Security as the new innovation enabler

What does the city of the future look like? When will the worlds of Blade Runner and Minority Report bleed into our reality, as science fiction becomes science fact?

When discussing smart cities, we often focus on visionary scenarios that haven’t yet materialised. What’s overlooked is just how clever cities, and the businesses within them, have already become. Our daily lives are transforming before our eyes – whether it’s Barcelona making extensive use of sensors to help monitor and manage traffic or smart recycling bins in Milton Keynes that let the waste collection service know when they need emptying. In the Netherlands, the ability to use an app to order petrol directly to your car, via Shell’s ‘fuel-to-you’ service called Tap Up, shows how far tech has already come.

>See also: Security disconnects in the boardroom leave businesses vulnerable

Before this, came the rise of instant and sophisticated mobile payments, improved and progressive healthcare based on digitised records and collaboration, and location-based technology that’s literally changed how we get from A to B.

All these services, however, require the sharing of data, which in turn requires a lot of consumer trust in organisations. But how many companies consider security and innovation in tandem?

Historically, security has, unknowingly or not, acted as the ‘brakes’ of the business – slowing down innovation in the interest of safety. But today is different – the sophistication of IT security solutions means they can now empower rather than confine.

>See also: Cyber security best practice: Training and technology

Diminished trust

Consumer expectations and hunger for new services have never been higher, but trust in new concepts is diminishing because of security fears. This has come about with good reason; the enormous WannaCry ransomware attack stung major European organisations including the NHS in 2017, and the NotPetya cyberattack similarly affected other big firms such as Reckitt Benckiser, WPP and German logistics company DHL. Meanwhile, data breaches like those on Uber – which had 57 million users and drivers’ information stolen – are on the rise.

Consumers don’t know whether the services they need will remain online and whether their information will remain safe. In order for businesses to deliver innovative new services and embrace new technologies, security has to shift to the forefront of their thinking. Something has to change.

>See also: Digital trust critical to giving consumers desired brand experiences

A re-engineered approach

Rather than doing the same thing repeatedly, we need to re-engineer our fundamental security model. No longer should companies consider security as a preventer. Instead, it should be at the heart of enabling innovation. Rather than exclusively concentrating on breach prevention at all costs, businesses need a security model incorporating contextual intelligence, removing the need to guess what is a real security threat and what is not, and to add a focus on effective remediation activity after the inevitable breach occurs.

In other words, rather than simply securing a mobile application like Shell’s ‘fuel to you’ by asking for login credentials, businesses need to make the most of the data available to them, asking questions such as: what device is being used to login, where is the login request being made, what connection is being used. This contextual intelligence is also required in the backend environment, so that the organisation can easily identify whether it is ‘normal’ for specific data access and retrieval requests, enabling it to spot anomalies and react quickly to shut down threats.

>See also: A CTO guide: The main challenges of cyber security

This is even more important when peering into the future. Imagine journeying via a shared driverless car to the office, with variable speed limits responding to rush-hour traffic or meeting a friend for lunch, as IoT-enabled smart lampposts track your exact locations in real time. The irony is that both the driverless car and the real-time tracking are meant to keep us safer, but without the right security baked in, these new concepts can be dangerous. After all, criminals who get their hands on this kind of data can use it to carry out burglaries as they would know when someone isn’t generally at home, cars could be manipulated to be unsafe, and data could be held at ransom from government and businesses.

The new normal has to be security everywhere, designed into the infrastructure from scratch, not just at the network perimeter. Inserting security throughout an infrastructure can enable greater business velocity and agility through broader collaboration, whilst allowing greater control and insight. Secure velocity, agility and collaboration can lead directly to quantifiably improved business efficiency and competitive advantage.

>See also: The security challenge for smart cities: how sensors can be exploited

Rather than looking for all variations of potentially dangerous activity, a security model which knows precisely what a workload is supposed to be doing enables businesses to see any deviation from this, and as a result, narrow the exploitable attack surface of the workload down to what is known. Understanding what ‘good’ looks like provides certainty of what changes across the whole estate are legitimate – and which are possible threats.

With this approach, businesses have the knowledge that there is a ‘security-everywhere’ strategy of protecting customer data at all times. This means they’re no longer fixated on chasing the bad; they’re chasing their own innovation potential instead. This is the key to delivering even smarter businesses and smarter cities for the future.

Written by Ian Jenkins, Director, Network & Security – UK&I, VMware

Editor's Choice

Editor's Choice consists of the best articles written by third parties and selected by our editors. You can contact us at timothy.adler at

Related Topics