Blog
SMART CITIES NEED SMART DATA PROTECTION
Smart city initiatives are primarily driven by regional Governments which must also play a key role in establishing the security frameworks required for these initiatives to succeed. An area where government can and should get involved is in awareness of the general population. Especially in our region, with the cultural diversity coupled with the tremendous uptake in both government as well as private initiatives to deliver innovative IT enabled services, we diligently need to educate our citizens. One of the most important elements of cyber- as well as other types of security is the human element, and here culture has a huge impact and must therefore be addressed. Being able to control the risk, operate, sustain, and manage smart cities requires cultivation of the right skills and resources.
Sharing information from governments to organizations and individuals can make sure that we can tune defenses. This is typically done in the form of CERT advisories. For example, in the UAE, this is done by aeCERT, which sends out information bulletins to government and private organizations.
Another area vital to many Smart City initiatives is the Internet of Things (IoT). A vast number of sensors will be involved in any deployment. Globally, we are talking about as many as 50 billion sensors by 2020. Most, if not all, of these sensors will be cheap, low cost devices- a major factor as they have to be as there are so many of them. When you buy a low cost smart sensor, how much security do you then think they were able to design into the hardware?
There is also the question of software: IoT devices uses software like any other device on the internet. Some of them with generic operating systems like embedded Linux – How do you patch 50 billion devices in case of a general vulnerability, like what we saw with Heartbleed in OpenSSL, or the WannaCry vulnerability?
To ensure the smooth functioning of a smart city, security needs to be given due attention from the very first stages with emphasis on the areas outlined above.
Blog By:
Nicolai Solling, CTO at Help AG
Sharing information from governments to organizations and individuals can make sure that we can tune defenses. This is typically done in the form of CERT advisories. For example, in the UAE, this is done by aeCERT, which sends out information bulletins to government and private organizations.
Another area vital to many Smart City initiatives is the Internet of Things (IoT). A vast number of sensors will be involved in any deployment. Globally, we are talking about as many as 50 billion sensors by 2020. Most, if not all, of these sensors will be cheap, low cost devices- a major factor as they have to be as there are so many of them. When you buy a low cost smart sensor, how much security do you then think they were able to design into the hardware?
There is also the question of software: IoT devices uses software like any other device on the internet. Some of them with generic operating systems like embedded Linux – How do you patch 50 billion devices in case of a general vulnerability, like what we saw with Heartbleed in OpenSSL, or the WannaCry vulnerability?
To ensure the smooth functioning of a smart city, security needs to be given due attention from the very first stages with emphasis on the areas outlined above.
Blog By:
Nicolai Solling, CTO at Help AG