NSA Director Keynoting Dahua and Hikvision Sponsored Cybersecurity Conference [Canceled]

By: John Honovich, Published on Jun 13, 2019

The technical director for the NSA’s Cybersecurity Threat Operations Center will be keynoting a physical security cybersecurity conference that is being sponsored by Dahua and Hikvision, banned by the US government for security risks.

[CANCELLED: the keynote has been canceled, with SIA, the organizer, only saying "The NSA canceled due to a scheduling conflict and requested they be kept in mind for future sessions."]

NSA director sponsored by Dahua and Hikvision

The organizer of the conference, the Security Industry Association, explained to IPVM that while Dahua and Hikvision are banned for US government use, they are not banned from sponsoring conferences where US government intelligence officials are keynoting, saying:

Cyber:Secured Forum is intended to provide attendees with a variety of perspectives and information that can help strengthen the cyber-hardening policies of the predominantly corporate attendees and their customers. It is not a federal government sales conference. Private sector attendees at industry events such as this conference frequently apply the insights provided by government and industry speakers, sponsors and fellow attendees to their commercial strategies. Moreover, nothing under Section 889 of the NDAA restricts the ability of affected companies to participate in any educational conferences as sponsors. We welcome the participation of SIA members and businesses which support the goal of educating the industry about cybersecurity. [emphasis added]

However, the NSA director keynotes many events and has made clear the risks from China, as the excerpt below shows, where he observes that 'China is everywhere', 'they are stealing our property', 'the greatest transfer of intellectual property in our nation':

In particular, Hikvision is owned and controlled by the Chinese government, as their 2018 financials confirm:

No alt text provided for this image

Plus Hikvision's Chairman and Communist Party Secretary is a member of the PRC government.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

Nonetheless, Hikvision is happy to sponsor and market this as their recent promotion showed:

From Hikvision's perspective, it certainly makes sense, positioning themselves as a PRC government-owned entity happily side by side with the NSA director at a cybersecurity conference. And this event sponsorship is inexpensive compared to the more than a million they have spent lobbying Congress and another million on political PR.

Buying Validation - United Front and Confucious Institutes

Dahua and Hikvision are buying validation, much like the PRC does, more generally, with the United Front and Confucious Institutes. This is something the US government, through the U.S.-China Economic and Security Review Commission is well aware of, as the 2018 "China’s Overseas United Front Work Background and Implications for the United States" report details. Indeed, the US government has banned the use of defense funding for organizations taking money from the PRC's Confucious Institutes.

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests, allowing these PRC organizations and their paid off partners (like SIA), to pretend everything is fine and that the US government is mistaken and that the real allies of the US are organizations like Dahua and Hikvision, happy to fund these events.

Industry Bought Off

Those outside the physical security industry may find it confusing that a US non-profit like SIA would accept cybersecurity sponsorships from PRC organizations banned for security risks, including one owned by the PRC government.

Unfortunately, many physical security 'leaders' have effectively been bought off by the unprecedented amount of marketing money these now US government banned organizations are willing to spend.

1 report cite this report:

2019 Mid-Year Video Surveillance Guide on Jul 01, 2019
IPVM's new 400+ page Mid-Year Industry Guide brings all of these issues and events together in a single resource to read and review. It can be...

Comments (30)

Only IPVM PRO Members may comment. Login or Join.

As he is an appointed official as part of the NSA, do you have contact information for this individual so that we may contact him or anyone involved to voice our concern and disgust at this situation?

We don't have his direct contact information but I forwarded it through some US government contacts last week.

I bet he is not even aware of this, as he speaks at many conferences and I would assume he reasonably assumes that banned companies would not be allowed to sponsor him.

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests, allowing these PRC organizations and their paid off partners (like SIA), to pretend everything is fine and that the US government is mistaken and that the real allies of the US are organizations like Dahua and Hikvision, happy to fund these events.
Industry Bought Off
Those outside the physical security industry may find it confusing that a US non-profit like SIA would accept cybersecurity sponsorships from PRC organizations banned for security risks, including one owned by the PRC government.
Unfortunately, many physical security 'leaders' have effectively been bought off by the unprecedented amount of marketing money these now US government banned organizations are willing to spend.

Great summary and conclusion to your article. I am in no position to know the reasoning behind the decision to allow "The technical director for the NSA’s Cybersecurity Threat Operations Center will be keynoting a physical security cybersecurity conference that is being sponsored by Dahua and Hikvision, banned by the US government for security risks". However, it deserves investigation and explanation.

Hopefully, there is some logic to having an NSA cybersecurity official of this caliber, whose agency has "banned for US government uses" the very parties' products who are standing "shoulder to shoulder" with himself and the Security Industry Association officials at such an event. At the same time we, as security solution integrators, are charged with making decisions as to whether these same manufacturer partners qualify for being specified and used in those facilities and communication networks other than the federal government owned and operated communication networks?

Mirrors to the video excerpt? No good anymore....

I fixed the video, viewable above and viewable here.

