Close this search box.

We are creating some awesome events for you. Kindly bear with us.

Cyber Resilience Guidelines for Smart Cities

The vulnerabilities of the complex artificial intelligence-powered software systems used to integrate the data from citizens, businesses, and government agencies make smart cities an appealing target for malicious cyber actors. Therefore, a group of leading cybersecurity experts created smart city security standards. The recommendations are designed to help smart cities strengthen their cyber defences.

New Zealand National Cyber Security Centre (NCSC-NZ) released these in conjunction with the United Kingdom National Cyber Security Centre (NCSC-UK), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA) and the United States Federal Bureau of Investigation (FBI).

These agencies are aware that communities might look to smart city infrastructure digital transformation for cost savings and quality of life enhancements. While bringing public services online can boost efficiency and resilience, evaluating and managing potential cybersecurity risks is vital.

University campuses, military bases, municipalities, and cities are just some communities incorporating smart city technologies into their infrastructure. Connected places, connected communities, and smart homes all use information and communication technologies (ICT), community-wide data, and intelligent solutions to digitally transform infrastructure and optimise governance to meet residents’ needs better.

Information from various sources (governments, businesses, and individuals) is being gathered, sent, stored and processed. Some smart software cities use to combine this data is artificial intelligence-powered and potentially vulnerable. National governments, cybercriminals, hacktivists, insider threats, and terrorists all pose a risk because of the monetary and political value they could derive from exploiting the weaknesses in digital systems and the massive data sets they contain for espionage purposes.

There is no foolproof technological solution as municipalities adopt smart city technology. However, the guidelines suggest a middle ground between security, privacy, and productivity. Place the concepts of least privilege, enforce multifactor authentication, carry out zero trust architecture, regulate changes to internal architecture risks, carefully manage smart city assets, improve the safety of vulnerable devices, preserve internet-facing services, patch systems and applications in adequate time, and examine the legal, security, and privacy hazards associated with deployments are all suggestions for bolstering the cybersecurity of smart cities.

A security architecture should be developed following the principle of least privilege, which states that each entity should access only the most miniature set of system resources and authorisations necessary to carry out its specific role. Default and existing configurations, as well as hardening vendor recommendations, should be examined by administrators to guarantee that hardware and software have access to only the systems and data they need to execute their jobs.

To harden the infrastructure that permits access to networks and systems, the entities adopting smart city technologies should lock down remote access applications and require multifactor authentication (MFA) on local and remote accounts and devices.

Adopting zero trust network design concepts, users can use a layered, defence-in-depth strategy to achieve a more secure network environment. Each new connection needs authenticating and authorising. Zero trust makes network activity visibility, trend de-identification by analytics, issue resolution via automation and orchestration, and effective network security governance possible.

Organisations tasked with rolling out smart city technologies need to be aware of their surroundings and manage communications between subnetworks, especially those that have recently been integrated to facilitate the integration of infrastructure systems. Administrators of such networks should always be mindful of the people whose responsibility is to ensure the safety of the entire system and its constituent parts. The impact of a compromise on the community can be mitigated if administrators take the necessary steps to identify, organise, and isolate essential business systems and implement the required network security controls and monitoring tools.


Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.


As a Titanium Black Partner of Dell Technologies, CTC Global Singapore boasts unparalleled access to resources.

Established in 1972, we bring 52 years of experience to the table, solidifying our position as a leading IT solutions provider in Singapore. With over 300 qualified IT professionals, we are dedicated to delivering integrated solutions that empower your organization in key areas such as Automation & AI, Cyber Security, App Modernization & Data Analytics, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Renowned for our consulting expertise and delivering expert IT solutions, CTC Global Singapore has become the preferred IT outsourcing partner for businesses across Singapore.


Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit


SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.


HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 


IBM is a leading global hybrid cloud and AI, and consulting services provider, helping clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,800 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently, and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity, and service. For more information, visit