Securing the Future: Why IoT Security and Smart City Development Need to go Hand-in-Hand

Being associated with the company since 1997, Krishna is an eminent leader in his space followed by several peers for industry insights.

In 2007, the Gujarat State Government and Infrastructure Leasing & Financial Services jointly launched Gujarat International Finance Tec-City (GIFT) – India’s first smart city project. Created with the vision of becoming a global financial hub, the $12 billion smart city was recognized among the 100 most inspirational and innovative projects by KPMG. Further, in June 2015, the Indian government allocated $14 billion towards the ‘100 Smart Cities Mission’ with an ambitious view to developing 100 smart cities and rejuvenate 500 others across the country.

In the past decade, the Government’s push towards creating smart cities in India has been massive. While there is still a long way to go, there have been several infrastructure investments aimed at building cities that effectively connect and capture, analyze, and utilize data from transport, utilities, and communication. With a bustling urban population that is increasingly educated and hungry for success, India is poised to be the region to watch for further development and opportunities in technology, including the transformation of its cities into ‘smart’ metropolises anchored by connectivity and data.

The need for IoT security in India
This essential connectivity across infrastructure and services is not possible without the development of the Internet of Things (IoT). It is the connector and moderator across intelligent system architecture that monitors and regulates the output of these devices. Therefore, deployment of IOT infrastructure is an integral part of any smart city development. However, the security component of IoT can often be overlooked in the rush to city transformation. As a result, entire cities can be vulnerable to sophisticated IoT attacks on critical infrastructure.

Cybersecurity, which looks at the overall security of data in software and its systems, has instead been the main focus for governments, businesses, and regulators in the region. For example, governments and companies have spent millions on ensuring that major data centers are impervious to attacks from saboteurs. IoT security, on the other hand, has been left to its own devices. However, a recent report by Subex mentioned that India witnessed a staggering 86 percent increase in cyberattacks between March and April 2020, and around 51 percent of these attacks were via IoT devices, highlighting the need to focus on IoT security.

Like most technology, new IoT devices are developed through a process involving ideation, design, prototyping, manufacturing, and final implementation. This long process involves different manufacturers at various stages each contributing to the final product without direct communication. This segmented manufacturing process and involvement of various unrelated parties is what creates security vulnerabilities for the finished product, which is uniquely designed to capture user data for analysis.

This segmented manufacturing process and involvement of various unrelated parties is what creates security vulnerabilities for the finished product, which is uniquely designed to capture user data for analysis

Securing our smart cities by bolstering IoT security
In order to address these security vulnerabilities, manufacturers must consider a chain of trust, enabling end-to-end security from devices to cloud, and including device life cycle. Implementing and integrating security within this chain of trust could become a challenge. This is why it is recommended to work with a trusted partner that can provide expertise, network, and resources to advise and mitigate the security implications of the IoT device’s design and implementation.

This partner who has visibility to the entire design and manufacturing process, can be in a position to reduce security loopholes present in the development process, and plug the gaps that might be there if the inventor joins in the middle of the product development lifecycle. It is in being the central ‘one-stop-shop’ for inventors that would help them focus on the benefits of the invention while maintaining the integrity of the security.

This process and centralized visibility is how banks and financial institutions have aggressively addressed the security gap by identifying potential vulnerabilities from the very start of the innovation and product development process. As the technological integrity of a smart city depends very much upon its reliability to be safe and secure for its citizens, we must employ that same spirit towards IoT device development as we do for the financial ecosystem.