Thanks. Are government employee keynote speakers paid or is this a fee that goes directly to the agency/branch? I know someone would probably spin this as "NSA Director Paid By China!".

Interesting how this will play out, but I can imagine his staff would probably at least let him know about this potential conflict now.

I doubt the NSA director is being paid. This strikes me as more of an outreach to industry than a money-making opportunity. The NSA has a reported ~$11 billion budget so they have no need for handouts.

Hikvision excels at this game, like with the FIPS certification. They use it to cast doubt and sow confusion. "Hey all I can say is last week we sponsored the NSA director's keynote and they were really happy to have us."

I do not think it will be something where he is noted as being paid, but rather ignorant. I have to admit that as much as the NSA seems like an omniscient cyber-boogeyman this article sure does show some serious flaws in the NSA intelligence gathering for this event.

Is this conference primarily sponsored by Hikua or are they one of many?

SIA is looking for 31 sponsors total:

There are 14 sponsors so far listed, no Gold and Platinum. Dahua and Hikvision are bronze.

I am in a position to purchase a sponsorship for this event, however it is clear this is going to be more of a superficial boondoggle than a worthwhile event. I wish more manufacturers would pressure SIA to actually have a backbone.

There are speaking fees, and then there are room comps, flights, car service, dinners, gifts, etc. How much does SIA provide to the keynote speaker? This would be where I would dig. As a Fed employee he should be barred from these comps as well. Right?

In an unrelated story, Deputy Administrator Andrew Wheeler of the Environmental Protection Agency will be the keynote speaker on global warming sponsored by Dow Chemicals, Westmoreland Coal and Exxon Mobile.

And the original shill, Ajit Pai, will continue to play Santa Claus at the Verizon Christmas party.

But Trump said global warming is a hoax and fake news anyway.

and we all know Trump knows more about both subjects than probably anyone else ! lol

Allowing Dahua and Hikvision to sponsor such events undermines US law and interests...

where are you placing blame here? the gov or SIA?

SIA, for sure.

The NSA director does not go to a US telecom conference and expect it to be sponsored by Huawei, nor does he go to a physical security one and expect it to be sponsored by the Chinese's government video surveillance manufacturer.

SIA does not want to offend two of its largest members, even though it's pretty obvious that this is not the type of conference, given what US law is, that Dahua and Hikvision should be sponsoring.

I am curious to see how this will end up, will the NSA director really end up speaking behind a banner of sponsors featuring Dahua and Hikvision?

It's not "malum prohibitum" but, it's definitely "malum in se". In other words, it may not violate a statute but, IMHO, it's inherently wrong by nature, independent of regulations governing the conduct.

Some food for thought:

Consider the ultimate authority for Dave Hogue, Technical Director, NSA, Cybersecurity Threat Operations Center, who's actions and words are often malum in se AND malum prohibitum.

Also, China's PLA Unit 61398 is the Military Unit Cover Designator (MUCD)[1] of a People's Liberation Army advanced persistent threat unit that "has been alleged to be" a source of Chinese Hackers. In 2013, China openly admitted to having secretive cyber warfare units in both the military and the civilian part of the government – however, the details of their activities were left to speculation. As a show of force towards the rest of the global community the Chinese government now openly lists their abilities when it comes to digital spying and network attack capabilities.

The Chinese government's involvement (directly through Hikvision and Dahua) in this Cybersecurity Conference is yet another action by our own government to subject the U.S. to vulnerabilities to known enemies. The words of Abraham Lincoln to honor soldiers that sacrificed their lives in order “that government of the people, by the people, for the people, shall not perish from the earth” were spoken at Gettysburg, but these words apply as well to the countless soldiers and intelligence officers that gave their lives or limbs for the cause of our democracy before and since Gettysburg. Allowing such vulnerabilities is yet another dishonor to the sacrifices of these heroes.

Let's not let our democracy perish from the earth from a catastrophic event or from the effect of "1,000 paper-cuts" (letting many seemingly innocuous vulnerabilities exist).

All this of course is my own humble opinion and not that of any other person or company.

Best,

David J. Coughlin, CPP, Esq.

Update: Now Hikvision has deleted their social media promotions of them sponsoring the NSA Director's keynote.

unproving “your point” :)

As a side note, SIA has reserved an hour for the manufacturers who are willing to pay them $25,000. Only problem, no one wants to pay that so far, so it is empty:

This is, unfortunately, not unique, see: ASIS Sells GSX 2019 Education Sessions and 'Independent' Security Consultant Organization Sells Off Speaking Slots To Manufacturers, though the IAPSC refused to take sponsorship money from Dahua and Hikvision, citing cybersecurity concerns.

Update: the links announcing this keynote on SIA and the conference's website no longer work. We are checking with SIA to clarify what is the status (changed links, changed plans, etc.).

I predict that the speaker will pull out due to a scheduling conflict, as other staff members scheduled it without consulting..

Update: the keynote has been canceled, with SIA, the organizer, only saying "The NSA canceled due to a scheduling conflict and requested they be kept in mind for future sessions."

