
Underwriters Laboratories’ (UL’s) Cybersecurity Assurance Program (CAP):
- Cybersecurity Considerations for Connected Smart Home Systems and Devices
- UL 2900-1, Outline of Investigation for Software Cybersecurity for Network-Connectable Products, Part 1: General Requirements
- UL 2900-2-1, Outline of Investigation for Software Cybersecurity for Network-Connectable Products, Part 2-1: Particular Requirements for Network-Connectable Components of Healthcare Systems
- UL 2900-2- 2, Outline of Investigation for Software Cybersecurity for Network-Connectable Products, Part 2-2: Particular Requirements for Industrial Control Systems
- UL 2900-3 (currently under development), Outline of Investigation for Software Security of Network-Connectable Products, Part 3: General Requirements
This three-part series of standards is expected to address the general testing of organizational systems and processes for conducting the risk assessment necessary to identify applicable, software-based cyber threats and the ability of an organization to include appropriate security in the product development process.