NSA Director Keynoting Dahua and Hikvision Sponsored Cybersecurity Conference [Canceled]

By: John Honovich, Published on Jun 13, 2019

The technical director for the NSA’s Cybersecurity Threat Operations Center will be keynoting a physical security cybersecurity conference that is being sponsored by Dahua and Hikvision, banned by the US government for security risks.

[CANCELED: the keynote has been canceled, with SIA, the organizer, only saying "The NSA canceled due to a scheduling conflict and requested they be kept in mind for future sessions."]

The organizer of the conference, the Security Industry Association, explained to IPVM that while Dahua and Hikvision are banned for US government use, they are not banned from sponsoring conferences where US government intelligence officials are keynoting, saying:

Cyber:Secured Forum is intended to provide attendees with a variety of perspectives and information that can help strengthen the cyber-hardening policies of the predominantly corporate attendees and their customers. It is not a federal government sales conference. Private sector attendees at industry events such as this conference frequently apply the insights provided by government and industry speakers, sponsors and fellow attendees to their commercial strategies. Moreover, nothing under Section 889 of the NDAA restricts the ability of affected companies to participate in any educational conferences as sponsors. We welcome the participation of SIA members and businesses which support the goal of educating the industry about cybersecurity. [emphasis added]

However, the NSA director keynotes many events and has made clear the risks from China, as the excerpt below shows, where he observes that 'China is everywhere', 'they are stealing our property', 'the greatest transfer of intellectual property in our nation':

In particular, Hikvision is owned and controlled by the Chinese government, as their 2018 financials confirm:

No alt text provided for this image

Plus Hikvision's Chairman and Communist Party Secretary is a member of the PRC government.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

Nonetheless, Hikvision is happy to sponsor and market this as their recent promotion showed:

  

From Hikvision's perspective, it certainly makes sense, positioning themselves as a PRC government-owned entity happily side by side with the NSA director at a cybersecurity conference. And this event sponsorship is inexpensive compared to the more than a million they have spent lobbying Congress and another million on political PR.

Buying Validation - United Front and Confucious Institutes

Dahua and Hikvision are buying validation, much like the PRC does, more generally, with the United Front and Confucious Institutes. This is something the US government, through the U.S.-China Economic and Security Review Commission is well aware of, as the 2018 "China’s Overseas United Front Work Background and Implications for the United States" report details. Indeed, the US government has banned the use of defense funding for organizations taking money from the PRC's Confucious Institutes.

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests, allowing these PRC organizations and their paid-off partners (like SIA), to pretend everything is fine and that the US government is mistaken and that the real allies of the US are organizations like Dahua and Hikvision, happy to fund these events.

Industry Bought Off

Those outside the physical security industry may find it confusing that a US non-profit like SIA would accept cybersecurity sponsorships from PRC organizations banned for security risks, including one owned by the PRC government.

Unfortunately, many physical security 'leaders' have effectively been bought off by the unprecedented amount of marketing money these now US government banned organizations are willing to spend.

1 report cite this report:

2019 Mid-Year Video Surveillance Guide on Jul 01, 2019
IPVM's new 400+ page Mid-Year Industry Guide brings all of these issues and events together in a single resource to read and review. It can be...

Comments (30)

Only IPVM PRO Members may comment. Login or Join.

As he is an appointed official as part of the NSA, do you have contact information for this individual so that we may contact him or anyone involved to voice our concern and disgust at this situation?

We don't have his direct contact information but I forwarded it through some US government contacts last week.

I bet he is not even aware of this, as he speaks at many conferences and I would assume he reasonably assumes that banned companies would not be allowed to sponsor him.

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests, allowing these PRC organizations and their paid off partners (like SIA), to pretend everything is fine and that the US government is mistaken and that the real allies of the US are organizations like Dahua and Hikvision, happy to fund these events.
Industry Bought Off
Those outside the physical security industry may find it confusing that a US non-profit like SIA would accept cybersecurity sponsorships from PRC organizations banned for security risks, including one owned by the PRC government.
Unfortunately, many physical security 'leaders' have effectively been bought off by the unprecedented amount of marketing money these now US government banned organizations are willing to spend.

Great summary and conclusion to your article.  I am in no position to know the reasoning behind the decision to allow "The technical director for the NSA’s Cybersecurity Threat Operations Center will be keynoting a physical security cybersecurity conference that is being sponsored by Dahua and Hikvision, banned by the US government for security risks".  However, it deserves investigation and explanation. 

Hopefully, there is some logic to having an NSA cybersecurity official of this caliber, whose agency has "banned for US government uses" the very parties' products who are standing "shoulder to shoulder" with himself and the Security Industry Association officials at such an event.  At the same time we, as security solution integrators, are charged with making decisions as to whether these same manufacturer partners qualify for being specified and used in those facilities and communication networks other than the federal government owned and operated communication networks?

Mirrors to the video excerpt? No good anymore....

I fixed the video, viewable above and viewable here.

Thanks. Are government employee keynote speakers paid or is this a fee that goes directly to the agency/branch? I know someone would probably spin this as "NSA Director Paid By China!". 

