We have discussed a lot about Hik and vulnerabilities. I just found that they're conducting an event in Canada: Cybersecurity Myths and Facts
Hikvision Canada Cybersecurity Road Show 2017 / USA 2018 / Europe 2019
This is amazing. Getting right to business and tackling this thing head on.
I voted disagree. Hikvision's responses have been along the lines of claiming these vulnerabilities have been over-hyped and/or that Hikvision is no different than other manufacturers when it comes to security. These claims are of course false.
Unless Hikvision plans to reverse their stance on "myths" at this event, it has a high probability of being more spin than education.
I voted disagree.
Of course you did :)
Given IPVM's extreme interest in Hikvisions Cyber Security, i am curious if an IPVM employee will be attending one of these road shows.
not to get off topic but I have been noticing lately that when I reply to specific people, it doesnt actually reply under their name and sometimes posts as a new post.
Note: I changed the title to "Hikvision Canada Cybersecurity Road Show 2017" since it is not a single 'event' but a series of them.
Also, on Hikvision's blog, they say "Hikvision will host a US cybersecurity road show that will take place in 2018."
I am curious to see what they present and, more importantly, what else they say publicly outside of these individual events/meetings.
My guess is that it will be similar to the webinars they ran on their own and with other where they did talk about some of the recent issues and best practices. However, many of the best practices were obvious or not really best practice (change ports, etc.). Also, when discussing their issues, they claimed to have responded and fixed the issues in a few days, when in reality it took months for global firmware vs domestic Chinese to be released, and the OEMs had no idea if/when they would get their fixes.
But it is at least a start to be talking about it, but it needs to be more than just spin or PR control.
I wonder if they are offering accredited continuing education credits for the event.
Why has Chuck not responded to the WSJ article?
This road show 'series' he is doing (as the only speaker in attendance) is 4 shows all in 1 week.
So I am sure he is actively engaged in preparing for that week in December, but as the Director of Cyber Security at Hikvision USA, one would think that he would be the one leading their response to this article.
So far, not...
Why has Chuck not responded to the WSJ article?... leading their response to this article.
In fairness to him, this is a Hikvision board of director / communist party decision (see their 'exclusive' 'interview' with the Chinese government news). I assume eventually they will authorize him to speak publicly but the issue is too big to let overseas staff immediately respond.
I agree with you that this is exactly what is happening.
In fairness to him, and his newly-minted position, Hikvision China should've already provided him the appropriate response so that he could lead the NA response to a NA major newspaper story relating specifically to his newly-minted position's title.
The confounding factor is the Chinese government ownership issue. If the WSJ article was just about cybersecurity, I doubt the Hikvision high command would be that concerned.
It's the coverage of the government ownership and, worse, relating it to their cybersecurity problems.
The most likely outcome is that they order Davis to simply repeat the party line about government ownership but that's a sensitive topic beyond cybersecurity.
Some "road show" with a whopping total of FOUR cities they're hitting...
whopping total of FOUR cities
In fairness, Hikvision says they are doing another cybersecurity roadshow series in the US in 2018.
I believe it simply because Hikvision has shown a willingness to spend a lot on these type of events even before the whole government/cybersecurity crisis. I suspect the Canada one is sort of a dry run to figure out the messaging, attendance feedback, etc.
I suspect the Canada one is sort of a dry run to figure out the messaging, attendance feedback, etc.
Agreed, but they best have their story straight before they consider going on to Mexico...
Propaganda...that's what it will be, nothing else...
2018 Hikvision cybersecurity US tour first date announced - LA March 27th.
Other cities with planned stops include Miami, Las Vegas, Boston, Chicago, Washington DC, Atlanta, Philadelphia, St. Louis, Houston, Phoenix and New York City, dates not yet disclosed.
Im curious, since IPVM is heavily invested in this topic, if IPVM will be attending?
USA dates released:
Sean, they appear to be skipping your region. Still aboard the trunkslammer train or did it derail?
New: Hikvision has announced a 7 city European cybersecurity roadshow:
7 stops total:
The roadshow will kick off in Frankfurt, Germany on September 18th and travel to seven cities in September and October, including Oslo, Copenhagen, Helsinki, and four cities in the Netherlands.
The US cybersecurity roadshows ended quite a while ago, it might be nearly a year since the last one. However, Hikvision’s Director of Cybersecurity for North America, Chuck Davis, is going to Europe for this series.
Not having these in the US is understandable, as after the US government ban, these would be awkward, at best.
These events likely indicate Hikvision is feeling some effects from the US, e.g., Hikvision has recently been scrutinized In the Netherlands, where 4 of these sessions will be taking place.
It is not clear how much these roadshows help Hikvision. Their message is simultaneously sound yet besides the point - yes, there are ways that should be taken to improve cybersecurity but if an organization is not trusted (e.g., owned by the Chinese government), this tends to negate basic cybersecurity advice about passwords, etc.
Their lobby is on, they claim in an official dutch Hikvision statement that the are privately owned ?
Source: " Hikvision is sinds 2010 een beursgenoteerd bedrijf op de Shenzhen Stock Exchange en is voor 58% in particulier bezit. De medeoprichter en hoofdinvesteerder van het bedrijf is een inwoner van Hong Kong. Om deze reden, in tegenstelling tot wat Nieuwsuur heeft verteld, is het Hikvision volgende de Chinese wet niet toegestaan om onderzoek en ontwikkeling uit te voeren voor het Chinese leger. "
The google translation: "Hikvision has been a listed company on the Shenzhen Stock Exchange since 2010 and is 58% privately owned. The co-founder and main investor of the company is a resident of Hong Kong. For this reason, contrary to what Nieuwsuur has told, Hikvision is not allowed under Chinese law to conduct research and development for the Chinese army."
Source: Hikvision start Europese Cyber Security Tour - BeveiligingNieuws
The Roadshow is led by Chuck Davis, Hikvision’s Director of Cybersecurity for North America, “Cybersecurity and Video Surveillance: Presented by Hikvision" roadshows will consist of a 90-minute interactive education session about cybersecurity, cyber threats and vulnerabilities, myths about the video surveillance industry, and best practices to mitigate those threats and vulnerabilities. He is going to teach the Dutch ! Right !
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.