Use a Zero Trust Approach to Protect Your Smart Cities Projects from Hackers
Smart cities projects continue to gain momentum, given the need to address our aging infrastructure while enhancing the quality of life for both residents and visitors. New Internet of Things (IoT) and next generation network technologies like 5G enable smart parking, better traffic and mass transit control, intelligent lighting, and crime prevention. At the same time, city governments are increasingly under attack with significant consequences in terms of costs and loss of services and revenue.
So far, these cyber-attacks have been financially motivated ransomware attacks that require municipalities to either pay the ransom or to spend significant time and money to replace the compromised computer systems and their data. This strain on resources serves as a wakeup call for municipalities to implement effective measures now to protect existing services.
Among municipalities, the current level of preparedness to deal with cyberattacks does not bode well for those engaging in smart cities projects. With such initiatives, infrastructure and systems will only get more interconnected and interdependent, increasing the cyber-attack surface. For instance, they will likely include large numbers of IoT sensors and video cameras, which are not necessarily designed with security in mind. The potential consequences of these smart systems being compromised could go beyond financial and service losses to include loss of property and casualties.
Smart Security: Zero Trust
To protect existing and future services, municipalities must consider a smarter approach to security as they become smart cities: zero trust. The internet has largely operated on an implicit trust model, assuming that entities are who they say they are unless proven otherwise. Such a model is outdated given the new IoT and network technologies and the reality of persistent and evolving cyber threats. With a zero trust approach, the idea is to control access to services by requiring authentication for any person or device attempting a network connection.
Applying a zero trust approach means security starts at the front gate or entry point – the internet connection. Only a person or device with an authenticated identity can complete a connection and enter a perimeter. For aspiring smart cities, however, the IoT, mobile devices and cloud services mean that a defensible network perimeter is not nearly as well defined as in the past. Lines have expanded and blurred, introducing ever greater security challenges.
Microsegmentation Gives Defense a Boost
While a zero trust approach is a practical and effective starting point, municipalities will need to be diligent about taking the philosophy one step further and applying it within a dynamic perimeter. After all, once an attacker penetrates that perimeter, they can move laterally inside the network and compromise systems or exfiltrate data with little risk of being detected.
Considering the number of potential connections required in a smart city model, and the number of potential vulnerabilities, municipalities should add microsegmentation to their security arsenal. Microsegmentation separates and creates barriers that help contain any potential threat, stopping a bad actor or a single infected device from compromising municipal services.
A zero trust model with microsegmentation can be applied to new or existing network infrastructure, enabling municipalities to enhance their security while embracing smart city initiatives. This approach reduces the risk of cyberattacks and of having to make costly ransom payments or embark on a massive data restoration and system rebuilds if compromised.
A Solution that Scales
Staying ahead of the rapidly evolving threatscape will become an exponentially more difficult task given explosive IoT growth and the impending 5G-enabled future. As municipalities embark on smart city initiatives, they need to consider smarter security solutions, like microsegmentation with zero trust, that can scale with their systems to ensure uninterrupted operations of services for residents and visitors alike.
Originally this article was published here.
This article was written by Mike Miracle, a senior marketing and operations executive with extensive experience in networking, security, virtualization, and storage software. He has built and led global marketing operations, most recently at SevOne, and he has consulted for and advised over 25 technology companies on strategy, operations, and M&A. Mr. Miralce led corporate development for VERITAS Software during it high growth years, and he has held senior technology management and software development positions at HP, Novell, and Bell Labs.