Making your city cyber ready: Four cornerstones of trusted digital cities
Taking action to understand your cyber risk
The history of urbanization and development of cities shows us that people need a safe location to trade goods, exchange ideas and socialize. Back in the old days, cities or towns were surrounded by high walls and governed by a set of rules, so that people could socialize and conduct trade in an environment protected from external threats.
Cities of the future need to fulfill similar needs and provide a trusted digital world where people create communities, exchange information, pursue education and conduct business. Instead of building walls for protection as in the ancient cities, smart cities must create ways to increase interaction for a secure digital economy. But how can opening new doors be achieved while preserving security?
It is not a simple task, especially in an ever evolving digital world. Many cities and local governments are already well into a digital transformation process. The COVID-19 pandemic acted as a catalyst and increased the pace of digitalization in almost all aspects of life. Businesses, and people, who already had the digital tools at their disposal to adapt during these turbulent times grew more. Students who could switch to remote learning continued their education with no interruptions. Countries with developed e-government and digital public services continued serving their citizens as before. Once the pandemic is over, digital-ready cities are expected to be able to better withstand the most damaging effects of such crises.
City governments have their own challenges. All are concerned about security and privacy in such a hyper connected, digital world. Therefore, cyber security and privacy risks need to be managed proactively on a regular basis rather than reactively and on an ad-hoc basis. In a digital city we expect to see myriad devices and sensors interconnected and exchanging vast amount of data every second. Imagine the sheer volume of data traffic and the complexity of networks once 5G networks become widely used. 5G significantly boost data transmission speeds and enables more connected devices, but this increase the attack surface as well. Given the fact that 21% of the cyber security incidents in 2020 took place at public sector, it would be fair to say that public sector is already an attractive target for threat actors. In an environment like that, one of the best things to do is to “keep it simple”. As once a security guru said, “Complexity is the enemy of security”.
Laying down solid foundations plays a crucial role in building sustainable and digitally resilient cities. Here are the four principles that can be regarded as the cornerstones of trusted digital cities:
Security by design
We must recognize that we have to protect what we build and serve. Cyber security strategy should be incorporated with the overall strategy of the city. Every city initiative needs to assess cyber security readiness. Every cyber security initiative should assess the impact the change has on the overall program. Ensuring the alignment between cyber security strategy and the overall goals of the smart city helps stakeholders across the smart city program think of security as an enabler rather than an overhead.
Understanding the problem is the half of the solution. An overall security posture assessment of the city is essential while planning the remediation and improvement activities. Cyber security is not simply about making technology investments. A holistic approach that allows people, process, and technology to work in harmony is the preferred method of managing cyber security resources.
Know what’s waiting for you outside
Knowing the relevant cyber security threats is one of the best ways to make proper preparation against cyber-attacks. Because of that, cyber threat intelligence information is recommended to be incorporated into the security strategy of the organization to lead improvement efforts. A good strategy can pave your path to victory even when the odds are against you.
Cyber security threats are getting more sophisticated and threat landscape is constantly shifting. In this dynamic environment, focusing only on prevention and overlooking on recovery capabilities would be a mistake. Because, recovering from attacks is as important as defending against cyber threats and reducing the impact of incidents and breaches. Staying vigilant, adapting to ever changing threats and being able to recover with minimum impact has become one of the key success factors for endurance in a digital world. Because scalability needs of a city will change over time, agility and adaptability becomes even more of a vital skill set.
These four cyber security principles need to be incorporated in every step of the way as we are designing digital infrastructure of cities. Adhering to the foundational principles enables digitally resilient ecosystem where residents can benefit, and businesses can thrive. Always bear in mind that there is no silver bullet for cyber security, and digital resiliency is one of the keys ensure your city maintains an inclusive and sustainable future for all.
Request your complimentary Cyber Risk Financial Quantification on City Insights.
For a limited time, Mastercard’s CyberQuant is offering free cyber risk quantification analysis to better understand your cities cyber risk and its potential financial impact.
Interested or have questions? Please, contact Maddie Callis (Maddie.Callis@mastercard.com) for more information.