How Security Integrators Can Enhance Their Cybersecurity Reputation
Ethical hacker Tom Curtin shares how security integrators can improve their cybersecurity, as well as how to market it to gain new customers.
We live in a world where nearly anything can be hacked. It is more important than ever to use proper cyber hygiene and implement best practices.
I recently attended the Northeast Security Systems Contractors Expo where I saw an education session by Repworks‘ Tom Curtin. Curtin is a systems security professional (CISSP), a certified penetration tester (CPT) and a certified expert penetration tester (CEPT). In short, he’s an “ethical hacker,” or someone who can be hired to test or evaluate potential cybersecurity vulnerabilities.
Curtin’s session focused on ways that security integrators can enhance their cybersecurity reputation. Three main points he focused on were the consequences of lackadaisical cybersecurity, cyber best practices and the financial benefits of being cyber-responsible.
Poor Cybersecurity Hurts Both You and Your Customers
Cyber attacks and ransomware can be devastating to an organization. A few years ago, the Mirai botnet enslaved thousands of IoT devices thanks to weak default passwords.
While these types of incidents make the device manufacturer look bad, have you ever thought about how you may look? By installing a vulnerable device on a network, you become complicit should anything happen.
Earlier this year, ADT settled a $16 million class action lawsuit filed by plaintiffs that claimed the company installed unencrypted wireless communications systems that rendered them vulnerable to being hacked.
Don’t let your company get caught up in a potential lawsuit — use cyber best practices instead.
Cybersecurity Best Practices for Integrators
Curtin shared a number of best practices when it comes to securing networks and IP cameras:
- Use strong, unique passwords and change them on a regular basis
- Utilize access control lists
- Disable unused services
- Bind MACs
- Disable unused ports
- Smart credentials
- Secure Boot
- Next-gen antivirus
Some additional cyber tips when it comes to cameras include using https instead of http if possible, use SSH instead of Telnet and limit admin privileges (do you share them with your customers or keep to yourself?).
Security pros should also turn off and turn on the following encoders/security:
- IP Filtering
- Multi-level access with password protection
How to Profit Off Cybersecurity
Proper cybersecurity can give you a competitive advantage. Now that cyber attacks have become so widespread (and frequently pop up on the news), being able to tell a potential client that your company adheres to specific cyber best practices can give you a leg up.
You can go a step further and have vulnerability tests done on your company to further prove how seriously you take cybersecurity.
You can also look into new tools that you can sell to customers to help them stay cyber safe, and watch that RMR roll in. Also consider creating proposals and service contracts that include:
- Statement limiting liability
- Clear understanding that you are not responsible for your customer’s poor practices
- Statement listing you company’s cybersecurity posture
- Insurance coverage for cyber liability
The security industry was slow to take cybersecurity seriously. As that stigma begins to change, don’t you want to be ahead of the pack?
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!