Joint publication on cyber security best practices for smart cities

April 19, 2023

CSE’s Canadian Centre for Cyber Security Cyber securityThe protection of digital information, as well as the integrity of the infrastructure housing and transmitting digital information. More specifically, cyber security includes the body of technologies, processes, practices and response and mitigation measures designed to protect networks, computers, programs and data from attack, damage or unauthorized access so as to ensure confidentiality, integrity and availability. (Cyber Centre) joined the following cyber security partners in issuing a joint publication reminding communities and IT practitioners of best practices to keep smart cities’ infrastructure as secure as possible:

• Australian Cyber Security Centre
• Cybersecurity and Infrastructure Security Agency
• Federal Bureau of Investigation
• National Security Agency
• New Zealand’s National Cyber Security Centre
• United Kingdom’s National Cyber Security Centre

All partners acknowledge that smart cities offer many benefits for communities. However, smart cities are an attractive target for criminals and cyber threat Cyber threatA threat actor, using the internet, who takes advantage of a known vulnerability in a product for the purposes of exploiting a network and the information the network carries. actors to exploit vulnerable systems to steal critical infrastructure Critical infrastructureProcesses, systems, facilities, technologies, networks, assets, and services essential to the health, safety, security, or economic well-being of Canadians and the effective functioning of government. Critical infrastructure can be stand-alone or interconnected and interdependent within and across provinces, territories, and national borders. Disruptions of critical infrastructure could result in catastrophic loss of life, adverse economic effects, and significant harm to public confidence. data and proprietary information, conduct ransomware RansomwareA type of malware that denies a user's access to a system or data until a sum of money is paid. operations, or launch destructive cyberattacks.

Successful cyberattacks against smart cities could lead to:

• disruption of infrastructure services
• significant financial losses
• exposure of citizens’ private data
• erosion of citizens’ trust in the smart systems themselves
• physical impacts to infrastructure that could cause physical harm or loss of life

Communities implementing smart city technologies should account for these associated risks as part of their overall risk management approach. The joint publication includes best practices that organizations should implement to ensure the safe and secure operation of their smart cities infrastructure and to protect their data.

Read the joint publication on cyber security best practices for smart cities.

Additional guidance

• Security considerations for critical infrastructure - ITSAP.10.100
• Connected communities - ITSAP.00.222