I wonder when SIA (and Hik) are going to get their act together and realize people are done putting up with their lack of ethics when it comes to cybersecurity and product positioning.

Good to see this keynote has been cancelled. It should have never been scheduled in the first place.

Furthermore, it would be nice if a requirement for sponsoring a cyber security event were that the sponsors didn't have a collection highly critical CVE's amassed.

putting up with their lack of ethics

On a related note, SIA has just started an ethics committee:

Ethics and Tech Working Group

The SIA Board of Directors recently approved the formation of a working group to develop SIA’s position on the topic of ethical use of security technologies. As policymakers in the U.S. and the EU consider developing guidelines for the responsible use of technology, this new SIA working group will make recommendations to the SIA board on the application of certain technologies, such as artificial intelligence, for security in an ethical and appropriate manner that builds trust throughout the security ecosystem and with the general public. For more information and to get involved, contact me at derickson@securityindustry.org.

I joined it a few weeks ago but have not yet received any further word on progress nor meetings.

Called it!! :)

Take a bow!

The 'scheduling conflict' is the conference equivalent of executives who resign to 'spend more time with their families'...

Related Reports on China

Hikvision Global News Reports Directory on Jul 15, 2019
Hikvision has received the most global news reporting of any video surveillance company, ever, ranging from the WSJ, the Financial Times, Reuters,...
Hikvision's Government Owner Website Blocked To World on Jul 11, 2019
Hikvision's PRC government owner, CETHIK, has had its website blocked outside of China, hiding a major information source proving Hikvision's...
RaySharp Revealed - Major China OEM For Western Consumer Video Surveillance on Jul 02, 2019
RaySharp is mostly unknown, even among people in the video surveillance industry, though it is a major supplier of OEM surveillance equipment such...
2019 Mid-Year Video Surveillance Guide on Jul 01, 2019
IPVM's new 400+ page Mid-Year Industry Guide brings all of these issues and events together in a single resource to read and review. It can be...
China Subway Facial Recognition System Examined on Jun 24, 2019
A China city of 6+ million people has installed facial recognition-enabled gates in subways, allowing commuters to enter stations by simply showing...
IFSEC 2019 Show Report on Jun 19, 2019
The UK's largest trade show, IFSEC, is underway and IPVM has been examining what is new and happening at the show. Inside, we cover: Huawei...
The Scheme Hikvision and China Importers Use To Avoid Tariffs on Jun 17, 2019
Hikvision and numerous China importers are avoiding 25% tariffs by including an SD card slot in their IP cameras to claim they are 'digital still...
Embattled $400 Million China Funded Philippines Surveillance System Proceeds on Jun 13, 2019
An embattled 12,000 camera surveillance system project that will cost ~$400 million will proceed.  The project contract was awarded, had its...
Dumber Techs, Bad Box Movers, Says Australian Distributor on Jun 10, 2019
Techs today are "dumber" than they used to be, despite better education and training and that makes a typical day "frustrating" for one...

Most Recent Industry Reports

Wyze Disruptive AI Analytics Tested on Jul 17, 2019
$20 camera disruptor Wyze has released free person detection deep learning analytics to all of their users, claiming users will "Only get notified...
Anyvision Aims For 2022 Revenue of $1 Billion on Jul 17, 2019
Only 3 video surveillance manufacturers do a billion dollars or more in annual revenue - Hikvision, Dahua, and Axis. Now, Anyvision plans to join...
HD Analog vs IP Guide on Jul 16, 2019
For years, HD resolution and single cable signal/power were IP camera advantages, with analog cameras limited to much lower resolution and...
How To Troubleshoot Wiegand Reader Problems - Inverted Wiring on Jul 16, 2019
Wiegand is the dominant method of connecting access readers, but problems can arise for installers. In fact, one of the most difficult reader...
ZeroEyes Gun Detection Startup on Jul 16, 2019
A gun detection video analytics startup, ZeroEyes, is being led by a group of 6 former Navy SEALs, aiming to "save lives" by using AI to assist...
Motorola Acquires Watchguard, Adds to Vigilant And Avigilon on Jul 15, 2019
2 years ago, Motorola had no position nor relevancy to video surveillance. Now, they own major video surveillance, LPR and body camera providers...
Hikvision Global News Reports Directory on Jul 15, 2019
Hikvision has received the most global news reporting of any video surveillance company, ever, ranging from the WSJ, the Financial Times, Reuters,...
Vivotek Trend Micro Cyber Security Camera App Tested on Jul 15, 2019
Vivotek and Trend Micro are claiming five million blocked attacks on IP cameras, with their jointly developed app for Vivotek cameras. This new...
Beware African 50,000 IP Camera Contract Scam on Jul 12, 2019
A “Nigerian Prince” scam for the video surveillance market is going around. You, or at least we, could be lucky enough to be the single bidder for...
Axis ARTPEC-7 P1375-E Camera Tested on Jul 12, 2019
Axis claims the new P1375-E box camera with ARTPEC-7 chip delivers "clear, sharp images in any lighting condition." But how well does it do? We...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact