NSA Director Keynoting Dahua and Hikvision Sponsored Cybersecurity Conference [Canceled]

By: John Honovich, Published on Jun 13, 2019

The technical director for the NSA’s Cybersecurity Threat Operations Center will be keynoting a physical security cybersecurity conference that is being sponsored by Dahua and Hikvision, banned by the US government for security risks.

[CANCELED: the keynote has been canceled, with SIA, the organizer, only saying "The NSA canceled due to a scheduling conflict and requested they be kept in mind for future sessions."]

The organizer of the conference, the Security Industry Association, explained to IPVM that while Dahua and Hikvision are banned for US government use, they are not banned from sponsoring conferences where US government intelligence officials are keynoting, saying:

Cyber:Secured Forum is intended to provide attendees with a variety of perspectives and information that can help strengthen the cyber-hardening policies of the predominantly corporate attendees and their customers. It is not a federal government sales conference. Private sector attendees at industry events such as this conference frequently apply the insights provided by government and industry speakers, sponsors and fellow attendees to their commercial strategies. Moreover, nothing under Section 889 of the NDAA restricts the ability of affected companies to participate in any educational conferences as sponsors. We welcome the participation of SIA members and businesses which support the goal of educating the industry about cybersecurity. [emphasis added]

However, the NSA director keynotes many events and has made clear the risks from China, as the excerpt below shows, where he observes that 'China is everywhere', 'they are stealing our property', 'the greatest transfer of intellectual property in our nation':

In particular, Hikvision is owned and controlled by the Chinese government, as their 2018 financials confirm:

No alt text provided for this image

Plus Hikvision's Chairman and Communist Party Secretary is a member of the PRC government.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

Nonetheless, Hikvision is happy to sponsor and market this as their recent promotion showed:

  

From Hikvision's perspective, it certainly makes sense, positioning themselves as a PRC government-owned entity happily side by side with the NSA director at a cybersecurity conference. And this event sponsorship is inexpensive compared to the more than a million they have spent lobbying Congress and another million on political PR.

Buying Validation - United Front and Confucious Institutes

Dahua and Hikvision are buying validation, much like the PRC does, more generally, with the United Front and Confucious Institutes. This is something the US government, through the U.S.-China Economic and Security Review Commission is well aware of, as the 2018 "China’s Overseas United Front Work Background and Implications for the United States" report details. Indeed, the US government has banned the use of defense funding for organizations taking money from the PRC's Confucious Institutes.

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests, allowing these PRC organizations and their paid-off partners (like SIA), to pretend everything is fine and that the US government is mistaken and that the real allies of the US are organizations like Dahua and Hikvision, happy to fund these events.

Industry Bought Off

Those outside the physical security industry may find it confusing that a US non-profit like SIA would accept cybersecurity sponsorships from PRC organizations banned for security risks, including one owned by the PRC government.

Unfortunately, many physical security 'leaders' have effectively been bought off by the unprecedented amount of marketing money these now US government banned organizations are willing to spend.

2 reports cite this report:

The Cowardly, Greedy "Leaders" of Video Surveillance - SIA on Nov 19, 2019
The video surveillance industry suffers from cowardly, greedy 'leaders' focused on maximizing easy money while undermining public trust. The...
2019 Mid-Year Video Surveillance Guide on Jul 01, 2019
IPVM's new 400+ page Mid-Year Industry Guide brings all of these issues and events together in a single resource to read and review. It can be...

Comments (32)

Only IPVM Members may comment. Login or Join.

As he is an appointed official as part of the NSA, do you have contact information for this individual so that we may contact him or anyone involved to voice our concern and disgust at this situation?

We don't have his direct contact information but I forwarded it through some US government contacts last week.

I bet he is not even aware of this, as he speaks at many conferences and I would assume he reasonably assumes that banned companies would not be allowed to sponsor him.

