The future holds a lot of promise for the person with the CIO job. The cities in which our company operate are becoming more and more connected as the smart city of tomorrow starts to arrive. However, it turns out that there is a downside to this brave new world. As cities become more connected, the opportunity for the bad guys to use this connectivity to do bad things starts to increase. If our company is going to be operating in this type of smart city, then CIOs need to understand the importance of information technology and the risks that will come with it.
The Challenges Of Securing A Company In A Smart City
CIOs understand that smart cities are coming. They also understand that hackers won’t be very far behind. The arrival of smart cities has already started as cities across the globe start to use technology to connect their services and residents in ways that were only imagined just a few years ago. Right now these cities are using sensors to collect data – about garbage collecting, public utilities, traffic, road conditions and much more – and then using that data to deliver services to more residents more efficiently. But this rush to become a smart city comes with a major drawback. The more connected a city becomes, the more vulnerable it is to cyberattacks. In recent years hackers have effectively held cities hostage through ransomware, sometimes crippling critical systems for long periods of time. The damage can cost millions to repair.
What the person in the CIO position has to understand is that this is just the beginning. As cities add connectivity to their streetlights, power grids, dams, transit lines and other services, at the same time they are adding more targets that have the potential to be hacked. What’s more, as additional information on residents is collected, city officials worry the resulting reams of data could attract nation-states or terrorists who could incorporate the data into physical and cyberwarfare campaigns. The reality of the situation, and the risk that has to be managed, is that smart cities are introducing new opportunities for malicious hackers to exploit devices that have previously required physical access. These connected cities are lowering the barriers to entry.
What parts of operating a business in a smart city should cause CIOs the greatest concern? The big question is what are the most vulnerable places in a smart city? And what are the threats that hackers could pose to them?
Issues with Sensors, Data And Privacy
CIOs know that there is power in data. The more data that you have, the more decisions that you can make. Sensors are the building blocks of future smart-city initiatives. Smart cities have plans to place them on traffic lights, garbage cans, street lamps and buildings to collect mountains of data – such as the level of pollution in the air, vehicle movements and the population of certain areas at different times of day. Once in place, these sensors will transmit data back to collection stations, which can use the information to, say, identify and reduce sources of pollution, manage traffic flows and arrange garbage pickups.
Once a city installs a collection of Internet of Things sensors over a widespread area, the opportunities for hackers to inflict damage grow exponentially. Unfortunately, the technology itself is often not nearly as smart as the people running it, and could be an open door for determined attackers, potentially allowing them to get into other city systems as well as hijack the data itself.
The Threat To Energy And Water Supply Systems
Every company uses both energy and water in order to keep running. Generally CIOs don’t spent a lot of time thinking about these utilities, but perhaps they should. Using smart technologies allows for more efficient distribution of power and water in urban areas, particularly in regions that have a large daytime population, such as central business districts. Coupling this with monitoring technologies, smart grids can divert power to areas of high demand, or lessen the supply in areas that don’t need it while others do. The new smart grids also allow power companies to know more precisely how much electricity a company uses over a given period.
What CIOs need to realize is that malicious software could disable power plants. The ubiquity of smart meters now means that the possible points of entry into the network number in the thousands. A hacker who manages to compromise power systems would have free rein to cause havoc. This could include doing things such as diverting power away from a hospital, depriving fire departments of a local water supply during a blaze by diverting water from hydrants, or triggering a citywide blackout. At a business location level, compromised smart meters could start fires by overloading circuits, distort billing and, perhaps most ominously, allow access to other internet-connected devices within the corporation. What’s more, once a utility’s system is attacked, it’s hard to just turn it off and look for the problem. When a city establishes internet-connected technology and comes to depend on it the city has to figure out a way to deal with an attack while keeping services running. That makes it crucial to plan for attacks ahead of time. As CIOs are well aware, if you don’t cover security from the very beginning, then it becomes very difficult to protect it.
What All Of This Means For You
The world in which we live is changing. CIOs know this and they are working to adjust to the future that they see coming. One of the biggest changes that may impact them is the arrival of so-called smart cities. These are cities in which everything is both monitored and interconnected. Although there are a lot of advantages of running a business in a city like this, there are a number of security issues that CIOs have to be aware of. Running a business in a smart city will require new skills from CIOs.
The new smart cities will interconnect a wide range of services. This will allow residents to be better served by the city. However, this interconnection will also open the door to hackers who want to disrupt city operations. As more gear is added to the city there are more points for hackers to attack. As more data about the city’s residents is gathered, there is more data to be stolen by hackers. Sensors are the key to running a smart city. As these sensors are installed, they will open doors for hackers to break in. Both energy and water systems are critical utilities for keeping a business running. Smart grids will allow smart cities to monitor how much electricity is being used and where. However, smart girds also permit hackers to gain access to corporate IT systems if they are interconnected.
CIOs can’t stop the future from arriving. However, we do need to make sure that we have an understanding of what that future is going to look like, In the case of smart cities, our business is going to be able to operate smoother and interact with the city in a more automated fashion. However, along with these benefits come new security concerns. Hackers will be able to make use of the connected city to break into places that they had never been able to reach before. CIOs have an obligation to be aware of the threat that we will be facing and to start to take action to deal with it today.
– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™
Question For You: How can CIOs make use of the benefits of a smart city without opening themselves up to being attacked by hackers?
Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!
What We’ll Be Talking About Next Time
One of the biggest challenges that is facing the person with the CIO job these days is finding ways to attract the best talent to join their company. CIOs everywhere are saying how difficult this is to do despite understanding the importance of information technology. While it is true that the number of job candidates who have the correct set of skills that CIOs are looking for may be few, it turns out that there may be more of them than we realize. However, because of the way that our companies go about hiring people there is a very real possibility that a number of qualified candidates, including women and minorities, may be getting overlooked.