With worldwide urban populations on the rise year after year, smart cities project developers are searching for ways to create increasingly intelligent, efficient, and sustainable solutions. The Internet of Things (IoT) has been the technological starting block, but as IoT usage and implementation expands its reach across several verticals, increased digitization needed to power smart cities has also brought additional cybersecurity risks to the IoT ecosystem — threatening the momentum of current and future projects. In 2024, three industries — financial, information and communication, and defense — will account for over half of the projected $135 billion total allotted to mitigating cybersecurity within the IoT infrastructure. The remaining 44% is designated to be split among several platforms considered integral to smart city growth:
- Smart energy
- Water and wastage
- Parking and automotive
- Industrial and manufacturing
- Building automation
- Surveillance and public safety
Underfunding in these crucial areas have placed smart cities infrastructure under an increasing risk of cyberattacks, but this lag isn't solely linked to a lack of investment.
Multiple Layers, Multiple Threats
Smart cities are comprised of a diverse, multi-layered multi-vendor ecosystem in which prioritizing connectivity leaves digital security as an afterthought. Data encryption, protocol tracking, zero-level device protection are among the key preventive measures being mostly overlooked in development. A lack of cryptographic measures, poor encryption key management, and substandard onboarding around secure devices have all significantly contributed to increased cybersecurity threats. Furthermore, cyberattackers have simply become more savvy in maneuvering around digital security implementations currently in place.
Organizations across numerous sectors — Microsoft on the cloud service side, digital security players Rambus and Entrust Datacard, and Huawei — have made headway in providing smart city solutions, but there is still a long road ahead.
Establishing Cybersecurity Frameworks
Despite these existing threats, there are frameworks that implementers can use to tackle concerns around cybersecurity:
- Rather than taking a holistic approach to building attack-resistant platforms, implementers can focus on a single vertical at a time, identifying their unique intricacies. Focusing on specifications and standards for each vertical will allow for a more targeted security strategy. This approach is best suited for organizations that do not expect to deploy a large number of smart city applications, which would introduce the dilemma of needing to adjust and reinvent their products accordingly.
- Similarly, cybersecurity measures can concentrate on the individual technologies, rather than the verticals, that comprise smart cities. Cloud vendors, telco operators and communication enablers, service providers, and security implementers can benefit from focusing on technological barriers that exist, as opposed to verticals. Ideally with this approach, directly addressing the technologies will influence how smart city verticals develop over time.
- An approach facing the highest risk is more holistic in nature, in which implementers can account for challenges among different verticals and technologies. As a result, this framework depends primarily on navigating through standards and regulations for each vertical and technology.
You can read more inside the Smart City Cyber Security report, which provides detailed recommendations on improving digital security in the smart cities space. Our Digital Security and Smart Cities & Smart Spaces research services also have you covered for your strategic long-term planning needs.