Issue link: https://resources.genetec.com/i/1480711
Cybersecurity checklist Best practices □ Do I have a proper cybersecurity strategy plan in place? □ Have I assessed cybersecurity in the scope of my security system? □ Did I conduct a vulnerability assessment to identify gaps that can be closed through the convergence of physical and cybersecurity? □ Did I perform a thorough vulnerability assessment of all connected physical security devices to identify models and manufacturers of concern? □ Am I only using genuine products and avoiding counterfeits and unlicensed products? □ Apart from the technical aspect, are there other things to consider to help mitigate risks? Certifications and regulations □ Do the solutions considered include the necessary certifications? □ Which data protection regulation or framework applies to my specific situation? □ Have I assessed what to do to comply with the GDPR? □ Have I assessed what to do to comply with PIPEDA? Appliances and cloud services □ How am I making sure that my security appliances are configured securely? □ Do I have a specialized antivirus protecting my security system? □ Am I choosing secure cloud solutions? □ Is my cloud provider ensuring the security and residency of my data? □ Is the data exchanged and stored in the cloud fully protected? Risk management □ Do I have a comprehensive risk management strategy in place? □ Did I create a new baseline to guide security operations and incident management? □ Are my IT and physical security teams aligned on a comprehensive security program? □ Have I identified all users who can access physical security devices and systems? □ Am I using edge devices from trusted manufacturers? □ Do I have a breach management policy and procedure? □ Do I need cyber insurance? □ Do I have a plan to back up my important data and protect it against disasters? □ How do I ensure my system is available when I need it? Vendor assessment □ Does the vendor have documentation and tools to help with cybersecurity implementation? □ Does the vendor have notifications when the system should be put offline? □ How transparent are vendors with cyber vulnerabilities? □ Does the vendor have a comprehensive strategy to close security gaps and vulnerabilities? □ Does the vendor prioritize cybersecurity in the development of their products? □ Who's liable if your equipment is used to access private information? □ Who owns the manufacturing company that builds their software and hardware? Are you implementing or adding a new system to your physical security infrastructure? Be sure to set yourself up for success. This checklist will help you assess your vendors, optimize your deployment plan, and mitigate potential risks. Pre-deployment checklist