Hanwha Vision, the global vision solution provider, has announced its preparedness for the upcoming Cyber Resilience Act (CRA) and Network and Information Security Directive 2nd Edition (NIS 2) expected to come into force in 2024.
With a longstanding commitment to cybersecurity best practices and global compliance, Hanwha Vision announced its readiness for the upcoming regulations, before them being ratified into European Union law, to better prepare affected firms, and give users peace of mind.
EU’s CRA
The EU’s CRA is a regulation that sets minimum cybersecurity requirements for products with digital elements.
Under this regulation, products including video cameras must be designed and developed with security in mind, protected against known vulnerabilities, and updated regularly with security patches.
Product security features
Hanwha Vision is following CRA guidelines owing to the comprehensive cybersecurity processes
Users must also be provided with detailed information about product security features and how to use them securely.
Although the Act is still being deliberated by the European Parliament and Council, Hanwha Vision is already following the guidelines with the CRA owing to the comprehensive cybersecurity processes it has implemented.
NIS2
Likewise, NIS2 is a directive adopted by the European Parliament and the Council of the European Union in December 2020. EU member states are expected to comply with NIS2 by October 2024, to meet specific measures aimed at improving the cybersecurity of network and information systems across the EU.
As a Digital Service Provider, Hanwha Vision must conduct regular risk assessments to identify and assess any risks to its networks and information systems, implement appropriate security measures to mitigate any risks identified in assessments, and report cybersecurity incidents to national authorities.
Security measures and NDAA
Hanwha Vision’s products rely on in much sensitive Government, defense, and commercial applications
Hanwha Vision has been hardening its security measures for many years, including removing chipsets manufactured in blacklisted countries from its products, and manufacturing in South Korea and Vietnam. These and other measures have contributed to Hanwha Vision’s compliance with the US National Defense Authorization Act (NDAA).
As an indicator of responsible design and trusted cybersecurity, the NDAA is also used across Europe, with Hanwha Vision’s products relied on in many sensitive Government, defense, and commercial applications in the region.
Wisenet 7 chipset cameras
Hanwha Vision is also one of the few video device manufacturers to achieve the UL CAP certification for its Wisenet 7 chipset cameras.
The Wisenet 7, Advanced System On Chip (SoC) offers the highest levels of cybersecurity possible with its device certificate issuing system, as well as Root CA, Secure Boot, Secure Storage, Secure OS, Mutual Authentication, App Verification, and more.
S-CERT
To facilitate a rapid response to possible security vulnerabilities, Hanwha Vision operates a security vulnerability response team (S-CERT).
As well as responding to new threats and vulnerabilities, S-CERT carries out regular penetration testing and security checks.
Security Vulnerability disclosure policy
Hanwha's Vision is to identify, define, and catalog publicly reported cybersecurity vulnerabilities
Hanwha Vision is also committed to disclosing any potential vulnerabilities as per its Security Vulnerability disclosure policy and was recently authorized by the CVE Program as a CVE® Numbering Authority.
This allows Hanwha Vision to identify, define, and catalog publicly reported cybersecurity vulnerabilities for the benefit of users, partners, and the wider information technology and cybersecurity communities.
Cybersecurity
Pread Um (Suk Bong), Product and Marketing Director at Hanwha Vision Europe said, “Hanwha Vision has always been committed to providing pioneering cyber-secure products as they are critical to protecting our customers as well as consumers."
"Putting cybersecurity at the center of what we do allows us to supply trustworthy security products to demanding and sensitive environments. This gives users peace of mind as cybersecurity regulations such as the CRA and NIS2 come into force.”
