Why Aren’t We Talking More Proactively About Securing Smart Infrastructure?

Let’s not perpetuate the vicious cycle of security complexity and failure by trying to bolt on security after the fact.

Ned Miller, Intel Security, Chief Technology Strategist for Public Sector

October 20, 2016

3 Min Read
Dark Reading logo in a gray background | Dark Reading

Cyberattacks against smart cars, smart homes, and other smart devices are happening today, so it is easy to jump to the conclusion that we will soon be reading about smart buildings and smart cities being attacked.

I have to admit I have become somewhat desensitized to the topic of cyberattacks against infrastructure. Maybe it’s because I see the industry and media classifying the security of smart infrastructure under the topic of securing the Internet of Things. When I hear about IoT attacks, it just hasn’t been personal enough for me to get fired up.

An Intel colleague, Lorie Wigle, head of Intel’s IoT strategy, recently described how technology will be part of climate change efforts. Whatever the carbon goal, renewable energy, energy efficiency, smart transportation, and smart buildings will all play critical roles. After reading her blog, I started noticing other articles covering everything from the latest connected car hacks to suspicions of rigged Internet-connected voting systems.

Maybe you remember a US government exercise from just a few years ago, when a team of hackers used a cyberattack to make an electrical generator motor self-destruct. Or the attack against the Ukrainian electric power grid, which put the US grid on high alert last year.

Recently, the US Transportation Department released the first national guidelines to spur development of autonomous-vehicle technologies and ensure their safety. The day before that, a group of researchers showed that it was possible to control an Internet-connected car from a distance. These researchers said they were able to take over numerous functions of a specific make and model from as far away as 12 miles, manipulating the vehicle’s controls via a laptop computer. They locked the car's control screens, moved seats, activated turn signals, and opened doors without keys. While the car was driving, they used the laptop to turn on windshield wipers, open the trunk, and fold in exterior rearview mirrors. A researcher in an office building also 12 miles from the test track was able to activate the car's brakes while the vehicle was moving.

A June 2016 survey conducted by Dimensional Research assessed cybersecurity challenges associated with smart city technologies by interviewing over 200 IT professionals working for state and local governments. When asked if a cyberattack targeting critical city infrastructure posed a threat to public safety, 88% of the respondents said yes. In addition, 78% of the respondents stated there would likely be a cyberattack against smart city services in 2016.

Smart cities use IT solutions to manage a wide range of city services, including smart power grids, transportation, surveillance cameras, wastewater treatment, and more. Navigant Research anticipates that global smart city technology revenue will reach $36.8 billion this year. Despite growing profitability in the sector, many cybersecurity experts are wary that smart city technologies are being adopted faster than the technology needed to protect them.

I started this blog asking a question: Why aren’t we talking more proactively about securing smart infrastructure? I’ll end it with a request for action: Get seriously involved now. Let’s not repeat the mistakes of the past and perpetuate the vicious cycle of security complexity and failure by trying to bolt on security after the fact.  Build in a sustainable defensive advantage as part of your security reference architecture as you build your smart ecosystems.

Read more about:

2016

About the Author

Ned Miller

Intel Security, Chief Technology Strategist for Public Sector

Ned Miller, a 30+ year technology industry veteran, is the Chief Technology Strategist for the Intel Security Public Sector division. Mr. Miller is responsible for working with industry and government thought leaders and worldwide public sector customers to ensure that technology, standards, and implementations meet the challenges of information security and privacy issues today and in the future. In addition, Mr. Miller is also responsible for worldwide government certification efforts to ensure Intel's products comply with the latest global security standards and protocols.

Mr. Miller acts as the internal customer advocate within Intel's Security and advises Intel's executive leadership with strategies to drive government and cybersecurity requirements into Intel's products and services portfolio and guide Intel's policy strategy for the public sector, critical infrastructure, and threat-intelligence communities of interest.

Prior to joining Intel Security, Mr. Miller served in several executive, sales, business, technical, and corporate development leadership capacities. Most recently, Mr. Miller held executive sales and technical leadership positions with Hewlett Packard, including the Global Chief Technology Strategist for Hewlett Packard's Enterprise Security Products team. In addition, Mr. Miller worked for Symantec as the Corporate Development leader for Symantec's public sector organization responsible for advising sales leadership and driving innovative solution approaches in support of standards initiatives and programs such as next-generation security controls, Security Content Automation Protocol (SCAP), Cyber Scope, cloud and cloud security, FedRAMP, the latest in information protection methodologies for mobility, and next-generation identity management and authentication solutions. 

Before joining Symantec, Mr. Miller was the founder and CEO of the IT security firm Secure Elements.  Secure Elements was an early pioneer in the development of security standards. In addition, Mr. Miller has authored numerous whitepapers on enterprise security management and is the co-inventor of a series of next-generation network security patents. Mr. Miller is also recognized by the US Government as a subject-matter expert on the topic of security automation and information protection and is an active moderator and panelist across the IT industry.

Mr. Miller is also an active member on the NIST Security and Cloud Standards Working Groups, former chair of the Cyber Security SIG of the ISSA, and a member of AFCEA, CSIA, and Tech America's Cloud - State & Local Government Commission.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights