Cyber attacks and security breaches can be a common occurrence in the modern interconnected world. As more cities become intelligent and connected, basing more infrastructure and functions on digital networks, the cyber security risk grows, and -alarmingly- smart cities are usually unprepared to face it.
The risk is real. Jesse Berst, chairman of the Smart Cities Council, warns that it is “crazy’ to for cities to assure themselves that they will never be targeted by hackers, whether to “turn off the lights for the fun of it, or something much more dangerous and insidious’. The most important problem with smart city security is that the cities themselves don’ t pay enough attention to the problem.
Francesca Bria, chief technology and digital innovation officer of the City Council of Barcelona, one of the first and most successful smart cities, states that, until now, cities have not paid enough attention to the need to respect the fundamental human rights of citizens, such as data privacy and security, when developing smart city services. The often inadequate cyber security can make it difficult for cities to protect these rights.
The solution, according to Ms. Bria, is to work with experts in order to make security an integral and essential part of the development of smart city services. A number of actions can help smart city practitioners to ensure that smart cities are also safe cities:
- Implement a security policy that is treated as an ongoing process instead of a one-time events, and that is considered at the very inception of smart city services and built into their development.
- Make humans smart too, and ensure that citizens or staff will not be easily manipulated into unwittingly creating security breaches or threats, will not divulge confidential or personal information etc.
- Maintain internet-of-things devices, making sure that all devices that connect to the central network are regularly maintained and updated, as they can constitute potential points of vulnerability.
- Work with experienced corporations, preferring to partner with firms that have been dealing with security issues for years and know how to handle them.
- Embrace open standards, as open-source communities, using systems that are open-access and have been used and improved previously, are likely to have less security risks.
The original article can be found in devex.