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests, allowing these PRC organizations and their paid off partners (like SIA), to pretend everything is fine and that the US government is mistaken and that the real allies of the US are organizations like Dahua and Hikvision, happy to fund these events.
Industry Bought Off
Those outside the physical security industry may find it confusing that a US non-profit like SIA would accept cybersecurity sponsorships from PRC organizations banned for security risks, including one owned by the PRC government.
Unfortunately, many physical security 'leaders' have effectively been bought off by the unprecedented amount of marketing money these now US government banned organizations are willing to spend.

Great summary and conclusion to your article.  I am in no position to know the reasoning behind the decision to allow "The technical director for the NSA’s Cybersecurity Threat Operations Center will be keynoting a physical security cybersecurity conference that is being sponsored by Dahua and Hikvision, banned by the US government for security risks".  However, it deserves investigation and explanation. 

Hopefully, there is some logic to having an NSA cybersecurity official of this caliber, whose agency has "banned for US government uses" the very parties' products who are standing "shoulder to shoulder" with himself and the Security Industry Association officials at such an event.  At the same time we, as security solution integrators, are charged with making decisions as to whether these same manufacturer partners qualify for being specified and used in those facilities and communication networks other than the federal government owned and operated communication networks?

Mirrors to the video excerpt? No good anymore....

I fixed the video, viewable above and viewable here.

Thanks. Are government employee keynote speakers paid or is this a fee that goes directly to the agency/branch? I know someone would probably spin this as "NSA Director Paid By China!". 

 

Interesting how this will play out, but I can imagine his staff would probably at least let him know about this potential conflict now. 

I doubt the NSA director is being paid. This strikes me as more of an outreach to industry than a money-making opportunity. The NSA has a reported ~$11 billion budget so they have no need for handouts.

Hikvision excels at this game, like with the FIPS certification. They use it to cast doubt and sow confusion. "Hey all I can say is last week we sponsored the NSA director's keynote and they were really happy to have us."

I do not think it will be something where he is noted as being paid, but rather ignorant.  I have to admit that as much as the NSA seems like an omniscient cyber-boogeyman this article sure does show some serious flaws in the NSA intelligence gathering for this event.

Is this conference primarily sponsored by Hikua or are they one of many?

SIA is looking for 31 sponsors total:

There are 14 sponsors so far listed, no Gold and Platinum. Dahua and Hikvision are bronze.

I am in a position to purchase a sponsorship for this event, however it is clear this is going to be more of a superficial boondoggle than a worthwhile event. I wish more manufacturers would pressure SIA to actually have a backbone.

There are speaking fees, and then there are room comps, flights, car service, dinners, gifts, etc. How much does SIA provide to the keynote speaker? This would be where I would dig. As a Fed employee he should be barred from these comps as well. Right?

In an unrelated story, Deputy Administrator Andrew Wheeler of the Environmental Protection Agency will be the keynote speaker on global warming sponsored by Dow Chemicals, Westmoreland Coal and Exxon Mobile.

And the original shill, Ajit Pai, will continue to play Santa Claus at the Verizon Christmas party.

But Trump said global warming is a hoax and fake news anyway.

and we all know Trump knows more about both subjects than probably anyone else !  lol

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests...

where are you placing blame here? the gov or SIA?

 

SIA, for sure. 

The NSA director does not go to a US telecom conference and expect it to be sponsored by Huawei, nor does he go to a physical security one and expect it to be sponsored by the Chinese's government video surveillance manufacturer.

SIA does not want to offend two of its largest members, even though it's pretty obvious that this is not the type of conference, given what US law is, that Dahua and Hikvision should be sponsoring.

I am curious to see how this will end up, will the NSA director really end up speaking behind a banner of sponsors featuring Dahua and Hikvision?

It's not "malum prohibitum" but, it's definitely "malum in se". In other words, it may not violate a statute but, IMHO, it's inherently wrong by nature, independent of regulations governing the conduct.

 

Some food for thought:

Consider the ultimate authority for Dave Hogue, Technical Director, NSA, Cybersecurity Threat Operations Center, who's actions and words are often malum in se AND malum prohibitum. 

