Security in Smart Cities

Shashi

Is technology really considered “smart” if hackers can break into it and shut down an entire city?
As IoT and sensor innovation use grows, so does the danger level to security. Ongoing talk including digital dread dangers to helpless and obsolete power networks has everybody more concerned and incredulous about innovation and security.
How do we use exponential technologies to come up with new encryption strategies to build security in new applications?

NickOttens

Here's a worrying story: Cities aren't ready for the AI revolution:

Globally, no city is even close to being prepared for the challenges brought by AI and automation. Of those ranking highest in terms of readiness, nearly 70% are outside the U.S., according to a report by Oliver Wyman.

ThomasK

To enhance the future security of smart cities it will be crucial to develop more robust network segmentation, communication/encryption protocols, and physical-access mitigations. However, work to date often focuses narrowly on technical solutions to the growing risks. From a systems perspective it's important to situate the technical challenges within the wider social and political context. Many of the greatest smart city problems are human and organisational. As device networks permeate more aspects of citizens' lives there will be increased scope for cyber attacks leveraging algorithmic bias, synthetic media, and disinformation to undermine cities' social fabric. This is compounded by the fact that smart city security is often left to local authorities, who don't have the cyber expertise to safely procure or deploy device networks at scale - and often don't communicate effectively with national governments. This recent paper gives a good overview of how these different dimensions of smart city security - technical, social, political - interact, and what emergent vulnerabilities & threat vectors they present. In particular, the authors point out that the majority of cyber attacks affecting infrastructure, large organisations, or public bodies (i.e. key leverage points in smart cities' ecosystems) are based on social engineering (e.g. spear phishing). This means that whatever the technical solutions put in place to secure smart cities, they may be undermined by fundamental human and organisational challenges. Potentially this indicates that in the near term an emphasis on network resilience and defense-in-depth is most appropriate for smart cities, until social and political abilities have caught up with the technical. As human and organisational capacity grows, technical tools that enable intuitive network visibility and management will likely be at a premium.