 

Interesting how this will play out, but I can imagine his staff would probably at least let him know about this potential conflict now. 

I doubt the NSA director is being paid. This strikes me as more of an outreach to industry than a money-making opportunity. The NSA has a reported ~$11 billion budget so they have no need for handouts.

Hikvision excels at this game, like with the FIPS certification. They use it to cast doubt and sow confusion. "Hey all I can say is last week we sponsored the NSA director's keynote and they were really happy to have us."

I do not think it will be something where he is noted as being paid, but rather ignorant.  I have to admit that as much as the NSA seems like an omniscient cyber-boogeyman this article sure does show some serious flaws in the NSA intelligence gathering for this event.

Is this conference primarily sponsored by Hikua or are they one of many?

SIA is looking for 31 sponsors total:

There are 14 sponsors so far listed, no Gold and Platinum. Dahua and Hikvision are bronze.

I am in a position to purchase a sponsorship for this event, however it is clear this is going to be more of a superficial boondoggle than a worthwhile event. I wish more manufacturers would pressure SIA to actually have a backbone.

There are speaking fees, and then there are room comps, flights, car service, dinners, gifts, etc. How much does SIA provide to the keynote speaker? This would be where I would dig. As a Fed employee he should be barred from these comps as well. Right?

In an unrelated story, Deputy Administrator Andrew Wheeler of the Environmental Protection Agency will be the keynote speaker on global warming sponsored by Dow Chemicals, Westmoreland Coal and Exxon Mobile.

And the original shill, Ajit Pai, will continue to play Santa Claus at the Verizon Christmas party.

But Trump said global warming is a hoax and fake news anyway.

and we all know Trump knows more about both subjects than probably anyone else !  lol

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests...

where are you placing blame here? the gov or SIA?

 

SIA, for sure. 

The NSA director does not go to a US telecom conference and expect it to be sponsored by Huawei, nor does he go to a physical security one and expect it to be sponsored by the Chinese's government video surveillance manufacturer.

SIA does not want to offend two of its largest members, even though it's pretty obvious that this is not the type of conference, given what US law is, that Dahua and Hikvision should be sponsoring.

I am curious to see how this will end up, will the NSA director really end up speaking behind a banner of sponsors featuring Dahua and Hikvision?

It's not "malum prohibitum" but, it's definitely "malum in se". In other words, it may not violate a statute but, IMHO, it's inherently wrong by nature, independent of regulations governing the conduct.

 

Some food for thought:

Consider the ultimate authority for Dave Hogue, Technical Director, NSA, Cybersecurity Threat Operations Center, who's actions and words are often malum in se AND malum prohibitum. 

Also, China's PLA Unit 61398 is the Military Unit Cover Designator (MUCD)[1] of a People's Liberation Army advanced persistent threat unit that "has been alleged to be" a source of Chinese Hackers. In 2013, China openly admitted to having secretive cyber warfare units in both the military and the civilian part of the government – however, the details of their activities were left to speculation. As a show of force towards the rest of the global community the Chinese government now openly lists their abilities when it comes to digital spying and network attack capabilities.

The Chinese government's involvement (directly through Hikvision and Dahua) in this Cybersecurity Conference is yet another action by our own government to subject the U.S. to vulnerabilities to known enemies. The words of Abraham Lincoln to honor soldiers that sacrificed their lives in order “that government of the people, by the people, for the people, shall not perish from the earth” were spoken at Gettysburg, but these words apply as well to the countless soldiers and intelligence officers that gave their lives or limbs for the cause of our democracy before and since Gettysburg. Allowing such vulnerabilities is yet another dishonor to the sacrifices of these heroes.

Let's not let our democracy perish from the earth from a catastrophic event or from the effect of "1,000 paper-cuts" (letting many seemingly innocuous vulnerabilities exist).

All this of course is my own humble opinion and not that of any other person or company.

Best,

David J. Coughlin, CPP, Esq.

 

Update: Now Hikvision has deleted their social media promotions of them sponsoring the NSA Director's keynote.

unproving “your point” :)

As a side note, SIA has reserved an hour for the manufacturers who are willing to pay them $25,000.  Only problem, no one wants to pay that so far, so it is empty:

This is, unfortunately, not unique, see: ASIS Sells GSX 2019 Education Sessions and 'Independent' Security Consultant Organization Sells Off Speaking Slots To Manufacturers, though the IAPSC refused to take sponsorship money from Dahua and Hikvision, citing cybersecurity concerns.

Update: the links announcing this keynote on SIA and the conference's website no longer work. We are checking with SIA to clarify what is the status (changed links, changed plans, etc.).

I predict that the speaker will pull out due to a scheduling conflict, as other staff members scheduled it without consulting.. 

Update: the keynote has been canceled, with SIA, the organizer, only saying "The NSA canceled due to a scheduling conflict and requested they be kept in mind for future sessions."

I wonder when SIA (and Hik) are going to get their act together and realize people are done putting up with their lack of ethics when it comes to cybersecurity and product positioning.

