Last week we excitedly announced Microsoft as our newest Platform Partner to help cities build resilience. Microsoft is not only well-established and respected as a global technology leader, but the company is also on the cutting edge of cybersecurity solutions, which are important for the modern resilient city.
Microsoft CityNext joins more than 30 other Platform Partners, a group of organizations from the public, private, and nonprofit sectors that provide critical tools to cities worldwide. These tools help cities become better at withstanding and recovering from the shocks and stresses that are a growing part of life in the 21st century.
This partnership couldn’t have come at a better time. Cities’ risk of cyber-attack increases every day, and we have seen several major companies from a wide range of industries fall victim to cyber-attacks. And cities’ attention to and appetite for cyber-security is blossoming to match.
At the same time, the growth of the Internet of Things (IoT)—the massive connectivity of internet-connected objects—is increasing cities’ exposure to cyber threats. City leaders are starting to use IoT to offer more efficient services, with thousands of sensors and mobile devices feeding data to the cloud. This data makes implementing resilient planning, design, and operations easier and more effective.
But often these devices aren’t created with security as the main priority, and data sent and received may not be secure. While the continued growth of IoT offers more opportunities to improve city processes, this growth also makes security and privacy requirements more complex and challenging. Cities that fail to protect themselves against hackers and other cyber-attackers leave themselves vulnerable to system failures that can potentially lead to huge economic losses.
So what might improved urban cybersecurity measures look like? Microsoft has a seven-step approach to help cities design and implement cybersecurity strategies. It includes:
- A risk-based approach that looks at the overall structure of a city’s systems to determine how to mitigate vulnerabilities to reduce the likelihood of system failure.
- The establishment of clear priorities and security baselines, using standards like NIST’s “Framework for Improving Critical Infrastructure Cybersecurity,” and the Council on Cybersecurity’s “Critical Security Controls for Effective Cyber Defense.”
- Working hand-in-hand with the private sector and other government entities to identify vulnerabilities.
- Educating citizens by equipping them with tools and resources to understand these issues.
- Formalizing the creation of public-private partnerships.
By working closely with Microsoft and using these methods, 100 Resilient Cities will be able to help cities improve their digital resilience capabilities, and integrate this priority while working towards their overall resilience strategies.
This post first appeared on Microsoft CityNext’s blog, and is cross-posted with their permission.