Our cybersecurity story

Reduce the risk of cyber-attack with Gallagher's cybersecurity product development philosophy.

Secure by design

As cyber threats continue to advance in sophistication, it is crucial to have cybersecure solutions in place to safeguard against evolving threats.

At Gallagher Security, our goal is to be the most cybersecure physical security manufacturer operating on the global stage. With cybersecurity baked into every step of our manufacturing process, we continually evolve our solutions to proactively identify and fortify vulnerabilities.

The Gallagher cybersecurity solution

We continuously evolve our solutions to meet changing threats at a software and physical level, building robust cybersecurity in at every stage.

Regular software releases

Gallagher releases software updates approximately every six months. Customers only need to implement the regular software and hardware updates available across all devices to stay current with cyber threats and effectively manage obsolescence.

As a Care Plan customer, you can update to the latest security features and developments as soon as they’re available.

Vigorous testing and development

Cybersecurity is a vital component of access control. We’ve ensured our solutions curate a multi-pronged defense system with protections baked into every stage of development.

We carry out extensive internal and independent third-party penetration testing and security review during development to identify vulnerabilities before updates or new solutions are released.

Advanced data protection

Our intelligent data management uses industry-leading standards for data protection. End-to-end encryption with secure, encrypted SQL databases and end-to-end authentication is all part of the Gallagher solution.

We provide system hardening and configuration advice and fully trained and certified installers to ensure your system is as cybersecure as possible on installation.

Delivering on protocol

In answer to the industry’s need for a more robust device communications protocol harnessing the principles of the internet of things, we developed and introduced a unique communications system: HBUS.

HBUS is a high-speed RS-485 protocol designed specifically for the needs of tomorrow’s field security hardware. HBUS delivers all the benefits of bringing edge field devices online, whilst providing unparalleled security and backwards compatibility with a site’s existing wiring, hardware, and infrastructure.

Managing vulnerabilities responsibly

An authorized CVE Numbering Authority (CNA) is an organization designated by MITRE to assign unique identifiers to security vulnerabilities through the Common Vulnerabilities and Exposures (CVE) system.

We’re proud to be one of only approximately 220 companies in the world who are an authorized CVE Numbering Authority (CNA) and achieved a significant milestone in 2020 by becoming the first New Zealand organization authorized as a CNA. This milestone gave us the opportunity to demonstrate a level of maturity in cybersecurity and a commitment to communicating vulnerability information that has earned the trust of critically important sites around the world.

Our dedicated cybersecurity team

To further ensure our systems are as robust as possible, Gallagher’s dedicated cybersecurity research team regularly conducts both internal and external vulnerability testing. The process begins in house with 150 virtual machines running 20,000 tests nightly on Command Centre, the powerful software at the heart of our high security solutions. From there, we secure third-party testing and certification to demonstrate reliability in our cyber protections.

Your cybersecurity, your way

Security Health Check (SHC) is an industry-first tool that performs a fast, automated audit of potential security issues.

Putting the power in the hands of businesses, Security Health Check provides sites with a deeper awareness and understanding of security vulnerabilities and how they can be mitigated without the time and cost of traditional manual audits.

Demonstrating our commitment to cybersecurity, we offer SHC free of charge to Gallagher customers, empowering businesses to manage their cybersecurity, their way.

Our compliances and standards

Meeting government compliance standards

United States Australia United Kingdom
FIPS 201-3 Approvals; 13.01 and 13.02 Topology Type 1A AACS 2022 standard
FICAM Compliant Zones 1 - 5 CAPSS 2021 certification
FIPS 140-2 Level 3 validated AS/NZS 2201 Class 5 NPSA Tokens and Readers Standards
    GovPass

Above and beyond global standards

Global ISO9001 ISO27001
SOC2 certification EN50131 certification
DCID 6/9 ICD 705 NIST FIPS199, SP800-53
FISMA / NIST RMF UL 294, UL 1076, and UL 2050 Capable
Section 889 Compliant NDAA, TAA Compliant
IEC 60335-2-76 Edition 2.2 2013-05 AS/NZS 60335.2.76:2003 Edition 2.1 Incorporating A1, A2 & A3
BS EN 60335-2-76:2005 + A2:2015 SANS 60335-2-76:2006 Edition 2.1
RoHS CE (EN50130-4 & CISPR 14-1)
FCC

No one meets a higher standard

Gallagher Security has a proven history and global reputation for delivering high security solutions that meet the world’s most stringent physical and cybersecurity standards.

To find out more about the standards we meet in your region, check out our high security solutions.