I attended a Cisco Systems briefing early this week about its Smart Connected Communities initiative. Once again Cisco demonstrated its forward thinking by bringing together various government initiatives under the umbrella of what they call Smart Connected Communities.  A Smart Connected Community is built on IP-based infrastructure. This means that all of the critical components of a city infrastructure like utility, transportation, healthcare, commercial buildings, and emergency response systems connect via an IP-based network.

Overall, it was a good update briefing. But I was surprised to hear just how confident Cisco is that securing this networked infrastructure is a no brainier. When I asked the presenter: “Given that network infrastructure is not nearly as robust and secure in some emerging geographies, how are you planning to ramp up the backbone and make the network secure enough end-to-end to run smart services?”

The presenter agreed that we need to strengthen the network backbone and provide sufficient bandwidth and robustness to run smart services.  However, I was astonished to hear that he thought security is not as much of an issue. In his opinion Cisco is well versed in providing a secure infrastructure and they have implemented security in diverse environments like the financial, retail, and government sector.

Unfortunately, I’m not sure I share Cisco’s confidence. If security is that easy to implement then why are so many companies incurring heavy fines when they regularly fail compliance mandates. Day in and day out, why do so many companies worry about business and partner access as they expand their global operations? Why are utility companies light years away from being secure, as evidenced by their meters and power distribution systems that are prone to security breaches? In the smart connected environment, healthcare, financial institutes, retail, utility, and transportation companies will need to comply with industry-specific compliance requirements as well as broader government regulations to make the puzzle even more complex. Walking the path to this smart connected infrastructure comes with a magnified set of challenges for CIOs and CISOs. Among many things they will have to manage thousands of IP endpoints connected on the smart backbone.  At the same time, B2B security will become imperative as they would interact with many non-conventional partners that they’ve never dealt with in the past.

My take? Security should be at the top of the list when building these smart connected communities. We haven’t solved this challenge by a long shot. In fact, I fear it can prove to be the Achilles Heel when integrating disparate components together.   

I’m interested in your thoughts. What role will security play in Smart Connected Communities? Is Cisco right, we’ve already got it all figured out?

[posted by Usman Sindhu]