Can smart cities become 'cybersecure' cities?

Posted Oct 26, 2018 by Tim Sandle
Google’s Toronto smart city is an innovative project but it also brings with it various challenges, both technological and in terms of privacy and security. Trend Micro have looked at how smart cities can become cyber-secure cities.
Toronto s talent is booming.
Toronto's talent is booming.
Smart cities are all about exchanging data, connecting citizens together in one environment through intelligent and sustainable enabling technologies and platforms like the Internet of Things (IoT) and the Cloud. Perhaps the most sophisticated of the emergent projects is the Sidewalk Labs (a Google company) redevelopment of the disused waterfront in Toronto and the planned conversion of this area this into a space for 21st-Century urbanism, to become what Digital Journal describes as a "bustling mini metropolis that has the Internet and connected technology at the core."
Smart cities are gaining attention due to the activities of big tech companies like Google. The intention is to continue to improve our quality of life, but it does come with some risks and so it’s important for us to talk about those and be prepared. Such locales have a networked infrastructure to improve economic and political efficiency and enable social, cultural, and urban development.
The project has flagged security concerns and in October 2018 Saadia Muzaffar, who was a member of Waterfront Toronto’s Digital Strategy Advisory Panel, resigned arguing that the project is not taking concerns about how Google will collect and handle data collected from people (news that was also reported on Digital Journal).
This means the smart city concept leaves tons of room for security breaches. Trend Micro has issued a new report reviewing how smart cities can be made more secure. The report is titled "Securing Smart Cities: Moving Toward Utopia with Security in Mind."
The report discusses the ways smart cities can be and stay secured. Smart cities are at risk from various forms of hacking. With this, the interconnectedness of devices and systems in a smart city can be a means to steal money and data from citizens and local enterprises.
Actions that the report recommends include:
Performing quality inspection and penetration testing, to catch any security issue (e.g., data leakage) or maintenance concern (e.g., service malfunction).
Prioritizing security in service-level agreements (SLAs) for all vendors and service providers.
Establishing a municipal computer emergency response team (CERT) or computer security incident response team (CSIRT).
Ensuring the consistency and security of software updates.
Ensuring any data collected in a smart city is anonymized in order to protect the privacy of citizens.
Encrypting, authenticatating, and regulating public communication channels.
If there is a cyberattack, Ensuring the continuity of basic services.
The report has a particular focus on Toronto and Trend Micro indicates that the firm wants Torontonians to start thinking of smart cities as “Cybersecurity Cities” and to become better informed. To support the educational component, Trend Micro has also hosted its own smart cities microsite.
The report also provides detail as to what a smart city is and the range of technologies required to equip and operate a smart city. This are detailed in the Digital Journal article "Are smart cities around the world getting smarter?"