SMART CITY BRANDING: CYBER-SECURITY & SMART CITIES THROUGH DAVID BEVILACQUA’S EYES

David-Bevilacqua1SANTIAGO MARTÍN CARAVACA INTERVIEWS DAVID BEVILACQUA, PARTNER AT MAM GROUP AND CHAIRMAN AT YOROI. FORMER VICE PRESIDENT, SOUTH EUROPE IN CISCO. PASSIONATE IN BRINGING PEOPLE AND IDEAS TOGETHER TO CREATE VALUE FOR ORGANISATIONS AND SOCIETY.

 


MILANO (ITALY), 26 MAY 2016- 09.00 CEST

DAVID, IMAGINe YOU´RE TALKING WITH A CITY MAYOR. HE/SHE TELLS YOU: OUR SMART CITY MANTRA IS “SAFE AND SECURE CITY” WHAT 2 OR 3 QUESTIONS WOULD YOU ASK HIM/HER IN ORDER TO ENSURE THAT THE SMART CITY BRANDING HAS A COHERENT STRATEGY AND IS ALIGNED WITH REALITY?

Most of the people feel “Safe and Secure” when they protect the perimeter by acquiring automatic security devices such as (but not limited to): Firewall, Antivirus and Intrusion Prevention Systems. Unfortunately nowadays perimeter does not exist any longer, attackers developed frameworks able to bypass these automatic defences. For such a reason a “security process” plays a fundamental role. Having said that I would probably ask her/him 3 questions:

  1. Do you have a proactive security operation center able to prevent and to react to cyber threats that could happen to your city?
  2. Did you develop recovery procedures in case a cyber attack will tamper with your city?
  3. Do you have a continuous improvement defence plan covering cyber threats ?

FOR VOLVO BRAND SECURITY IS ESSENTIAL. IT HAS ALWAYS BEEN CONSIDERED AS A COMPETITIVE ADVANTAGE. WHAT CITIES ARE BEST POSITIONED TO GROW AS “SECURITY” LEADERS AND PROTECT ITS CITIZENS, IN YOUR OPINION?

Important assets such as (but not limited at):industrial control systems, strategic traffic points, ports, airport facilities, utilities infrastructure and so forth are statistically targeted by cyber attackers. Cities with an integrated strategic assets defence system would probably be the best positioned to increase cyber defence and, consequently, protect its citizens. If you want to create a smart city you should also think first to forge smart citizens. Security is not just about defense systems and technologies, it is also about personal behaviors. Municipalities should educate their citizens to live in the digital world setting up education programs teaching a conscious use of technologies, undressing the potential risks in order to take full advantage of the digital transformation.

 

cyber security 2

ARE SMART CITIES POTENTIALLY “HIGHLY HACKABLE” IN YOUR OPINION?

Even if a smart city is much more than a city with electronic devices on it,  the high number of smart devices and digital processes would definitely increase the attack surface with the result of being more “hackable” if compared to “traditional” cities. However the great benefits introduced by technologies in terms of environment sustainability, increase productivity in the public administration and the possibility to offer better services to citizens can not be stopped. The digital revolution is going to happen anyhow and everywhere.  

IF THE SMARTER CITIES ARE THE MORE LIKELY CITIES TO BE “CYBER ATTACKED”, HOW TO CONVINCE CITIZENS TO LIVE IN SMART CITIES?

It’s an inevitable transformation, the digital revolution is going to happen anyway and it will provide unbelievable opportunities for business, cities, society and humanity. Digital is invisible like the oxygen we breathe, it is becoming almost as vital and is growing exponentially. Everything is becoming connected and connectivity is a massive technology disruption.We are moving from 15B devices connected today to 50B in 2020, IP traffic is set to triple between 2014-2019  and finally – when you look at the IP mobile traffic – 40% of that is going to be “Machine to Machine” (sensors). By adding more and more devices and generating more and more data, security needs to be everywhere. Taking advantage of the digital opportunity is our first concern. Why do we put breaks on cars? In order to go faster. In the same way security enables the digital economy.

SMART CITY 9

DO YOU THINK CITIES ARE GOING TO BE REQUIRED TO BE CYBER COMPLIANCE?

Yes, I do. Personal data and critical infrastructures are often connected to cities data bases. For example anagrafe or medical records (at least in public hospitals) are often stored into local government databases, so they are eligible of cyber attacks. For such a reason they should be cyber compliant.

DIGITAL SOLDIERS WITH THE MISSION TO PROTECT SECURITY IN SMART CITIES…. AS THE SONG (“BOHEMIAN RHAPSODY”) SAYS “IS THIS THE REAL LIFE? IS THIS JUST FANTASY? DAVID, WHAT DO YOU THINK?

In Yoroi we experience cyber attacks every hour. Most of them differ to other for few line of codes, some others are completely new and cyber analysts compete against time to understand the attack and to block it in order to protect our customers. So I would say it is real life and it is quickly moving up to another level. Defense belongs to Humans not to technology.

yoroi

NOW GOVERNMENTS AND PRIVATE COMPANIES ARE IN PROCESS OF CONNECTING EVERYTHING. THE CONNECTION OF EVERYTHING IN CITIES COULD MEAN FACING THE RISK OF EVERYTHING? DO YOU THINK SOME CRITICAL AREAS SHOULD NOT BE CONNECTED TO AVOID MAJOR RISKS?

Depending on the adopted classification environment, governments and private companies might also require to avoid external connections of specific assets. Many classified networks are not connected to internet or to public networks at all. Lets think about: flight control networks, train orchestration networks, intelligence networks, they are totally classified and self-resilient “disconnected” networks. However, data classification involves a deep and specialised process which should be driven by cyber security specialists.

HOW CAN WE MAKE SMART CITIES SAFER?

This is a such a difficult question! I personally would approach the problem from two opposite perspectives: bottom up and top down. 

The “bottom up” perspective assures quick defensive actions appreciable in the short-medium term, while the “top down” approach will guarantee a wide range of actions to be considered in the mid-long term. As a first “bottom up” action I would organise a cyber security defence center able to protect city critical infrastructures and classified data, while in the mean time I would start up a dedicated cyber security city commission able to make plans to the continuously improvement of cyber defenses. And – of course – educate citizens to behave properly.

Thanks David!

For more information: http://www.yoroi.company/

I invite you to follow these twitter accounts :@yoroisecurity @DavidBevilH2O @SmartCity_Brand

 

0 Comments

*

Cancel