Research from Hanwha Vision Europe reportedly reveals a gulf between users’ insistence that their video systems are protected from cyber-attacks – and their widespread failure to implement even simple measures to keep them secure.
The survey of over 1,000 IT and security managers across Europe reveals that nearly nine in 10 (89%) IT and security managers in the UK claim their security systems, including video surveillance systems, are protected or highly protected from cyber-attacks.
Yet such confidence appears misplaced says Hanwha Vision Europe, as many organisations are not implementing even basic measures such as changing camera usernames and passwords (34%), ensuring their devices are running the latest firmware (12%), or securing access to Networked Digital Recorders (NDRs) and other devices (6%).
The research also discovered an alarming lack of awareness of cybersecurity regulations and compliance measures among those on whom organisational cybersecurity depends.
Only 29% are aware of the second Network and Information Security Directive (NIS 2), while 41% are familiar with the Cyber Resilience Act (CRA), which provides cause for concern as both regulations came into effect in October 2024 and can impact UK organisations, depending on their EU operations.
Separately, Hanwha Vision’s research also reveals insufficient promotion of cybersecurity best practices at an organisational level. While 46% of UK organisations promote using Multi-Factor authentication, only 14% push the use of strong passwords.
John Lutz Boorman, Head of Product and Marketing at Hanwha Vision Europe, expressed alarm at organisations’ failure to implement even basic cybersecurity measures, as he urged users and the security industry to treat the research findings as a “wake-up call”.
“With the number of cyber-attacks on the rise, and the cost and impact of these security breaches growing all the time, organisations must match words with actions to boost their video network resilience,” John Lutz Boorman noted. “Like any IoT device, an unsecured video camera can present a tempting route into an organisation’s network for bad actors – but even simple measures can help close off this path.”
The research found that failure to follow best practices for keeping video surveillance networks safe from cyber-attack is not unique to any sector and is highly prevalent even in high-risk industries with extensive experience of cybercrime, such as financial services.
“While it is the user’s responsibility to keep their networks secure, it is clearly in the interest of manufacturers and installers to help them maintain system resilience, and the wider security industry must do more to help,” said Boorman.
The full research findings, including an analysis of variations between countries, industry sectors, organisation sizes, and roles, can be found here: Cybersecurity Report.
