The concepts of smart cities have always triggered an evangelical sloganeering from every stakeholder, be it a planner, an engineer or a futurist. At its core, a smart city amalgamates local information systems, hospitals, schools, transportation systems, law enforcement under one grid, and efficiently uses real-time control systems and sensors from data gathered from people and enterprises leading to optimized systems.
But where does security come into the picture? Gaurav Agarwal, Managing Director at Symantec, India, in an exclusive interview with CISO MAG pointed out, “Cybersecurity can be success or failure for a smart city depending on how the entire concept is rolled out. For example, if the city is rolling out public WIFI, and for whatever reasons, user credentials get stolen from the way the WIFI system is implemented, the confidence from smart cities will completely be eroded and the whole program moves three to four steps backwards before it even began.” Adding, “also, if citizen services are rolled out using a smart city platform and if the data that flows through the platform is not protected using the right protection, resulting in a leak of data, it will also have a similar impact.”
He highlighted that security must never be an afterthought of a project like smart cities, and there should be enough groundwork that should be done before implementing a smart city project.
Commenting on how existing cities are migrating toward a smart one and how several patchworks are already required, he pointed out, “Cities are where people are living, so it makes sense for making the existing cities smarter rather than converting a new place where there is nobody living into a smart city. We should think about the people as we invest in new programs and projects, therefore we need a right cybersecurity framework to make sure that the services are been delivered in a manner that it is cyber safe.
“For example, if there are multifactor authentication or login id required, create such a framework which makes sure that even if the login id and password are compromised, the multi-factor authentication can ensure that nobody’s identities and credentials can be misused. You must ensure data that is collected is encrypted so that even if it is stolen or leaked the data can’t be used elsewhere because it cannot be decrypted, thus placing a preventive measure from the very beginning. The third most important factor is the people who work within the smart city framework or the municipal corporation. They must understand cybersecurity and understand bad websites, bad email, wrong USB device entering PCs, et al. Here basic training must be given to everyone on safe computer usage.”
India joined the smart cities cause in 2015, under the vision of its Prime Minister Narendra Modi who identified 100 cities for the project across the sub-continent. Ever since then the country has been trying to integrate multiple technological solutions electronically to create a connected environment for the management of the city’s infrastructures. When asked if Symantec been involved with any smart city project, he said, “Symantec has been involved in various projects in bits and pieces, but I believe it is the Panaji Smart city program that we have been actively proactively involved with right from the design space, giving input to the clients, decision making criteria on what they have to secure from a technological perspective.
“It is one good start which we believe should be an essential part of a smart city, keeping citizens secured, making a platform very strong, giving them analytics on what’s happening on the environment so that if something unwelcome is occurring we can take action. Also, right from day zero we are working on building a SOC which will also make the governing bodies aware on what’s happening in the data center, what’s happening in the network so that they can take right actions and we will support them with an incident that is needed with if something goes out of control.” He is certain that Goa will serve as a great example on this and Imagine Panaji project might get the ball rolling.
When asked if Panaji is ready to jump on the smart city bandwagon, “I think Panaji is outstanding and have done a lot of work on making the city cleaner, building networks, and have been involved in several other developmental activities,” he opines. “The government is making the life better for tourist who make it to the city and is making it a safer place. Some of the projects that are getting a lot of attention into include city WIFI, surveillance, solid waste management solutions, environment census in terms of geographic systems, smart parking, integrated command and control, et al. According to him these will enable different authorities to act on what’s happening in the city. It is a good start and absolutely a good vision that city is taking off.
We can conclude that the upcoming smart city in Panaji is on the right road which has kept cybersecurity at its core and that is indeed a good start.