Smart cities in India need to enhance their capacity in the cybersecurity domain

29 October 2018

As the wave of urbanisation currently affecting India merges with the overall trend of technologically enhanced smart cities, cyber and information security has become an increasingly pertinent risk across the country, according to a new report from global professional services firm PwC.

India’s economy is developing at a rapid rate, as the country is projected not only to become a driver of growth in the neighbouring region of Asia, but to emerge as the second largest economy in the world by 2050. A major part of this growth is a rapid expansion in the country’s middle class.

With an expanding middle class comes the gravitation towards urban centres – a trend that is manifesting itself visibly across India. By 2030, the rate of urbanisation in India is ecpected to reach a staggering 41%, taking the number of people living in just 70 Indian cities up to 600 million.

The government has recognised this trend, and has been working towards ensuring that the newly emerging urban centres are internationally competitive in that they are equipped with state-of-the-art digital facilities. This goal is being implemented through the Smart City Mission launched in 2015.

The mission facilitates the development of  100 smart cities through government funding, not only through the enhancement of existing urban centres, but through the development of smaller urban centres from scratch. Since the programme was launched, the government has worked with the private sector on the development of a number of smart cities.

Smart cities in India need to enhance their capacity in the cybersecurity domain

Big Four accounting and advisory firm PwC, however, has shifted its focus to the next step, namely the maintenance of cyber and information security once the smart cities are developed. In a new report, the firm explains the risks associated with integrated Internet of Things technology across these cities.

Examples of such technology include an Intelligent Traffic Management System, wherein traffic signals operate autonomously based on real-time information to optimise the flow of traffic. Other practical implementations include the tracking and management of the waste disposal process at each step, and leveraging real-time analytics to manage water flow. 

Smart cities will also incorporate advanced surveillance capabilities, not least due to closed circuit television (CCTV), alongside the automated collection of tolls and fares and what PwC terms as ‘telemedicine,’ entailing swifter and more comprehensive access to doctors and physicians in the city.

Lastly, smart cities are governed electronically, taking most public services on the online domain through the restructuring of government operations. It is this transition of financial and administrative activity to the online domain that exposes a large body of information to potential hackers and cyber criminals.

India has only recently seen an increase of online access, which means that a large majority of online users will be relatively inexperienced and susceptible to more simplistic online traps. In an integrated smart city environment, even the smallest of compromises could have devastating repercussions.

To this end, PwC recommends plans of action for the various stakeholders involved in the smart city ecosystem. At the central level, the primary stakeholder is the Ministry of Housing and Urban Affairs which, according to PwC, should rapidly develop a set of guidelines for information security.

At the local level, the stakeholders include the Special Purpose Vehicles (SPVs), project management consultants (PMCs), master system integrators (MSIs) and original equipment manufacturers (OEMs). PwC recommends that these organisations appoint information security officers, and conduct regular reviews on the status of cyber security.