- ICIT Research
ICIT Bright Minds: Smart City (In)Security With Cesar Cerrudo, ICIT Fellow and CTO, IOActive
Updated: Feb 12
In continued support of our mission to cultivate a cybersecurity renaissance that will improve the resiliency of our nation’s 16 critical infrastructure sectors, defend our democratic institutions, and empower generations of cybersecurity leaders, ICIT has embarked on a journey to hold candid interviews with some of the brightest minds in national security, cybersecurity, and technology. Our goal is to share their knowledge and insights with our community to shed light on solutions to the technology, policy, and human challenges facing the cybersecurity community. Our hope is that their words will motivate, educate, and inspire you to take on the challenges facing your organizations.
Critical infrastructure is increasingly dependent on smart city and Internet of Things (IoT) devices. However, many of those systems were not designed with security features, and some cannot be secured at all. Adversaries can leverage vulnerabilities in unsecured IoT devices to laterally compromise sensitive systems, disrupt business operations, or jeopardize public safety and security.
With an estimated 200 billion IoT devices connected to the Internet and an estimated global market exceeding one trillion dollars by 2020, digital adversaries will target and compromise vulnerable IoT devices because the threat landscape is lucrative. To protect smart cities and all connected networks and systems, IoT devices must be developed with security by design throughout the development life-cycle.
In this Bright Minds Q&A, ICIT Fellow and IOActive CTO Cesar Cerrudo explains the problematic culture contributing to insecure smart city environments and he recommends measures to improve smart city cybersecurity, protect public infrastructure, and mitigate threats to critical infrastructure.