Honeywell Commercial Security facilitates compliance with NIS2 Directive
By Hommax SmartSD
All Honeywell Commercial Security products go through a robust and comprehensive cyber security process to facilitate compliance with the NIS2 Directive. This process is called the Secure Development Life Cycle (SDLC) and is supported by specialist cyber security engineers.
Find out how Honeywell facilitates compliance with the NIS2 Directive
The NIS2 Directive (Network and Information Systems Security Directive) is a European Union regulation designed to improve the level of cybersecurity across the EU. This directive updates and extends the original NIS Directive (adopted in 2016) to address growing cyber threats and to adapt to technological evolution by setting stricter cybersecurity requirements.
To facilitate compliance, Honeywell has a process called "Secure Development Life Cycle" that all its products go through, based on industry best practices and standards, such as:
- Security risk assessment, based on the threat environment faced by a particular product or offering, as well as technical characteristics and customer needs.
- Security requirements and security controls based on industry standards and guidelines such as BSIMM, ISA/IEC 99/62443, ISO 27001, PCI DSS, GDPR, OWASP, applicable local laws and regulations, among others, depending on the product or offering and the Security Risk Assessment.
- Binary scanning to identify open source usage and potential vulnerabilities. Traditional motion detection is simplistic: it only looks for pixel changes, leading to a higher false alarm rate.
- Scans for OWASP Top 10 and SANS Top 25 vulnerabilities, as well as language-specific quality measures. Current SAST tools include SonarQube and Coverity depending on product and language needs.
- A formal Risk Management Policy requiring specific mitigation timelines based on severity.
- Cybersecurity review and approval by senior management prior to product launch.
- Product lifecycle support and customer notification of security updates. And a multitude of trusted tests that ensure compliance with the most rigorous cybersecurity standards.
Improve the cybersecurity of your facilities with Honeywell Commercial Security solutions.
Honeywell helps you comply with the NIS2 directive, thanks to the multiple features and functionalities included in its video, access and intrusion products to improve the security and cybersecurity of the facilities and assets to be protected.
FIPS/TPM integrated encryption chipsets
Audit and compliance reporting
Transparent mode access readers
IT asset traceability
Maximum security through cryptographic co-processors
TLS 1.2, AES 128/256-bit, point-to-point with OSDP v2 and video stream encryption for perimeter protection
Encrypted Ethernet connection and encrypted communications (HTTPS) with web clients and mobile apps
Multi-factor authentication and biometrics for IT security, technical and data storage rooms
Soluciones de Videovigilancia IP que cumplen con NIS2
Are any of your installations at risk of security vulnerability?
Although Honeywell guarantees compliance with NIS2, if a situation arises where there is a risk of security vulnerability or if users are concerned about the security of installed products/systems, Honeywell is open to receiving reports from independent researchers, industry organisations, suppliers and customers that are intended to report a potential vulnerability. This allows the vulnerability to be investigated and remediated before the reporter discloses the information to the public.
All information on how to report a vulnerability and the process undertaken to address the issue can be found on Honeywell's website, which explains how to report a vulnerability.