Also, China's PLA Unit 61398 is the Military Unit Cover Designator (MUCD)[1] of a People's Liberation Army advanced persistent threat unit that "has been alleged to be" a source of Chinese Hackers. In 2013, China openly admitted to having secretive cyber warfare units in both the military and the civilian part of the government – however, the details of their activities were left to speculation. As a show of force towards the rest of the global community the Chinese government now openly lists their abilities when it comes to digital spying and network attack capabilities.

The Chinese government's involvement (directly through Hikvision and Dahua) in this Cybersecurity Conference is yet another action by our own government to subject the U.S. to vulnerabilities to known enemies. The words of Abraham Lincoln to honor soldiers that sacrificed their lives in order “that government of the people, by the people, for the people, shall not perish from the earth” were spoken at Gettysburg, but these words apply as well to the countless soldiers and intelligence officers that gave their lives or limbs for the cause of our democracy before and since Gettysburg. Allowing such vulnerabilities is yet another dishonor to the sacrifices of these heroes.

Let's not let our democracy perish from the earth from a catastrophic event or from the effect of "1,000 paper-cuts" (letting many seemingly innocuous vulnerabilities exist).

All this of course is my own humble opinion and not that of any other person or company.

Best,

David J. Coughlin, CPP, Esq.

 

Update: Now Hikvision has deleted their social media promotions of them sponsoring the NSA Director's keynote.

unproving “your point” :)

As a side note, SIA has reserved an hour for the manufacturers who are willing to pay them $25,000.  Only problem, no one wants to pay that so far, so it is empty:

This is, unfortunately, not unique, see: ASIS Sells GSX 2019 Education Sessions and 'Independent' Security Consultant Organization Sells Off Speaking Slots To Manufacturers, though the IAPSC refused to take sponsorship money from Dahua and Hikvision, citing cybersecurity concerns.

Update: the links announcing this keynote on SIA and the conference's website no longer work. We are checking with SIA to clarify what is the status (changed links, changed plans, etc.).

I predict that the speaker will pull out due to a scheduling conflict, as other staff members scheduled it without consulting.. 

Update: the keynote has been canceled, with SIA, the organizer, only saying "The NSA canceled due to a scheduling conflict and requested they be kept in mind for future sessions."

I wonder when SIA (and Hik) are going to get their act together and realize people are done putting up with their lack of ethics when it comes to cybersecurity and product positioning.

Good to see this keynote has been cancelled. It should have never been scheduled in the first place.

Furthermore, it would be nice if a requirement for sponsoring a cyber security event were that the sponsors didn't have a collection highly critical CVE's amassed.

 

putting up with their lack of ethics

On a related note, SIA has just started an ethics committee:

Ethics and Tech Working Group

The SIA Board of Directors recently approved the formation of a working group to develop SIA’s position on the topic of ethical use of security technologies. As policymakers in the U.S. and the EU consider developing guidelines for the responsible use of technology, this new SIA working group will make recommendations to the SIA board on the application of certain technologies, such as artificial intelligence, for security in an ethical and appropriate manner that builds trust throughout the security ecosystem and with the general public. For more information and to get involved, contact me at derickson@securityindustry.org.

I joined it a few weeks ago but have not yet received any further word on progress nor meetings.

Called it!! :)

Take a bow!

The 'scheduling conflict' is the conference equivalent of executives who resign to 'spend more time with their families'...

Update: Now, the entire Cyber Secured Forum is canceled. SIA confirmed that:

In lieu of a standalone event for 2020, Cyber:Secured Forum’s cybersecurity focused education will be incorporated into a dedicated track within PSA TEC 2020, and SIA will also continue to develop and deliver cybersecurity education via other online and in-person formats, including within the ISC events.

