{"id":20910,"date":"2017-02-15T12:03:18","date_gmt":"2017-02-15T19:03:18","guid":{"rendered":"https://www.webroot.com/blog/?p=20910"},"modified":"2018-01-30T10:13:03","modified_gmt":"2018-01-30T17:13:03","slug":"how-a-smart-city-stays-safe","status":"publish","type":"post","link":"https://www.webroot.com/blog/2017\/02\/15\/how-a-smart-city-stays-safe\/","title":{"rendered":"How a Smart City Stays Safe"},"content":{"rendered":"


\n<\/strong>The City of San Diego is the 8th largest city in the US\u00a0and has over 12,000 employees, numerous vendor partnerships, as well as a vast array of diverse systems and devices to protect.<\/p>\n

In addition to more traditional endpoints and data centers, the City must protect each new piece of smart technology it implements. These include smart street lighting where adaptive controllers and LEDs work to reduce energy consumption based on foot and street traffic analysis; smart parking, in which networked sensors ease congestion with driver communications and dynamic pricing; smart grid, where data collected from smart meters and phasor measurement units increase grid reliability; smart water utilities for fresh and wastewater management; the list goes on.<\/p>\n

You can imagine, then, that the network would be a significant asset\u2014both due to cost and the fact that it\u2019s the connective tissue between all business processes, city services, critical infrastructure, and various devices. Because of the diverse and widespread nature of City devices, the network that connects them is constantly exposed to attacks from all entry points of the perimeter, VPN, WiFi, and from internal people using infected devices.<\/p>\n

Some Attacks Are Too Sophisticated For Legacy Security Tools<\/h5>\n

While legacy security tools can catch up to 95% of the attacks from known threat vectors, the most sophisticated attackers use new forms of polymorphic malware\u00a0and take advantage of the new attack vectors presented as more devices are added to the network. The remaining 5% of attacks that are too dynamic to be detected by legacy solutions now comprise a serious security gap.<\/p>\n

FlowScape Analytics technology allows us to determine risk of system-wide user behavior and flag anomalies for remediation. \u2013 Gary Hayslip, CISO, City of San Diego<\/p><\/blockquote>\n

To address the 5%, the City of San Diego has adopted Webroot FlowScape\u00ae Network Behavioral Analytics. FlowScape Analytics accelerates network threat detection by automating network monitoring\u00a0and leveraging supervised and unsupervised machine learning algorithms to protect the City\u2019s core asset: its network. The software can find both known and unknown threat activity by first studying normal network traffic to establish a baseline, next identifying any unusual behaviors\u00a0and then using advanced heuristics to do a risk assessment.<\/p>\n

Here’s How FlowScape\u00ae\u00a0Analytics\u00a0Enhances Smart City\u00a0Networks<\/h5>\n

What makes FlowScape Analytics special is the additional insight it provides. Most network protection solutions only look at direct traffic between endpoint devices and the internet, i.e. North\/South traffic. But what about communications between internal devices within the network (East\/West traffic)? FlowScape Threat Detection is tightly integrated with the Webroot BrightCloud\u00ae Threat Intelligence Platform to connect the dots between North\/South communication and East\/West communication. It monitors, maps, and learns both IT and IoT\/SCADA\/PLC communications. It also detects insider staff and vendor behaviors, which greatly increase risk through policy violations. FlowScape Analytics keeps a real-time asset inventory of anything that talks on the network, and the ports they normally communicate over. The end value is the added visibility across the entire threat landscape of a smart city network.<\/p>\n

With a daily count of approximately 500,000 cyberattacks against the city of San Diego networks, Webroot FlowScape Analytics gives us the network visibility we need to protect critical infrastructure and services. \u00a0\u2013 Gary Hayslip, CISO, City of San Diego<\/p><\/blockquote>\n

 <\/p>\n