Kaspersky, CERT-In unveil new cybersecurity guidelines

The Indian Computer Emergency Response Team (CERT-In), in collaboration with Kaspersky, has released a comprehensive set of cybersecurity guidelines aimed at securing Smart City infrastructure across India. The "Cyber Security Guidelines for Smart City Infrastructure" outlines key strategies, best practices, and security measures necessary to protect urban digital systems from growing cyber threats.

With Smart Cities increasingly relying on interconnected digital networks, IoT devices, and centralized command centers to enhance urban operations, cyber threats pose a significant risk to public safety and critical infrastructure. Recognizing these challenges, CERT-In has worked with Kaspersky to craft these guidelines, which provide a framework for resilience and security in smart city environments.

The key highlights of the guidelines include -

·  Threat Landscape Analysis: Identifies major cyber threats to Smart Cities, including data breaches, ransomware, insider threats, and denial-of-service attacks.

·  Cybersecurity Standards and Frameworks: Provides guidance on aligning Smart City security measures with global best practices.

·  Smart City Cybersecurity Architecture: Establishes a security-by-design approach, incorporating Zero Trust Architecture (ZTA) and multi-layered defense strategies.

·  Data Security and Privacy: Recommends encryption, data minimization, and compliance with the Digital Personal Data Protection (DPDP) Act to safeguard citizen data.

·  Network Security Measures: Focuses on secure communications, segmentation, and real-time monitoring to prevent unauthorized access.

·  IoT and AI Security: Addresses vulnerabilities in IoT and AI-driven Smart City applications, ensuring safe integration of emerging technologies.

·  Incident Response and Crisis Management: Lays out protocols for rapid detection, containment, and recovery from cyber incidents.

·  Supply Chain Security & Vendor Management: Emphasizes rigorous security assessments for third-party vendors and adherence to the Software Bill of Materials (SBOM) framework.

“CERT-In is committed to work alongside industrial partners to strengthen the cyber security posture of Smart Cities and to ensure that cyber security augments the digital transformation. The release of these guidelines, which draws from practical experiences globally, will significantly reduce vulnerabilities and strengthen the resilience of Smart City infrastructure in India against evolving cyber threats,” says Dr. Sanjay Bahl, Director General, Indian Computer Emergency Response Team (CERT-In)

“Over the past 6 months, Kaspersky’s international researchers and solutions architects worked alongside CERT-In experts, to provide inputs on the various aspects of smart city protection. We are proud to see our joint efforts come to fruition. With more than 100 smart and connected cities in India expected in time to come, this white paper will become increasingly relevant. We hope that the ideas encapsulated within will go beyond India, and serve as reference for smart cities around the world,” comments Heng Lee, Head of Government Affairs and Public Policy for Asia Pacific at Kaspersky.

The guidelines serve as a critical resource for urban infrastructure managers, policy makers, technology providers, and cybersecurity professionals. They advocate for an integrated security approach to safeguard digital infrastructure while promoting sustainable and inclusive urban development.