Hikvision Gains Cybersecurity Certifications Amid EU Regulatory Scrutiny
Event summary
- Hikvision Digital Technology has achieved ISO/IEC 29147:2018 and ISO/IEC 30111:2019 certifications for its vulnerability management practices, awarded by the British Standards Institution (BSI).
- ISO/IEC 29147 standardizes vulnerability reporting and disclosure, while ISO/IEC 30111 governs internal vulnerability remediation processes.
- The certifications align Hikvision’s practices with international standards and the EU’s Cyber Resilience Act (CRA).
- Hikvision established its Security Response Center (HSRC) in 2014 and became a CVE CNA in 2018, demonstrating a decade-long commitment to vulnerability management.
- The company opened a CyberSafe Experience Center in the Netherlands in 2023 to showcase its vulnerability management practices.
The big picture
Hikvision's pursuit of these certifications is a strategic response to growing global scrutiny of cybersecurity practices within the surveillance technology sector. The EU's Cyber Resilience Act represents a significant shift in regulatory expectations, and Hikvision's proactive steps aim to mitigate potential risks and maintain market access. This move signals a broader trend of increased accountability and transparency within the industry, particularly for companies with extensive global supply chains and a history of security vulnerabilities.
What we're watching
- Regulatory Headwinds
- The CRA's enforcement will likely dictate the level of investment and operational changes required across the surveillance technology sector, and Hikvision's compliance will be a key indicator of broader industry adoption.
- Governance Dynamics
- The effectiveness of Hikvision's automated vulnerability processing tools will determine whether it can maintain certification and meet increasingly stringent regulatory requirements without significant operational disruption.
- Supply Chain Impact
- The extent to which Hikvision’s certification enhances trust among its global supply chain partners will influence its market share and ability to secure contracts, particularly in sensitive sectors.
Related topics