2022 CyberSecured Award
Gallagher is the proud recipient of a 2022 CyberSecured Award hosted by Security Today. This is the first win for the new Command Centre Web product, which won in the Access Control category.
Our cybersecurity story
Reduce the risk of cyber-attack with Gallagher's cybersecurity product development philosophy.
Secure by design
As cyber threats continue to advance in sophistication, it is crucial to have cybersecure solutions in place to safeguard against evolving threats.
At Gallagher Security, our goal is to be the most cybersecure physical security manufacturer operating on the global stage. With cybersecurity baked into every step of our manufacturing process, we continually evolve our solutions to proactively identify and fortify vulnerabilities.
The Gallagher cybersecurity solution
We continuously evolve our solutions to meet changing threats at a software and physical level, building robust cybersecurity in at every stage.
Regular software releases
Gallagher releases software updates approximately every six months. Customers only need to implement the regular software and hardware updates available across all devices to stay current with cyber threats and effectively manage obsolescence.
As a Care Plan customer, you can update to the latest security features and developments as soon as they’re available.
Vigorous testing and development
Cybersecurity is a vital component of access control. We’ve ensured our solutions curate a multi-pronged defense system with protections baked into every stage of development.
We carry out extensive internal and independent third-party penetration testing and security review during development to identify vulnerabilities before updates or new solutions are released.
Advanced data protection
Our intelligent data management uses industry-leading standards for data protection. End-to-end encryption with secure, encrypted SQL databases and end-to-end authentication is all part of the Gallagher solution.
We provide system hardening and configuration advice and fully trained and certified installers to ensure your system is as cybersecure as possible on installation.
Delivering on protocol
In answer to the industry’s need for a more robust device communications protocol harnessing the principles of the internet of things, we developed and introduced a unique communications system: HBUS.
HBUS is a high-speed RS-485 protocol designed specifically for the needs of tomorrow’s field security hardware. HBUS delivers all the benefits of bringing edge field devices online, whilst providing unparalleled security and backwards compatibility with a site’s existing wiring, hardware, and infrastructure.
Managing vulnerabilities responsibly
An authorized CVE Numbering Authority (CNA) is an organization designated by MITRE to assign unique identifiers to security vulnerabilities through the Common Vulnerabilities and Exposures (CVE) system.
We’re proud to be one of only approximately 220 companies in the world who are an authorized CVE Numbering Authority (CNA) and achieved a significant milestone in 2020 by becoming the first New Zealand organization authorized as a CNA. This milestone gave us the opportunity to demonstrate a level of maturity in cybersecurity and a commitment to communicating vulnerability information that has earned the trust of critically important sites around the world.
Our dedicated cybersecurity team
To further ensure our systems are as robust as possible, Gallagher’s dedicated cybersecurity research team regularly conducts both internal and external vulnerability testing. The process begins in house with 150 virtual machines running 20,000 tests nightly on Command Centre, the powerful software at the heart of our high security solutions. From there, we secure third-party testing and certification to demonstrate reliability in our cyber protections.
Your cybersecurity, your way
Security Health Check (SHC) is an industry-first tool that performs a fast, automated audit of potential security issues.
Putting the power in the hands of businesses, Security Health Check provides sites with a deeper awareness and understanding of security vulnerabilities and how they can be mitigated without the time and cost of traditional manual audits.
Demonstrating our commitment to cybersecurity, we offer SHC free of charge to Gallagher customers, empowering businesses to manage their cybersecurity, their way.
Our compliances and standards
Meeting government compliance standards
| United States | Australia | United Kingdom |
|---|---|---|
| FIPS 201-3 Approvals; 13.01 and 13.02 Topology | Type 1A | AACS 2022 standard |
| FICAM Compliant | Zones 1 - 5 | CAPSS 2021 certification |
| FIPS 140-2 Level 3 validated | AS/NZS 2201 Class 5 | NPSA Tokens and Readers Standards |
| GovPass |
Above and beyond global standards
| Global ISO9001 | ISO27001 |
| SOC2 certification | EN50131 certification |
| DCID 6/9 ICD 705 | NIST FIPS199, SP800-53 |
| FISMA / NIST RMF | UL 294, UL 1076, and UL 2050 Capable |
| Section 889 Compliant | NDAA, TAA Compliant |
| IEC 60335-2-76 Edition 2.2 2013-05 | AS/NZS 60335.2.76:2003 Edition 2.1 Incorporating A1, A2 & A3 |
| BS EN 60335-2-76:2005 + A2:2015 | SANS 60335-2-76:2006 Edition 2.1 |
| RoHS | CE (EN50130-4 & CISPR 14-1) |
| FCC |
No one meets a higher standard
Gallagher Security has a proven history and global reputation for delivering high security solutions that meet the world’s most stringent physical and cybersecurity standards.
To find out more about the standards we meet in your region, check out our high security solutions.
Our awards
Dive deeper into cybersecurity
-
Understanding cybersecurity in transportation, manufacturing, and distribution industries
Take a deeper dive into the importance of cybersecurity for transportation, manufacturing and distribution industries. Learn about specific cyber challenges these sectors face and strategies they can use to protect their operations.
-
Securing your business from the inside: understanding the impact of insider threats
In a world where security threats are constant and ever changing, it is crucial for business to protect themselves from external and internal threats. In this article we explore insider threats and how to protectively protect your business from within.
Ready to learn more?
Contact us to find out more about our cybersecurity capabilities in your region.
Contact us