Topics In Demand
Notification
New

No notification found.

Blog
Smart City Cybersecurity

August 14, 2018

405

0

Executive Overview

We talk about many things when it comes to smart cities.  The Internet of Things, smart sensors, the cloud, and a host of other new technologies from artificial intelligence (AI) to advanced operator visualization techniques have opened huge new opportunities for cities to improve the lives of citizens, increase safety and energy efficiency, and reduce operational expenditures.  Smart city cybersecurity, however, is rarely discussed. 

Major cybersecurity incidents continue to grab headlines.  Many of these incidents affect the IT infrastructure of cities, such as the recent ransomware attack on the City of Atlanta.  Many more, however, are affecting the operational technology layer of smart cities and their associated infrastructure, such as the 2015 cyber-attack on the Ukrainian power grid system.  This does not mean that IT-related attacks don’t affect operational technologies.  The ransomware attack on Atlanta crippled government desktop computers and resulted in the shutdown or at least disruption of essential city services from law enforcement to utilities. 

Today’s smart cities are really patchworks of old and new systems, each with their own cybersecurity concerns.  Older systems like ICS (industrial control systems) and SCADA (supervisory control and data acquisition) systems for things like power, gas, and water distribution systems exist alongside new, IoT-based systems for smart lighting, transportation management, access control, and more. 

The number of vendors and products in the rapidly emerging smart cities space is staggering, and the relative levels of inherent cybersecurity in these products and systems vary widely.  Most smart cities fail to adequately address the role of cybersecurity in these new products and systems.  Relevant standards and product registrations/certifications for cybersecurity in the smart city sector are only now beginning to emerge. 

From an organizational standpoint, many cities seem ill prepared to respond to major cyberattacks.  City and municipal governments tend to focus on the information technology (IT) world and have less experience managing the increasingly digital world of operational-related technologies. The utilities, which have become major investors in smart cities in the past couple of years, are more adept at the operational technology (OT) side of the equation.  Both groups have their own challenges when it comes to managing the convergence of the IT and OT realms.

Smart City Cybersecurity Not Unsolvable

Cybersecurity for smart cities is not an unsolvable problem.  Many cities and municipalities can take incremental steps to improve their cybersecurity organization, bridge the gap between IT and OT domains, and implement selection criteria to ensure better cybersecurity.  Vendors and service providers are also greatly expanding their offerings, making it possible for cities to outsource certain aspects of the cybersecurity plan that cannot be performed in-house. 

Table of Contents

  • Executive Overview
  • Smart Cities Have a Cybersecurity Problem
  • Future of Cyber-attacks on Smart Cities and Critical Infrastructure
  • Relevant Certifications and Standards
  • Recommendations

ARC Advisory Group clients can view the complete report at ARC Main Client Portal or at ARC Office 365 Client Portal

Reprinted with permission, original blog was posted here”. You may also visit here for more such insights on the digital transformation of industries.

 About ARC Advisory Group (www.arcweb.com): Founded in 1986, ARC Advisory Group is a Boston based leading technology research and advisory firm for industry and infrastructure.

 For further information or to provide feedback on this article, please contact akanagali@arcweb.com

 

About the Author:

 

Larry O’Brien

Vice President, Research

Larry is responsible for providing oversight in ARC’s research into process automation markets, including process automation systems, process safety systems, plant asset management systems, intelligent device management strategies, and field networks.

 

About ARC Advisory Group (www.arcweb.com)-  Founded in 1986, ARC Advisory Group is a Boston based leading technology research and advisory firm for industry and infrastructure.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.