San Diego tweaks cyber platform in anticipation of IoT data wave

As San Diego prepares to embrace the Internet of Things (IoT) and the flood of data that comes with it, city tech leaders are looking at how they can adapt the security tools they’re already using.

City Chief Information Security Officer Gary Hayslip told StateScoop the city is experimenting with several IoT “intelligent infrastructure” projects that are forcing staffers to rethink their cybersecurity strategies. With efforts already in progress to use sensors to monitor street lights and even trash collection, Hayslip said the city’s IT department is well aware they need to start thinking about how the city secures new streams of data.

“You have new data types, you have new protocols, new things that we haven’t been seen before when you’re doing industrialized IoT, IoT on a large scale,” Hayslip said. “Your perimeter is a lot more porous, since a lot of your perimeter is walking around on smart devices that your employees are using to do work, and because of that, now your networks are more malleable.”

The city is hoping to let its employees starting using as many connected devices as possible in the coming months, Hayslip noted, particularly as San Diego explores other IoT projects like a move to smart traffic lights, making the need for security upgrades particularly acute.

Hayslip said he’s hoping, however, that some of the city’s current tools are flexible enough to make the process of adapting them relatively simple. For instance, an existing vulnerability detection and asset management software — created by Maryland-based Tenable Network Security — will give IT staffers monitoring capabilities over all city IoT devices.

“That’s one thing Tenable is helping us do — identify these technologies as they get connected to the internet so we know what we’re looking at,” Hayslip said. “It’s so we understand, ‘OK, that’s not malware, that’s not some type of HVAC system, that’s a streetlight and the sensors on that streetlight.’ And it’s helping us identify that new technology because they are unique, even though I know two, three years from now, the signatures will already be in a lot of the analytics databases.”

The city first started using Tenable about 18 months ago to assess how the city’s network devices could best be secured, he said.

“One of the things a security or risk professional looks at when running large programs like this is you want to have a baseline, some type of security framework to give you a foundation and gives you a starting point,” Hayslip said. “So you have to be constantly scanning, constantly remediating, constantly looking at the network in a continuous process. And [this was] the only platform I knew that actually gave me that ability.”

Before IT started using the tool, they saw about “200 machines get infected” each month, and have now reduced that figure about 35 percent, he reported. And those numbers translate into dollars for the city.

“What we estimated was each time we had a machine that was infected, we’d lose about $600 of productivity, because our workers would basically be down for a day or two while we were trying to remediate their machine, get them back up, get them back to work,” Hayslip said. “So when you really think about that being 100 and some machines that you’re not having to clean up or replace or remediate, that’s quite a chunk of money.”

During the last six months, Hayslip said he’s increasingly needed to adjust the platform’s settings to scan for ransomware, because the city is seeing a “significant increase” in those sorts of cyberattacks.

In July, smart city proponents met in Singapore for the World Smart City Forum to discuss the future of smart cities and to discuss the need for a more comprehensive framework to advance the movement. San Diego is already examining the International Organization for Standardization’s smart city framework, Hayslip said, using Tenable as the foundation for progress.

“As we put in new technologies, we wanted to make sure that this platform works with those new technologies, and we think it’s going to continue to be a good partner with us two, three, four years down the line,” Hayslip said.