What do Smart Cities, Data Driven strategies, Data Breaches and GDPR all have in common? Each other…

At the IP Expo Europe this month, I was honoured to be invited to join a panel in the IP EXPO Bytesize exploring “The Year Ahead” across four topic areas: Smart Cities, Data Driven strategies, GDPR and Data Breaches.

What resonated with me the most was how inter-connected and inter-dependent each topic is for each others success. Each of us acknowledged our reliance on data, data to drive the business, drive the compliance and even drive the criminals. GDPR regulations only exist because of the explosion of data. Data is driving the business discussion. And as Paul Adams very clearly defined the need for 5G to implement a true Smart City approach, it was apparent that they won’t exist and thrive if they can’t access data.

In turn, GDPR is changing how businesses and individuals treat and share their data, driving business data strategies and impacting how data will be used to drive the Smart Cities of the future. You get my point.

During my section and speaking on the future of Data Breaches what I hoped to share was the continued explosion of the risk. Like an arms race everything is escalating. The bad guys continue to increase their efforts as legislation such as GDPR is put in place to limit exposures while business come to terms with the fact that according to Microsoft, a data breach will cost the average company about $3.8 million. In the context of this panel discussion, a data breach could completely scupper any success or trust in a data-driven approach, lead to GDPR fines and impact Smart Cities in ways we could only imagine.

Listening to Paul discuss the opportunities with Smart Cities all I could think of was an analogy from one of my favourite movies, The Italian Job. The original one, mind you, from 1969. In this British comedy caper, the robbers headed up by Michael Caine manage to get away in their Mini’s by managing to get all the street lights to turn green or red in their favour. At the time a feat that left us cheering for the bad guys amazed that this was possible. But the reality today is that this isn’t a stunt in a film but a real possibility.

Making less noise than GDPR, the NIS Directive came into effect this year to help address a unified approach to supporting improving the baseline security around ‘Operators of Essential Services’. The NIS Directive is the first EU-wide security legislation on cyber security, launched as the security counterpart to the European Digital Single Market strategy. Here in the UK, perhaps as a pre-Brexit gesture, we have accepted the directive in full which comes with the promise of £17million or 4% of global turnover fines for those found lacking.

This has come into play because of the real potential that it won’t be just traffic lights that change, but it could be your gas or electric that is turned off or worse, nuclear plants are attacked. In a Smart City where everything is hackable, the potential is limitless. This reality should be the driver in making security a priority in your data-driven approaches, your GDPR strategies and at the heart of any Smart City planning.

But the sad reality is that security has not been at the heart of most businesses. Even for those businesses who should know better. Facebook, one of the original “Digital First” businesses ever created who should have been acutely aware of the cybersecurity risks as living and breathing in the cyber space it was core to their existence, just had yet another data breach. One, I may add, that could have been avoided if they had kept their security controls at pace with their business plans.  I agree with Rachel Wither and her opinion piece – it is an outrage.

We must learn from these exposures. Business and the next Smart City must evolve their cyber security strategies. Ultimately the traditional approach to “monitor, detect and react” is not enough in this arms race. You will always be behind the red light. But above your traditional firefighting methods of monitor and detecting alarms in the noise, you need to find a way to reduce the noise. You must increase your fireproofing efforts for long terms success. To allow your organisation to operate with confidence in this digital world.

To learn more about the need for a proactive approach download our 451 Research “The Time is Ripe for Proactive Security”

My fellow panellists included Ade Adewunmi from Teradata, Kevin Kiley from OneTrust and Paul Adams from Nokia Software, Europe.