The Indian CCTV camera and surveillance equipment market has until now largely been dominated by Chinese players, with Indian companies struggling to catch up.
In April 2024, the Ministry of Electronics and Information Technology rolled out the new STQC norms, requiring CCTV manufacturing companies to undergo fresh audits of cybersecurity and surveillance gear using new parameters, such as supply-chain security and backdoor data vulnerabilities.
These new norms are likely to result in the disqualification of several Chinese CCTV makers and suppliers, according to industry executives.
“The government’s follow-through actions, including the prohibition of sales of non-STQC products across all levels of the value chain, will further accelerate and consolidate this process,” said Aditya Khemka, managing director of Aditya Infotech, which makes surveillance gear under the CP Plus brand.
Going forward, the new STQC norms will not only drive demand for domestic players but also strengthen the overall ecosystem by encouraging local innovation and responsible sourcing, Khemka said.
The new norms, industry executives said, were necessitated as modern CCTV and surveillance systems are no longer passive structures disconnected from the internet ecosystem.
The ban on non-certified CCTV equipment in India is accelerating what was already an inevitable transition, Shashwath TR, co-founder and CEO of Mindgrove Technologies, said.
“The surveillance and CCTV segment has always been a security market, and it is becoming a far more demanding one. Real-time video processing, on-device AI inference, and end-to-end data protection are now converging at the silicon level,” he said.
The demand from CCTVs is no longer just simple monitoring, but that they work like systems where the data is processed and protected at the edge without depending on transferring it to the cloud or exposing it by moving it through a supply chain, he said.
This problem of CCTV and other surveillance gear being prone to cyber attacks has been exposed further in the recent case of traffic cameras in Iran being hacked by Israel, pointed out Ankush Tiwari, founder and chief executive officer of pi-labs.
“Globally, we’ve seen cases like Iran, where poorly secured traffic cameras — left with default credentials and known vulnerabilities — were silently accessed over years, allowing adversaries to monitor and extract footage without detection. Many low-cost cameras come from opaque supply chains with limited security oversight,” he said.
A backdoor or a security vulnerability in critical surveillance devices, such as CCTVs, can be embedded at the manufacturing stage itself, cautioned Kaushal Bheda, a director at Pelorus Technologies.
“Once active, those feeds transmit sensitive site layouts, shift patterns, access points, and infrastructure vulnerabilities to whoever controls the firmware,” he said.
The new norms also provide an opportunity for Indian chip makers and original equipment manufacturers to work together to offer the global market a credible, trusted alternative in surveillance and vision infrastructure, Shashwath said.
“We are at an inflexion point. The policy environment, the market demand, and the engineering capability are finally aligned. What comes next depends on how boldly we build together,” he said.
 "CCTV cameras")