Making the smart city safe and secure

Reviewing the security implications of smart cities and offering guidance on how security and risk professionals should address and overcome these potential security and privacy challenges.

Smart city index reveals who's falling behind (London and NYC are laggy) Zurich has the smartest buildings in the world, and Melbourne, Australia has the best 4G coverage. So where does the US rank in the index of smart cities?

Must read: Revolutionize your security strategy by applying Zero Trust to your business. 

Special feature

Louisville and the Future of the Smart City

Louisville, Kentucky is building a unique bridge between the smart city and the smart home. Here's what communities and citizens can learn about the benefits of the onrushing digital transformation.

Read More

According to UN projections, 68% of the world's population will live in urban areas by 2050. As cities grow, municipal governments are investing in infrastructure and applications to improve operations, services for constituents, and the overall urban experience. Composed of the internet of things, "smart cities," aimed to optimize operations, present new security and privacy risks to city leaders and citizens alike.

Existing Smart City Defenses Are Insufficient

In April 2019, ransomware infected the servers for the city of Stuart, Florida and brought down email, payroll, and other vital functions, ultimately costing the city $600,000 in ransom fees. A study conducted by McMaster University found that 88% of people are concerned about their privacy in the smart city context. As the pace of smart city implementation accelerates, cities are struggling to prevent, identify, and respond to cyberattacks and privacy risks because:

  • City planners and developers aren't prioritizing security. Anyone can go on Shodan.io and find thousands of unprotected devices connected to the city's internet.
  • Decentralized smart city initiatives undermine a centralized and consistent security approach. Without a centralized security approach, any initiative that leaves a gap in security policy or control in a smart city implementation increases the risk.
  • Security teams fail to address physical threats to connected systems. The long distances inherent in power transmission systems, pipelines, and utilities leave remote locations exposed.
  • Cities are overwhelmed with high volumes of new data being collected. Security teams are just starting to gain maturity in the IT environment for data inventory, classification, and flow mapping; in OT, they're even further behind.
  • Security teams are not prepared to combat data integrity attacks. They lack the ability to prove that the data and algorithms that city functions rely on for decision making haven't been tampered with.

Take A Zero Trust Approach To Smart City Cyber Readiness

Our new report reviews the security implications of smart cities and offers guidance on how security and risk pros should address and overcome these potential security and privacy challenges. Forrester walks you through how to apply Zero Trust components to your smart city infrastructure and offer practical recommendations to determine your current security and privacy posture and identify what needs to be done to empower smart city cyber readiness against the expanding threat surface.

Principal Analyst Merritt Maxim wrote this post, and it originally appeared here.