How do we ensure safe smart cities? Work with the security pros

Mon, 2015-11-30 14:21 -- Doug Peeples

Smart cities are designed to be safe places to live, and many things contribute to public safety, from improved street lighting to enhanced police and fire protection, and much more. Unfortunately, the connectivity and intelligent technologies that make efficient and well-coordinated smart city services possible are vulnerable to cyber attacks.

The consequences of those attacks can be severe. Data containing sensitive personal information could be used compromised or used by hackers to control a city's network, according to Riaan Badenhorst, Managing Director for Kaspersky Lab Africa.

"This could lead to a major disaster. Imagine if a hacker was able to get into a network and shut down a power grid for days. Smart city security projects need to be safe and local municipalities need to play an important role in making sure this safety precaution is taken, he said.

While his certainly isn't the first warning directed at the vulnerabilities of intelligent technologies for smart cities, Kaspersky contends that not many cities take potential cybersecurity threats seriously.

Mohamad Amin Hasbini, a Kaspersky security professional and a contributor to the Securing Smart Cities organization, noted that cities are doing a lot to improve citizen safety and services -- but if they fail to adequately consider cybersecurity they will be vulnerable and their investments and efforts at risk.

New cybersecurity guidelines for cities
"This is the reason behind the newly released Securing Smart Cities guidelines, a joint initiative by Securing Smart Cities and the Cloud Security Alliance. These guidelines provide organizations with an overview of the key elements needed in order to implement the best technological solutikons with a lower risk of exposure to cyber threats," Hasbini said.

The guidelines address a variety of topics, including:

  • Safely implementing, operating and maintaining technology
  • Enabling strong encryption and passwords
  • Disabling services that are no longer used or needed

Hasbini added that governments also should evaluate and verify what vendors tell them about the security features of their products, and that the impact on system security from adding new products also should be assessed.

Badenhorst said governments can take an active role in cybersecurity by developing partnerships and working with security organizations as they develop new guidelines and standards. And he added "While modern technologies should be used to secure smart cities, there are also a range of other important activities that need to be implemented such as educating smart city planners and providers on the importance and cost benefits of ensuring best practices."

For more on cybersecurity, several Council partners have produced their own resources focusing on the specific needs of smart cities:

Related articles:
IBM launches X-Force Exchange – a social media network for cybercrime fighters
The glaring gap in city cybersecurity (and how Intel is helping fix it)

Doug Peeples is a Portland, Oregon-based writer specializing in technology and energy. Follow @smartccouncil on Twitter.