The government of Taiwan has initiated two draft regulations aimed at establishing standards to ensure security in video surveillance and IP camera applications.
Taiwan-made IP cameras account for 25-30 percent of the global production. The Industrial Development Bureau under the Economics Ministry, therefore, singled out Taiwan’s network video recorder and digital video recorder as the basis to develop the draft standards.
The standards put emphasis on four dimensions: system security, communication security, identify authentication and privacy protection.
Exports made up most of Taiwan’s networking product sales; as such, the domestic standards will eventually have to align with international standards, said Gao Chuan-Kai, head of the Cybersecurity Technology Institute at the Institute for Information Industry (III).
International standards like ISO 27001, UL 2900, GSMA IoT Security Guideline, OWASP Top IoT Vulnerabilities, in addition to Japan’s IoT security guidelines, were referenced in the drafting process. (More: EU Looks into Making New IoT Standards to Enhance Cybersecurity)
With support from the Economics Ministry, the draft standards in Taiwan are the result of a joint effort between the III and Taiwan Association of Information and Communication Standards.
The majority of IoT devices lack the web control interface, which often times results in hacker access, Gao said, adding that poorly managed connection between mobile apps and IoT devices is also a big security hole.
A survey conducted by the III shows that one in 10 Taiwanese companies spends 25 percent or more of available resources to enhance information security, while 13.7 percent have no budget at all for this domain. As such, there is still much room for improvement in Taiwan’s information security practice, an III official said.