TALKING

Networks are used by public entities , people and thousands of IoT devices each day and the massive amount of data exchanged across these networks requires a stringent security strategy .

to cyberattacks . Ensuring systems are up to date with the latest software updates and security patches is paramount . Technology is central to the success of any smart city and having resilient systems should be a priority .

Inefficient security

Linked directly to outdated technology , having inefficient security protocols in place exposes smart cities to malicious threats . This leaves citizens and organisations vulnerable to data breaches , identify theft and loss of sensitive information . Protecting existing infrastructure with robust security measures could prevent a potentially disastrous breach . So , how do we ensure that the safety , security and privacy of those who live and work in smart cities is not compromised ?

Research suggests that by 2024 there will be over 1.3 billion wide-area network smart city connections . The level of complexity within these digital infrastructures is only increasing which means any digital services implemented by a government or organisation are vulnerable to cyberattacks . To realise their potential , smart cities need to find an effective balance between managing risk and enabling growth .

Building resilience to protect your city against these attacks is key , but how is this achieved ?

The starting point should be developing a cybersecurity strategy that maps on to the broader objective of your smart city . This will help mitigate risks arising from the interconnectedness of city processes and systems . Part of any effective strategy should be the requirement to assess current data , systems and cyber defences as this will help to give an idea of current posture and quality of infrastructure .

Creating a formal relationship between cybersecurity and the governance of data will also be extremely beneficial . This creates an agreed approach to cybersecurity between all parties within a smart city , meaning all stakeholders work together to ensure data is secure across the networks it is being exchanged . The policies put in place will mature alongside a city ’ s cyber strategy and add transparency to processes .

Finally , building strategic partnerships to help address the cybersecurity skills shortage is key to any successful security strategy . This is a good way to develop skills and increase your knowledge base which in turn bolsters overall security posture and resilience . For example , recently the CISA , NSA , FBI , NCSC-UK , ACSC , CCCS and NCSC-NZ released a document with guidance on best practices for smart cities .

The aim is not only to protect these connected spaces from malicious threats but also to share expertise and educate us on the importance of cybersecurity within smart cities .

It is obvious , smart city technologies need to adopt an initiative-taking methodology to ensure cyber security risks are the forefront of planning and design of technologies . Being secure by design is strongly recommended in conjunction with a defence in depth approach . There may be some legacy infrastructure connecting to the smart infrastructure , and this may require a redesign to make sure secure connectivity and integration is possible .

Hackers will continue to exploit vulnerabilities . An overwhelming number of cyberattacks against businesses could be avoided if supply chain and third-party security is taken seriously . Attackers are exceptionally quick to start exploiting vulnerabilities in well-known products . Invest in the resources to help combat the everyday struggle of security patches and updates . You do not want to get caught out by the very thing you expect to protect your business .

Underpinning the implementation of smart city technology is operational resilience . To make sure organisations are well prepared , contingencies are put in place for different types of incidents , which could have operational impact or disruption . Autonomous functionality and isolation tools should exist to help minimise these types of disruption .

Risk , privacy and legality all play an important role in smart cities , making sure data being collected , stored and processed is in accordance with regulations . It is critical that city leaders , developers and business owners do not see securing cyber risk within their smart city as a one-time objective . It is an ongoing , evolving process that could be the difference between a major breach or major growth . p

32 INTELLIGENTCIO AFRICA www . intelligentcio . com