Six Steps for Securing Smart Cities

0
5538

What do organizations do when faced with declining revenues and increased costs? Some of them cut to the bone, stressing their chances at future growth. Smart ones invest heavily in technology, looking for ways to automate, become more efficient and use data to drive insight and innovation.

Investing in expensive technology may appear like a counterintuitive strategy in a budget crunch. But leading urban planning experts say that’s exactly what cities should do in the face of lagging tax revenues and increased costs from the COVID-19 pandemic. A recent report from the law firm White & Case echoed that sentiment, noting that the COVID-19 pandemic presents a “whiteboard moment” to accelerate new technology for modern cities.

Of course, any digital transformation project presents potential pitfalls, such as privacy concerns, data collection and data security. In the past year, hackers launched a ransomware attack against Baltimore that cost the city $18 million to repair, mainly because the city’s IT infrastructure was so old that the city practically had to replace everything.

[You may also like: Work From Home Was The Sprint, Now Comes The Security Marathon]

The smart cities movement spans several years and has been seen as a way to improve police and community relations, traffic congestion and public lighting. These efforts should continue, but for them to succeed, cities will have to work hard to maintain the trust of its citizens.

A Balancing Act

Here are six ways they can balance security and public trust when rolling out a smart city project.

  1. Show how these projects can benefit the public. The public will not accept privacy risks if benefits are framed as merely a reduction in costs, or revenue generation for the city. City officials have to explain the intangible benefits of smart city projects, such as less air pollution, increased energy efficiency, safer intersections and smoother traffic flow. Such benefits can raise property values and make urban areas more desirable places to live.
  2. Recruit the best staff possible. In developing smart city projects, local governments will encounter some of the same staffing difficulties familiar to anyone in the private sector: a shortage of IT talent, and an even larger shortage of cybersecurity skills. This will only increase the inherent security challenges of these projects. To ensure success, municipalities may need to turn to vendors with significant expertise, and develop a talent pipeline of civic-minded coders interested in building better cities.
  3. Explain the city’s data collection policies to the public. City officials need to develop clear policies that minimize the collection of personally identifiable information and aggregate and anonymize information in ways that prevent people from reverse engineering data to identify individuals. Cities need to maintain strict control over sensitive systems, with emphasis on strong access control and privileges.
  4. Develop an API security plan. Digital transformation in the private sector has spurred a significant reliance on APIs, and this will be the case in the public sector as well since many of these smart cities devices interface with applications through APIs. However, APIs constitute a growing attack vector, and they are expected to be one of the biggest targets of attacks by 2022. All digital transformation projects – smart cities projects included – need to ensure API security.
  5. Segment networks. City IT departments need to segment networks to prevent an intrusion in one project from spreading across the entire city. It’s especially true for data collection practices. Organizations should maintain separate accounts for data storage across departments.
  6. Secure IoT devices and sensors. Pay attention to the vulnerabilities found in IoT devices, which can have glaring security flaws. Don’t rely on default passwords, as security researchers have caught many smart cities projects doing and invest in top notch IoT security.

[You may also like: How to Keep APIs Secure From Bot Attacks]

The COVID-19 pandemic will change cities in ways few of us can imagine. Office buildings may not generate the tax revenue they once did as more people work from home. On the other hand, months of social distancing have made many people appreciate the benefits of gathering spaces like bars, restaurants and theaters. 

In the wake of the pandemic, public opinion surveys have found that citizens have retained high degrees of trust in local officials. Consider this a good foundation to build on now. Smart city technologies can help improve urban areas if they can stay secure and retain the trust of citizens.

Note: A version of this article first appeared in SC Magazine.

Read Radware’s “2019-2020 Global Application & Network Security Report” to learn more.

Download Now

Previous article4 Questions to Ask About Open Banking Compliance
Next articleDigital Attacks on Educational Resources
Mike O’Malley brings 20 years of experience in strategy, product and business development, marketing, M&A and executive management to Radware. Currently, Mr. O’Malley is the Vice President of Carrier Strategy and Business Development for Radware. In this role, he is responsible for leading strategic initiatives for wireless, wireline and cloud service providers. Mr. O’Malley has extensive experience developing innovative products and strategies in technology businesses including security, cloud and wireless. Prior to Radware, Mr. O’Malley held various executive management positions leading growing business units at Tellabs, VASCO and Ericsson. Mr. O’Malley holds a Master of Business Administration degree, a Master of Science in electrical engineering, and a Bachelor of Science in electrical engineering from the University of Illinois. He also is a graduate of the Executive Strategy Programs at the University of Chicago.

LEAVE A REPLY

Please enter your comment!
Please enter your name here