Car navigation systems that can predict where and when traffic jams might occur, by siphoning data from sensors in roads and other vehicles. Cameras that can spot litter in public places and call in the cleaning crew. Self-adjusting street lamps.
These are just a few of the scenarios that could become commonplace as smart cities take hold over the next few years. Driven by rising urbanisation and fueled by technologies such as the IoT and data analytics, smart cities are on the cusp of explosive growth. Glasgow, Barcelona, Nice, New York City, London and Singapore have already embarked on the trek. The smart city tech market could be worth $27.5 billion annually by 2023, says Navigant Research.
Smart city initiatives are driven by public sector initiatives. However, they will have a big impact on businesses. Smart city technologies like IoT and data analytics are expected to drive innovative business ideas in the future.
But the new wave of smart city services and technologies are also expected to create new security vulnerabilities. Here are five areas CIOs should watch out for.
Fragmentation of IT
The last few years saw a rapid proliferation of cloud services and mobile device adoption. It has not only transformed business productivity, but has also wrecked the tight-fisted control that CIOs used to exert on their IT systems.
The expected explosion of IoT devices—researchers estimate that by 2020, the number of active wireless connected devices will exceed 40 bn globally.
In the past year, security researchers have exposed holes in Wi-Fi-enabled Barbie dolls, Jeep Cherokee cars and other new-fangled connected devices. Fortinet’s FortiGuard Labs already see IoT based attacks on the radar and happening globally. This shows the risks that are coming as toys, wearables and power grids get attached to sensors that are linked to a common network and the Web. IoT will bring forth a larger surface attack. So how do CIOs protect against the risks of connected devices and their own IoT implementations? They can consider deploying network-based protection schemes.
IoT gateways can be exploited
In a IoT deployment, the majority of connected devices will be always connected and always on. Unlike mobile phones and laptops, such devices are likely to go through only a one-time authentication process. This will make them attractive to hackers looking to infiltrate into company networks, as it allows easy control and sniffing of traffic.
Big data, more risks
If there is a constant in smart city deployments, it is that more data will be generated, processed and stored. Connected devices will generate huge data repositories. To protect huge amounts of data with large inflows and outflows, the bandwidth capabilities of security appliances will come to the fore.
A new can of worms
New worms designed to attach to IoT devices will emerge—and they could wreck more havoc given the extended reach. Conficker is an example of a worm that spread on PC’s in 2008 and is still persistent and prevalent in 2016. Likewise, worms that can propagate from device to device can be expected to emerge with mobile and the
Android OS. Patch management, and network based security inspection—particularly intrusion prevention systems—that can block IoT worms is a must.
The writer is regional director, India & Saarc, Fortinet