- A collection of nonprofit and private technology groups are teaming up to create a "blueprint" of best practices for securing the Internet of Things infrastructure at the edge.
- The nonprofit Virginia Innovation Partnership Corporation (VIPC); Crossroads Innovation Group, a Virginia-based consulting firm dedicated to emerging technologies; and Device Authority, a global provider of identity and access management for IoT, will test the security of a range of technologies across applications, including wildfire and flood sensors.
- The project, with funding from the Virginia Smart Community Testbed and the U.S. Department of Homeland Security, will also develop architectural guidance and recommendations for the procurement and secure deployment of IoT technologies across federal, state, local and civilian agencies.
The Virginia Smart Community Testbed in Stafford County, Virginia, which launched last year, serves as a “living laboratory” to test and develop smart city technology for the state, while also addressing security risks for critical infrastructure. “It is the first Smart City Testbed involving an IoT platform, fully integrated with 5G and other new and emerging technologies for Smart Cities around the country,” according to the announcement.
The blueprint will aim to shed light on best practices for securing a range of IoT technologies. That technology can include everything from “off-the-shelf gizmos” like animal tracking collars, to wildfire sensors, and IoT devices used for national critical infrastructure like the Colonial Pipeline, according to VIPC CTO and Vice President of Strategic Initiatives David Ihrie.
The effort in Virginia comes as securing smart city technologies has often been an “afterthought” for many local leaders. But that is expected to change as global annual smart city cybersecurity revenue is forecasted to grow from $7.6 billion in 2021 to $26 billion in 2030, according to a 2021 Guidehouse Insights report.
As IoT technologies have become essential components of everyday life and work, every connected device presents an opportunity for malicious actors to infiltrate and disrupt daily life and commerce, Khalil Yazdi, chief strategy officer at Crossroads Innovation Group, and Tyler Gannon, vice president of strategic alliances and corporate sustainability at Device Authority, wrote in an email interview.
These types of initiatives "provide an important opportunity for planners to explore and understand the challenges of IoT deployment, discover unintended consequences and develop mitigation and management strategies,” Yazdi and Gannon said. “As innovations in technologies and uses are nearly continuous, such an initiative is by nature a continuing, living-laboratory that will inform planning, management and security initiatives.”
Securing critical infrastructure in cities has also taken on heightened urgency following Russia’s invasion of Ukraine. The invasion should serve as a wake-up call to U.S. state and local governments, Alison Post, associate professor of political science and global metropolitan studies at the University of California at Berkeley said in an earlier email interview. Urban infrastructure systems like street lights and security alerts could all be targeted, she said.
To date, many cities have struggled to secure their technology against cyber threats due to insufficient resources. One of the biggest challenges that procurement officials in cities or the federal government face when trying to secure that technology is a lack of training or expertise, according to Ihrie.
As city leaders look to improve their smart city and IoT technology security, Yazdi and Gannon said the first step is to catalog the scope of IoT device deployments, particularly in areas that city leaders recognize as “critical infrastructure,” adding that then the process of securing and monitoring and maintaining those devices can begin.