If measuring it as a country, cybercrime would be the world’s third-largest economy after the U.S. and China, inflicting damages to public and private organisations for several trillion US dollars every year.
A cyberattack could potentially disrupt essential critical services, expose personal and financial data, and disable the economy of a city. Not a reassuring perspective for cities which are increasingly relying on interconnected networks and sensor-based infrastructures to operate and deliver any application that people and businesses need, from energy distribution to mobility systems, from street lighting to municipal waste collection, and more.
Cybersecurity risks are an unfortunate by-product of the digital age. Unless we fully give up on innovation and digital transformation, we must acknowledge 100 percent cybersecurity is an impossible goal: our realistic target is being 100 percent cybersecurity aware and focused on risk mitigation.
Which Urban Application Is More Vulnerable to Cybercrime?
An online survey Paradox Engineering carried out in October 2021 targeting city officers, utility managers, and ICT professionals suggested smart street lighting and smart waste management (waste bin monitoring) are the least attractive applications to hackers and cybercriminals after public wi-fi, video surveillance, energy, water, and gas distribution networks, and traffic control, parking management, and smart mobility systems.
But this is not an accurate view. Within cyberspace there are different types of hackers with different goals: while “traditional” cybercriminals aim at violating systems and applications to steal money, there are hacktivists using hacking as a form of civil disobedience to promote political or social causes, espionage experts looking for industrial secrets or intellectual property, and cyber warriors carrying out digital assaults to attack nations and governments.
So, smart lighting, parking, and waste management applications may not be attractive for money-oriented criminals, but they are no less of a threat as even a single LED light or vehicle detection sensor could be used as an access point for an attack with a different purpose.
Technology, People and Processes
Robust cybersecurity isn’t down to one thing but a combination of technology, people and processes.
At Paradox Engineering, we endorse open, standard-based Internet of Things technologies and a mature security-by-design approach, which means having security built into our solutions from their very inception. In our experience, security can’t be added at the final stage of development. We think about infrastructure and application protection from the beginning and provide Cities with intrinsically secure network systems.
While a security-by-design approach is absolutely needed when developing and implementing any digital system, we should favour cyber-awareness programs to educate people: don’t forget that independent surveys say 90% of security breaches come out of human inadvertent errors. People are the only element that can’t be configured, and any imprudence could be a problem.
Last but not least, security is to be managed as a cyclic process that starts from understanding the assets and the associated risks, applying measures to reduce the risks, prevent the know threats and be ready to detect and respond to unknown threats. Vulnerability can seep in at any stage and we must be prepared to manage it through effective processes.
We are completing the assessment for readiness of Paradox Engineering’s new Security Operation Centre (SOC), serving customers to effectively monitor, support and respond to cyber threats and incidents. SOC will provide a dedicated team with proven expertise and innovative tools to monitor the status of operating customer infrastructure, send immediate alerts in case of abnormalities or suspicious behaviours, detect and quickly highlight possible vulnerabilities. It will also act as incident response centre by collaborating with other SOCs or Computer Emergency Response Teams.
Cybersecurity is a shared responsibility. Securing cities is not merely a matter of selecting and installing the best possible technology – it is a lifelong journey which requires constant education, monitoring and a close collaboration, especially as hackers use advanced technologies such as artificial intelligence to become more effective and cybersecurity insurance costs soar.
About Paradox Engineering
Paradox Engineering is a technology company that designs and markets Internet of Things solutions for device and data management in Open Cities and other smart environments. Established in 2005 and headquartered in Switzerland, the Company is part of MinebeaMitsumi Group, leading global provider of Electro Mechanics Solutions™, and controls Tinynode, specialized in Smart Parking technologies.
Video materials are available on Paradox Engineering’s YouTube channel. The AR Smart City mobile app can be downloaded for free from Apple Store or Google Play to experience a unique Augmented Reality immersion into PE Smart Urban Network and IoT applications for Open Cities