Good to see this keynote has been cancelled. It should have never been scheduled in the first place.

Furthermore, it would be nice if a requirement for sponsoring a cyber security event were that the sponsors didn't have a collection highly critical CVE's amassed.

 

putting up with their lack of ethics

On a related note, SIA has just started an ethics committee:

Ethics and Tech Working Group

The SIA Board of Directors recently approved the formation of a working group to develop SIA’s position on the topic of ethical use of security technologies. As policymakers in the U.S. and the EU consider developing guidelines for the responsible use of technology, this new SIA working group will make recommendations to the SIA board on the application of certain technologies, such as artificial intelligence, for security in an ethical and appropriate manner that builds trust throughout the security ecosystem and with the general public. For more information and to get involved, contact me at derickson@securityindustry.org.

I joined it a few weeks ago but have not yet received any further word on progress nor meetings.

Called it!! :)

Take a bow!

The 'scheduling conflict' is the conference equivalent of executives who resign to 'spend more time with their families'...

Related Reports on China

US State Department: "Chinese Tech Giants" "Tools of the Chinese Communist Party" on Sep 12, 2019
The US State Department has called out "Chinese tech giants" for being "tools of the Chinese Communist Party" in a blunt new speech that makes...
Hikvision Lobbying Against And Preparing For Potential US Sanctions on Sep 09, 2019
Hikvision has been lobbying against and preparing for potential US sanctions, according to US government records, financial filings and partner...
Megvii Financials and Growth Examined on Aug 30, 2019
Megvii has already received more than a billion dollars in investment. Now, the company, a top China facial recognition provider, has filed for an...
In China, Foreign AI Companies Banned or Disadvantaged, Says Top China AI Company on Aug 28, 2019
Non-China (PRC) companies are prejudiced and unfairly targeted inside of the PRC's booming AI market, which not only denies them revenue inside of...
China Dahua To Replace Their Software With US Pepper on Aug 22, 2019
What does a US government banned company do to improve its security positioning in the US? Well, Dahua is unveiling a novel solution, partnering...
Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Biometrics Usage Statistics 2019 on Aug 13, 2019
Biometrics are commonly used in phones, but how frequently are they used for access? 150+ integrators told us how often they use biometrics,...
US Government Ban of Dahua, Hikvision, Huawei Takes Effect Now on Aug 13, 2019
The 'prohibition on use or procurement' of Dahua, Hikvision and Huawei products and 'essential components' take effect today, August 13, 2019, one...
Hikvision Global News Reports Directory on Aug 11, 2019
Hikvision has received the most global news reporting of any video surveillance company, ever, ranging from the WSJ, the Financial Times, Reuters,...
Stanley Makes "Multi-Million Dollar Investment" Into Banned Hikvision Products on Aug 09, 2019
Just days from the US government ban going into effect, US mega-corporation Stanley has dramatically increased its imports of banned Hikvision...

Most Recent Industry Reports

Open Access Controller Guide (Axis, HID, Isonas, Mercury) on Sep 19, 2019
In the access control market, there are many software platforms, but only a few companies that make non-proprietary door controllers. Recently,...
Axis Perimeter Defender Improves, Yet Worse Than Dahua and Wyze on Sep 19, 2019
While Axis Perimeter Defender analytics improved from our 2018 testing, the market has improved much faster, with much less expensive offerings...
Directory of 68 Video Surveillance Startups on Sep 18, 2019
This directory provides a list of video surveillance startups to help you see and research what companies are new or not yet broadly known. 2019...
Uniview Prime Series 4K Camera Tested on Sep 18, 2019
Is the new Uniview 'Prime' better than the more expensive existing Uniview 'Pro'? In August, IPVM tested Uniview 4K 'Pro' but members advocated...
US Army Base To Buy Banned Honeywell Surveillance on Sep 17, 2019
The U.S. Army's Fort Gordon, home to their Cyber Center of Excellence, has issued a solicitation to purchase Honeywell products that are US...
Vivotek "Neural Network-Powered Detection Engine" Analytics Tested on Sep 17, 2019
Vivotek has released "a neural network-powered detection engine", named Smart Motion Detection, claiming that "swaying vegetation, vehicles passing...
Schmode is Back, Aims To Turn Boulder AI Into Giant on Sep 16, 2019
One of the most influential and controversial executives in the past decade is back. Bryan Schmode ascended and drove the hypergrowth of Avigilon...
Manufacturers Unhappy With Weak ASIS GSX 2019 And 2020 Shift on Sep 16, 2019
Manufacturers were generally unhappy with ASIS GSX, both for weak 2019 booth traffic and a scheduling shift for the 2020 show, according to a new...
How Cobalt Robotics May Disrupt Security on Sep 13, 2019
While security robots have largely become a joke over the last few years, one organization, Cobalt Robotics, has raised $50+ million from top US...
Panasonic 4K Camera Tested (WV-S2570L) on Sep 13, 2019
Panasonic has released their latest generation 4K dome, the WV-S2570L, claiming "Extreme image quality allows evidence to be captured even under...