Smart cities have long been heralded as a definitive opportunity to harness technological developments for business efficiency and human contentment. In some quarters they appear to be discussed as an unqualified good. But are they? Where there is technology there are risks of security weaknesses, and the bigger the strategic use the greater the potential for calamity, don’t smart cities provide for just that example? This webinar will discuss:
- Can the technologies used in smart cities be trusted?
- How great and serious are the security threats posed by smart cities?
- Is the security sector up to the challenges posed?
Chair: Professor Martin Gill
Panelists
J. Kelly Stewart – President & CEO, Newcastle Consulting
James Willison – Project & Engagement Manager, IoT Security Foundation
Lina Kolesnikova – Security & Crisis Management Consultant
Key points
J Kelly Stewart notes that Smart Cities are committed to making urban areas safer and more resilient, sustainable too, by using often advanced technologies to generate data which can be analysed and used to achieve these purposes. Exercising control over this process is key and it has sometimes been wanting and as such he warns that there is legitimate reason to be very concerned about these data are used. Having confidence in both the security measures in place and the governance of systems is no trivial task, it calls for dialogue, consultation, engagement and education and awareness; there is no substitute here, these have to be done well. Some parts of government are more informed than others.
Lina Kolesnikova notes the starting problem with Smart Cities, there are over 160 definitions of what they are. Outlining some of the challenges of technologies Lina refers to the difficulties of technologies being designed for different purposes and yet being used in combination; the challenges posed by the specific requirement to ensure updates of software and hardware; the reality that data is a weapon and is an inevitable target for criminals; then that Smart Cities depend on public and private partnerships but not all parties not even all governments are engaged with the issues and alert to the dangers; and beyond these large parts of the population, especially perhaps the elderly, are vulnerable because they are not so digitally aware. Ensuring good governance is key – akin to that used in the nuclear industry is advocated -and raising education and awareness across stakeholders is fundamental. Perhaps trust can only come with effective public audit.
James Willison begins by outlining some of the experienced difficulties of engaging populations, referring to South Korea as an example; having good technologies is one thing, using them optimally is quite another. Technologies are not always fit for purpose although new regulations in some parts of the world requiring manufacturers to explain what is in the technology is a step in the right direction. The problem is that cyber attacks are common and very real in their consequences. James is positive about the ability of the security sector to respond effectively, not least via convergence of which he has been a long-time advocate, and now is receiving endorsement by some governments around the world. He is positive that Smart Cities are a force for good, and notwithstanding the challenges is able to point to examples of good practice which can provide the reference point for those seeking to optimise the benefits and mitigate the dangers.
All the panellists underlined the benefits of Smart Cities when working optimally and the challenges inherent in doing that effectively. Public education and awareness are key, in fact not just the public but amongst all the professional stakeholders and government too. That is work in progress, and clearly very important work at that.
Professor Martin Gill
25th May 2023
IoT Cybersecurity for Facilities Professionals in the Smart Built Environment.
https://www.iotsecurityfoundation.org/best-practice-guidelines/
The role of trust in happiness and wellbeing in smart cities | Axis Communications
https://www.emea-comms.axis.com/The_role_of_trust_in_happiness_and_wellbeing_in_smart_cities
How to secure a SMART City | Unified Security
https://www.unifiedsecurity.net/smart-cities-security
ISC Best Practices for Achieving Integrated Security | CISA
https://www.cisa.gov/resources-tools/resources/isc-best-practices-achieving-integrated-security
Secure by Design and Default | CISA
https://www.cisa.gov/resources-tools/resources/secure-by-design-and-default
CISA CPG Checklist
http://theospas.com/wp-content/uploads/2023/05/cisa_cpg_checklist_v1.0.1_final.pdf
CISA CPG Report
http://theospas.com/wp-content/uploads/2023/05/CISA_CPG_REPORT_v1.0.1_FINAL.pdf
Cybersecurity Best Practices for Smart Cities
http://theospas.com/wp-content/uploads/2023/05/Cybersecurity-Best-Practices-for-Smart-Cities.pdf
Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by- Design and Default
http://theospas.com/wp-content/uploads/2023/05/principles_approaches_for_security-by-design-default_508_0.pdf