top of page

CySPAG Registered Manufacturers Scheme

The CySPAG Manufacturers scheme is designed to provide a higher level of confidence for integrators and end users. Showcasing security equipment and software being deployed or interacting with IT networks, is manufactured, configured, and updates are made available regularly.

 

Whilst it does not replace the Product Security and Telecommunications Infrastructure Act 2022 (PSTI) - a law brought in to provide basic controls for IoT connected devices - it goes beyond the requirements, asking CySPAG manufacturers to provide evidence and self-declare to a code of practice written by a wide scope of industry stakeholders.

 

Security Devices on your IT Network

​

The security of IT networks depends heavily on the effectiveness and configuration of the security equipment used, such as firewalls, intrusion detection/prevention systems (IDS/IPS), routers, switches, and other security appliances. However, these devices themselves can have vulnerabilities if not correctly manufactured and maintained. A few possible considerations regarding vulnerabilities in security equipment on an IT network include:

​

​​

​

​

​

​

​

 

​

​

​

​

​​​​

 

CySPAG Manufacturers is open to all BSIA members, fostering a collaborative approach to cybersecurity challenges within the sector.

​

Cyber News and Updates

 The CySPAG Scheme is reviewed periodically to remain current with regards to technological updates, industry best practice, and ongoing advancements in cyber and physical security. The latest review of the CySPAG Manufacturer Scheme was: July 2025.

​

For more information or to get involved, interested parties can contact the BSIA's technical team.

​

​

​​

Supply Chain Attacks​

Untitled design (19).png

Security devices are often manufactured by third-party vendors, and malicious actors could exploit vulnerabilities in the supply chain. This could include backdoors in hardware or firmware that allow attackers to bypass security controls.

Legacy Equipment

Untitled design (20).png

Older security equipment or software that is no longer supported can have known vulnerabilities that aren't patched, because the manufacturer has discontinued updates. Using outdated equipment can leave your network exposed.

Unpatched Software or Firmware Vulnerabilities

Untitled design (21).png

Security equipment often runs on specialised operating systems or firmware. If these systems, such as routers, switches, and firewalls, aren't regularly updated, they may have unpatched vulnerabilities that can be exploited by hackers.

CySPAG Legal Disclaimer

 

The CySPAG Scheme is designed to support and promote cybersecurity best practice within the security industry. Registration under the CySPAG Scheme does not replace, alter, or affect any product warranty or guarantee provided by manufacturers. Furthermore, participation in the CySPAG Scheme does not supersede, amend, or affect any contractual agreement, terms of service, or obligations between an installer and their client.

​

 

Neither the British Security Industry Association (BSIA) nor the CySPAG Scheme assumes responsibility for the performance, quality, suitability, or security of any individual product or installation. All parties remain fully responsible for ensuring compliance with applicable laws, regulations, standards, and contractual obligations relevant to their products and services.

Contact details

1 Birch Court, Blackpole East, Worcestershire, WR3 8SG

info@cyspag.co.uk

01905 342020

Untitled design (18).png

© 2023 by ARCADE. Proudly created with Wix.com

bottom of page