Note: here are the Dahua and Hikvision booths at the 2019 Cyber Secured Forum event:

Related Reports

UK Stands Behind Hikvision But Controversy Continues on Feb 18, 2020
Hikvision is exhibiting at a UK government conference for law enforcement, provoking controversy from the press, politicians, and activists due to...
Coronavirus Impacting Hikvision and China Manufacturers on Feb 03, 2020
The coronavirus epidemic spreading through China has started to impact video surveillance manufacturers. In this note, we examine what is...
"Hikvision Football Arena" Lithuania Causes Controversy on Jan 24, 2020
Controversy has arisen in Lithuania over Hikvision becoming a soccer team's top sponsor and gaining naming rights to their arena, with one local MP...
The 2020 Video Surveillance Industry Guide on Dec 20, 2019
The 300-page, 2020 Video Surveillance Industry Guide covers the key events and the future of the video surveillance market, is now available, group...
The Cowardly, Greedy "Leaders" of Video Surveillance - SIA on Nov 19, 2019
The video surveillance industry suffers from cowardly, greedy 'leaders' focused on maximizing easy money while undermining public trust. The...
Hikvision Dissolves North American Business Unit, Splits Canada and USA on Oct 15, 2019
Hikvision has dissolved its North American Business Unit, splitting up US and Canada operations as the PRC-government owned manufacturer faces...
Dahua Celebrates PRC 70th Wearing Communist Party Hammer and Sickle on Oct 11, 2019
Dahua celebrated the PRC's 70th anniversary with a video of various Dahua employees wearing China Communist Party hammer and sickle pins as shown...
IFSEC Report: US Ban Hurting Hikvision In Europe on Sep 04, 2019
Prominent UK publication IFSEC Global has issued a new report finding that US bans are impacting the purchase of 'Chinese' products, most notably...
Hikvision VP On Muslim Oppression on May 14, 2019
Hikvision has won tens of millions of dollars, at least, in direct contracts with the Chinese government that oppresses Muslims, including a forced...
Hikvision Conducts Military Training For New Employees on Apr 04, 2019
Hikvision's new employees recently completed a boot camp where they wore Chinese army uniforms and were trained by former army personnel, as shown...

Most Recent Industry Reports

Viakoo Presents Cyber Hygiene for Cameras on May 28, 2020
Viakoo presented its 'Cyber Hygiene' and 'Service Assurance' products at the April 2020 IPVM New Products show. Inside this report: A...
Seek Scan Thermal Temperature Screening System ReTested on May 28, 2020
Now that IPVM has tested Dahua, Hikvision, and Sunell, we are returning to Seek, the first blackbody system we tested and retested it with our...
Directory of 106 "Fever" Camera Suppliers on May 28, 2020
This directory provides a list of "Fever" scanning thermal camera providers to help you see and research what options are available. There are...
Fever Cameras Are Medical Devices, Per The FDA, Dahua, Feevr, Hikvision, InVid Contrary Claims Are False on May 28, 2020
Fever cameras are medical devices, despite what euphemisms various sellers use. The US FDA clearly categorizes them as medical devices and...
Wyze Raises $10 Million And Seeks Services Expansion on May 27, 2020
Wyze has raised $10 million, the company's first disclosed raise since the $20 million announced at the beginning of 2019. Inside this note,...
Startup Videoloft Presents Cloud Storage on May 27, 2020
Videoloft presented offsite cloud storage at the May 2020 IPVM Startups show. A 30-minute video from Videoloft including IPVM...
Directory of 300+ Fever Camera News Reports Globally on May 27, 2020
This global directory tracks 300+ articles about thermal cameras used to detect fevers in response to the coronavirus pandemic. Articles are...
Integrators Rising Against Coronavirus on May 27, 2020
IPVM integrator statistics make it clear - Coronavirus's impact on business is lessening and many are anticipating even better news in weeks...
Netposa Stock Surges 46% After US Human Rights Abuse Sanctions on May 27, 2020
Last Friday, the US government announced it would sanction PRC video management provider NetPosa for being "complicit in human rights violations...
LILIN Presents NDAA-Compliant P2 Cameras on May 26, 2020
Merit LILIN presented its NDAA-compliant P2 camera series at the April 2020 IPVM New Products show. Inside this report: A 30-minute video...