The second part of the NIST CSF Identify Function is the Business or City Environment in this case. According to the standard, the purpose of this function category is: The organization’s mission, objectives, stakeholders, and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions. Cities are … Continue reading Smart City: Identify – City Environment
Category: Cyber Security
For an overview of this concept, I am going to reference an article written by Dave McComb called The Enterprise Ontology. It offers a good description of an Enterprise Ontology as well as some very good reasons as to why an organisation, and in this case a City or the City Administration, should build one. The … Continue reading Learning from an Enterprise Ontology
Design Guide: Smart City Asset Management Design Guide It is not surprising that the first item in NIST CF is Asset Management with the mapping to the informative references being CIS Control 1 Inventory and Control of Hardware Assets and ISO 27K Annex A8 Asset Management. It is a fundamental requirement for cyber security. Over … Continue reading Smart City: Identify – Asset Management
In this second part introduction to the Cyber Security Framework for a Smart City i will cover the scope of the framework using the best practice described by the NIST Cybersecurity Framework and how the components can be used to work together with a Smart City strategy and thus effect a smart city cyber security … Continue reading Cyber Security Framework for Smart Cities – part 2
Introduction to a series of posts and resources i plan to put together to outline the key aspects of a Cyber Security Framework for a Smart City strategy. Having recently acted as an Advisor to a new Innovate UK research project I thought I would use and adapt some of the recommendations, for problems I … Continue reading Cyber Security Framework for Smart Cities – part 1
The example high level Criteria taxonomy below provides guidance on the types of capability characteristics needed to detail a specific view of how the capability will be made up. This should be supported by a lower level of Criteria, that will need to extend this high level set with the attributes needed to address specific … Continue reading Defining the capability criteria for required Smart City cyber security
It is important to select the right cyber security capabilities necessary to fulfil the scope and vision for a Smart City and the individual cyber security requirements. There may be potentially over 100 cyber security capabilities needed to support a large Smart City organisation and services. They could be chosen from a best practice framework … Continue reading Cyber Security Capabilities for a Smart City Cyber Security Strategy
The term Capability is often used in business reports and publications to describe something particular to a person, technology or an organisation but in many cases it is often less clear as to what exactly that "capability" is, how it materialises or is managed. So for the sake of clarity and understanding i am going … Continue reading Cyber Security capability for Smart Cities
A recent article from IOT World highlights that real world events can trigger cyber attacks either as protest or retaliation. City Security: How Fort Lauderdale Deals with Cyber Threats The article describes: In 2014, the city of Ferguson, Mo. was hit with a cyberattack in apparent retaliation for the police shooting of the unarmed teen … Continue reading Lessons to be learned from recent attacks to cities
It is important to be aware of and take note from Ashby's Law of Requisite Variety when addressing the problem of cyber security for a smart city. If a system is to be stable, the number of states of its control mechanism must be greater than or equal to the number of states in the … Continue reading Smart Cities, cyber security and cybernetics
Smart City Cyber Security 