Cities need to bolster their protection of critical infrastructure, which makes for attractive targets to increasingly sophisticated cybercriminals looking to inflict serious damage in large population centers.
The volume of data created by cities and their device-loving inhabitants is exploding, raising the question of how all this new data will be processed and protected. Increased urbanization, combined with longer life expectancies, poses obvious resource challenges when it comes to urban congestion and strained city services.
Yet with all of these factors in play, too many cities remain mired in old-fashioned ways of conducting business, relying upon legacy IT systems while failing to adequately invest in the people and technology needed to meet evolving challenges. It is no secret that municipalities tend to be strained by limited resources – this is the public sector, after all – but the move toward advancing what has come to be characterized as ‘smart cities’ must be more thoroughly embraced in urban centers throughout the world.
Leveraging modern technology effectively can streamline services and allow cities to operate in more efficient and cost-effective fashion, and there is some relatively low-hanging fruit that most cities can affordably pursue. Smart cities embrace automation, so just about any process that still relies upon paperwork is probably a candidate to be automated. Making use of the cloud, leveraging DevOps and modernizing ID processes are other relatively straightforward methods that can create efficiencies, such as tapping newer technologies like facial recognition and fingerprints at large events to reduce congestion and lines.
Even more importantly than improving services for residents, cities must be mindful of the threats they face to their critical infrastructure. New ISACA research on smart cities shows that cities’ energy, communications and financial services systems are perceived as especially susceptible to cyberattacks.
In the US, the city of Atlanta reportedly spent $2.6 million this year recovering from a ransomware attack that destabilized municipal operations, and on the country’s other coast, it wasn’t long ago that San Francisco’s public transit system fell prey to a ransomware attack.
These types of attacks can have devastating consequences, placing added emphasis on the importance of investing in well-trained security professionals and enhancing capabilities with new techniques, such as using machine learning to automate detection of attacks and analysis of logs.
Cities also need to have strong governance and risk management frameworks in place, regardless of whether they are a megacity with more than ten million residents or a small-to-medium municipality.
As cities recalibrate their approaches, protecting residents’ and visitors’ privacy must not be overlooked. The recent Facebook/Cambridge Analytica scandal, as well as the arrival of the General Data Protection Regulation (GDPR), have elevated the profile of data privacy considerations.
According to new ISACA research on GDPR readiness, organizations expect greater data security to be the top positive outcome to result from GDPR preparations, and there is no reason cities should be exempt from that upside as more rigorous privacy protocols are put in place. Cities will need to demonstrate that they are treating residents’ and visitors’ personal data with the care that they deserve.
In dealing with this ever-increasing flow of new data, cities must not only determine how they will secure the data, but also how they will audit the cybersecurity efforts that keep that data secure. More IT audit professionals who are conversant in cybersecurity practices will be needed.
While the amount of attention needed for cities to become ‘smarter’ might seem daunting, the public sector has never– and will never – operate in a vacuum. For cities that lack the right people and talent, working with partners in the private sector that are using newer methods might be necessary to modernize quickly and reliably.
There are plenty of examples cities can look to for inspiration, from relatively mundane efforts such as deploying sensors to modernize parking, to more elaborate initiatives, such as Singapore’s clever restoration of urban green space.
It will be fascinating to watch cities tackle these challenges and opportunities in the coming years, when the pace of technologic change will only accelerate, along with the corresponding threats. It’s not just megacities that will need to approach the delivery of services and interactions with residents with technology in mind – it will also be the thousands of local municipalities that will see their populations double or triple in the coming decades.
Cities need to proactively prepare for the challenges ahead to ensure the safety, security and prosperity of a more urbanized world.