Balancing The Promise And Perils Of Smart Cities In Asia Pacific: Safety, Security, And Privacy

by Phillip Ivancic, APAC Head of Solutions Strategy, Synopsys Software Integrity Group

Asia Pacific is at the forefront of smart development — From Singapore’s Smart Nation initiative to India’s 100 Smart Cities mission, and Australia’s Smart Cities plan, governments are pushing for digital transformation to create urban environments for its citizens. According to recent research, the market in this region is projected to reach $1,635.3 billion by 2030.

The advent of smart cities has brought with it promises of increased efficiency, sustainability, and convenience. Smart cities hold immense potential to transform the way we live, work, and play. Leveraging technologies like Internet-of-Things (IoT), Artificial Intelligence (AI), and big data analytics can empower improved traffic management, reduced energy consumption, and optimised public services which are just a few of the benefits smart cities promise to deliver.

However, with great advancements also come risks. As more devices and systems become interconnected in the race to achieve a “smart city”, it might be wise to hit the pause button or at least proceed incrementally with extreme caution, for several important reasons: safety, security, and privacy.

Safety
According to the National Cyber Security Centre (NCSC) in the UK, smart cities or “connected places” are communities that “integrate information and communication technologies and IoT [Internet of Things] devices to collect and analyse data to deliver new services to the built environment and enhance the quality of living for citizens.”

Enhanced quality of living sounds great—even warm and fuzzy. But so far it comes with regular, major risks. “Connected places” like Baltimore and Atlanta were in the news for the wrong reasons several years ago when both were hit with catastrophic ransomware attacks that took down multiple city services because bad people were able to connect with them.

Security
Check the tech press headlines on just about any week and you will find stories of successful cyberattacks. Quite recently, two men were allegedly able to disrupt more than 20 trains in Poland using simple “radio stop” commands, effectively compromising the country’s railway system with a $30 off-the-shelf radio system.

Closer to home, the Defence Housing Australia (DHA) is also investigating a potential data breach after they were notified that a third-party service provider had suffered a cyber-attack. This is a reminder that even if hackers can’t breach you directly, they might be able to get to you through your digital supply chain.

Privacy
A collaborative white paper from the security agencies in the US, UK, Australia, and New Zealand titled “Cybersecurity Best Practices for Smart Cities,” noted that “smart cities are attractive targets for malicious cyber actors because of […] the data being collected, transmitted, stored, and processed, which can include significant amounts of sensitive information from governments, businesses, and private citizens.”

Data collection by those who are running connected places has privacy implications even if the data is never stolen. It’s always important when data is being collected to understand what’s being collected, how it’s being handled, who has access to it, how long it’s being stored, and what it’s being used for.

While the efficiency of services such as waste collection can be improved with data collection, there are many other examples where collection of citizens’ personal information could potentially be abused for tracking or monitoring purposes, including facial recognition techniques tracking movement through bus/train passes, etc.

Two Camps
Debates about the pros and cons of “smartifying” cities have long been in discussion.

On the one hand, why shouldn’t the efficiencies, conveniences and cost-saving opportunities be brought to the city we live in? After all, there are significant benefits to be had from those systems—more efficient urban services such as optimised water supply, trash collection, and energy distribution. These could save cities money while also delivering better services to their residents.

And yet, the risks to security and privacy are multiple and varied. For most people, there is a bit of apprehension about smart devices in their homes, which is amplified when it comes to that technology being used throughout the city.

Then again, no technology solution is completely secure. Organisations, both public and private, get breached every day of the year. However, it’s important to remember that when it comes to “connected places,” the stakes are higher, with potentially millions of people at risk. So, it’s worth the time, effort, and money to make those places the most difficult targets possible.

Finding The Right Balance
As smart cities continue to gain momentum in APAC, it is essential to balance between security and privacy to ensure long-term success. While robust security measures are necessary against cyber threats, they should not come at the expense of privacy.

A promising way to proceed with caution is to move toward “smart” incrementally. As with all major IT implementations, the services in smart cities should be implemented in phases to reduce complexity. This will also give residents time to get familiar and comfortable with the services.

By addressing these challenges head-on, through robust security measures, privacy policies, and government regulations, smart cities can thrive while ensuring the protection of citizens’ data and personal liberties. It is through collaboration, innovation, and a commitment to finding the right balance that smart cities in the APAC can truly fulfill their potential as intelligent urban environments that enhance the lives of their citizens.