woman_glasses_over_monitor_screens_2011_2600x1950.jpg

We do everything in our power to mitigate your risks

Effective cybersecurity involves assessing risks and consequences and taking appropriate steps. Our products, with their built-in cybersecurity features, are designed to decrease the risk of compromise and enable secure behavior. We also understand that staying cybersecure takes more than products with cutting edge technology. It’s also about ongoing processes that take effort to maintain. That’s why we do everything in our power to make it as easy as possible for you to mitigate risk from day one and for the long run.

woman_women_video_conference_call_laptop_table_2106_2600x1950.jpg

A question of managing risk – and a framework for doing it

Cybersecurity is essentially a question of managing risk. A good starting point is to evaluate potential risks to your business or organization in terms of their probability, and their potential impact.

To support this evaluation, you can use a risk management framework. A good example is the NIST Cybersecurity framework, or other similar frameworks. Below you can see how Axis can support your organization in managing your risks.

Five basic functions for managing cybersecurity:

web_icon_cybersec_identify.svg

Identify

is about identifying and evaluating various aspects of your organization or business to form a foundation for cybersecurity.
web_icon_cybersec_protect.svg

Protect

is about taking steps to protect the data, devices, systems, and facilities that you’ve identified as priorities against cyber attacks.
web_icon_cybersec_detect.svg

Detect

is about developing and implementing activities that help you detect cyberattacks – so you can take action without delay.
web_icon_cybersec_respond.svg

Respond

is all about what you do to develop and then implement appropriate actions if a cybersecurity incident is detected.
web_icon_cybersec_recover.svg

Recover

revolves around developing and implementing appropriate activities to maintain plans for resilience and to restore any capabilities or services impaired due to a cybersecurity incident.

Managing risk together

Identify

man_glasses_monitors_2011_2600x1732.jpg

Your role

Identify begins with identifying the data, devices, systems, and facilities you need to achieve the goals of your organization and who is responsible for them.

It includes:

  • Inventorying devices, systems, software, and firmware
  • Identifying mission-critical objectives
  • Identifying procedures and security policies
  • Performing a risk assessment and identifying a risk-management strategy
hand_tweezrs_binary_code_identity_theft_2011_2600x1732.jpg

How Axis supports you

AXIS Device Manager, an on-premise tool, makes it easy to:

  • Identify Axis devices and firmware on your network
  • Carry out periodic inventories of Axis devices and firmware

Protect

screen_sign_in_login_password_2011_2600x1950.jpg

Your role

A good starting point for your Protect activities is to remove the default accounts your Axis devices come with. You should also:

  • Establish unique passwords for each device
  • Implement policies around creating strong passwords, keeping them private, storing them safely, and changing them regularly
  • Assign appropriate permissions to ensure only authorized individuals have access to certain actions and to sensitive data

How Axis supports you

We go to great lengths to ensure that our devices are well-protected when we deliver them and to make it easy for you to keep them protected:

graph_financial_data_analysis_2011_2600x1732.jpg

Data security - best practices

The Axis Software Security Group (SSG) works with our development engineers on applying cybersecurity best practices in design, development, and testing to minimize the risk of flaws.

woman_glasses_thinking_computer_2011_2600x1732.jpg

Data security - technology

Many Axis network devices feature in-house developed ARTPEC® chips. And we provide a long list of built-in enhanced security features.

2men_meeting_tablet_2011_2600x1732.jpg

Maintenance - tools

AXIS Device Manager is a tool that makes it much easier and more cost-efficient for you to manage all major installation, security, and maintenance device-management tasks.

woman_glasses_laughing_looking_left_2011_2600x1732.jpg

Awareness and training

We offer training and share our knowledge of cyber risks and how to mitigate them in a number of tools and papers including the Axis Hardening Guide.

people_walking_blurry_diamond_reflections_2008_2600x1732.jpg

Processes and procedures

We issue security advisories to help reduce risks of known vulnerabilities. Visit the Axis product security website for up-to-date cybersecurity advisories and news and to find the Axis Vulnerability Policy.

man_support_headset_smiling_glasses_2008_2600x1732.jpg

Maintenance - support

We offer a choice of two ways to help you keep up with cybersecurity updates for devices: Active-track support and Long-term support.

Detect

hand_pen_tablet_charts_graphs_2011_2600x1732.jpg

Your role

The most important Detect activity for enterprises is to implement a Security Information and Event Management (SIEM) system or a Security Orchestration, Automation and Response (SOAR) system for continuous monitoring. These systems:

  • Manage data from network devices and device management software
  • Aggregate data about abnormal behavior or potential cyberattacks
  • Analyze that data and provides real-time alerts
woman_explaining_man_computer_2011_2600x1732.jpg

How Axis supports you

Axis helps you to detect anomalies and events:

  • Our devices support the SYS Logs and Remote SYS Logs that are the primary source of data for your SIEM or SOAR system
  • Our Professional Services team can help with any special requirements and with custom integration with your SIEM or SOAR system

Respond

woman_looking_through_blinds_2011_2600x1950.jpg

Your role

The activities you carry out to contain and mitigate the impact of cybersecurity incidents are at the heart of Respond. If you use a SOAR system, it will provide incident response workflows, and playbooks for specific threats. Otherwise, you should establish your own response protocols. Either way, the response will vary depending on:

  • The specifics of the incident
  • Local regulations and internal policies about cybersecurity response
  • Local regulations and requirements for disclosure of cybersecurity incidents

How Axis supports you

Axis doesn’t operate directly in the Respond area. In the event that an Axis product is involved in a cybersecurity incident, we provide information and support in accordance with our vulnerability policy and other cybersecurity policies.

Recover

woman_glasses_left_monitors_2011_2600x1732.jpg

Your role

In addition to activities aimed at restoring service after a cyberattack, you should:

  • Carry out a post-mortem evaluation of the incident
  • Evaluate how to prevent or mitigate similar incidents
  • Report the incident to relevant government bodies as required
  • Communicate with the press and the public about the incident – in a way that protects your company’s reputation
2men_meeting_discussion_laptop_2012_2600x1732.jpg

How Axis supports you

Our on-premise tool AXIS Device Manager makes it easy to restore your Axis devices:

  • AXIS Device Manager supports restore points, which are saved “snapshots” of system configuration at a point in time
  • Restore points can also show any discrepancy between the current configuration and an earlier configuration
  • AXIS Device Manager supports configuration templates. In the absence of a relevant restore point, you can return all devices to their default states and then push out saved configuration templates via the network

Cybersecurity downloads

camera_lens_closeup_multicolor_red_2012_2600x1732.jpg

Hardening guide

Secure your network, devices, and services.
woman_glasses_closeup_reflection_2012_2600x1732.jpg

Best practices eMagazine

Basic step-by-step cybersecurity advice.

Related resources

web_images_cyber_security_hacker_2600x1950_2012.jpg

Blog

Read articles about cybersecurity on our blog.

web_images_cyber_security_code_blue_2600x1950_2012.jpg

Vulnerability policy

See how we respond to security vulnerabilities.

web_images_cyber_security_monitors_man_2600x1950_2012.jpg

Product security page

Find security advisories, firmware updates, and news.

web_images_cyber_security_server_man_2600x1950_2012.jpg

Built-in cybersecurity

Learn about cybersecurity technologies.