A few years ago, pre-Covid-19, there appeared to be an arms race beginning around smart cities. They had to be smarter and seemingly ever more ‘glossy’, driven by a need for sensors and data.
Then, as climate change became more evident, cities had to be sustainable, and of course, post-pandemic, more resilient. Now, in the wake of the fallout from the Ukraine-Russia conflict, they also need to be secure. So: smart, sustainable, resilient, and secure.
That message on smart city security coincides with a recent presentation from Lindy Cameron, the chief executive of The National Cyber Security Center, at Singapore International Cyber Week.
Connected technologies and smart cities
Cameron discussed the role of the Internet of Things (IoT) in creating a world that benefits from connected technologies, yet at the same time protects ‘connected places’—in other words; smart cities, safe from cyber threats.
She argued that the IoT is all about automation, connectivity, and efficiency, using them to improve our lives, boost our economies, and free our time to be more productive. That is a huge opportunity. It is also now a reality, and connected devices, from smart homes to smart cities, are now part of our everyday lives. Faced with this brand new world of technology, very few of us will willingly want to turn back the clock (beyond an hour at the appropriate weekend of the year!).
Cameron pointed out that both consumer and enterprise IoT has exploded over the last decade. There were 8.4 billion consumer devices connected to the internet in 2017 and it is estimated there will be 75 billion by 2025.
It is a similar story in the enterprise world. There has been a similar proliferation of IoT, with network printers, smart building management systems, and security products all being used to boost productivity and automate repetitive tasks.
Within cities, there is a similar growth in technology to manage transport, waste, CCTV, streetlights, traffic lights, parking, and public services such as health and social care or emergency services. Households, businesses, cities, and local governments are all keen to avail themselves of and reap the benefits of ‘smart devices’. They provide a range of critical functions and services to us all and the benefits are compelling. But in today’s world full of cyber risk, there may be a heavy price to pay.
Connected places and how to secure them
Cameron’s message, unsurprisingly, was that connected places are an evolving ecosystem. They comprise a range of systems that exchange, process, and store sensitive data, as well as control critical operational technology. And that itself makes them vulnerable, because they are an attractive target for a range of threat actors, with the threat posed by nation-states being particularly acute.
To secure these connected places, the NCSC is betting on an approach that it hopes builds resilience at scale. It is an approach designed to build standards that better enable getting ahead of the problem, rather than having to respond to decades of legacy challenges later. The ‘Connected Places Cyber Security Principles’ outline how governments and organizations can securely design, manage, and build smart cities.
The NCSC aims to help the designers, vendors, and operators of connected places to make informed decisions about the high-level security requirements that should govern smart cities in a way that reflects their values. And to do so right from the start: the design phase. It is a deliberately collaborative, cooperative approach that the NCSC hopes will enable everyone—governments, cities, and vendors—to learn from each other while reflecting their own cultures and values in their use of technology. In other words, smart, sustainable, resilient, secure—and now, principled—cities!
---
Quelle/Source: Verdict, 31.10.2022
Bitte besuchen Sie/Please visit:
