The public sector is already relatively mature in its use of edge computing for use cases such as public safety, but there are significant cybersecurity concerns in play, according to a new report.
The vertical-specific report by IDC was commissioned by AT&T and draws from data related to AT&T’s 2022 Cybersecurity Insights report.
“Vendors are defining edge according to their technology stacks. The ambiguity complicates
security decisions,” the new report concludes, going on to add, “The location of this data, regardless of the length of time it resides there, creates a much wider attack surface for perennially understaffed cybersecurity teams to protect.”
The report gave examples of public sector edge data that range from something as simple as when a traffic light should turn red or green, to whether a loud noise on a college campus is a gunshot that requires police notification, to what history that voting machines have of being connected to a network while at a polling site. Public sector data can also be more likely than other data types to be targeted by organized criminal and nation-state-sponsored cybercriminals. For example, public or private operators of toll roads may use photos of drivers/license plates to bill users, but they are then “obligated to safeguard the picture of the driver, the address associated with the license plate, and the prepaid toll bank account number,” the report points out, because “The immutability of the driver’s facial features or the address that the toll bill goes to can lead to this data becoming weaponized when it is leaked or stolen.
“The public is certainly concerned about the functionality and operation of these and
other edge computing use cases, but governmental bodies are focused on the geopolitical ramifications should any of these highly used edge use cases be exploited,” the report said, adding that “Security architects need to be aware of the full life cycle of data in order to secure it”, including protection of the raw data collected at the edge, applications that turn the data into insights, and the end state of the data as well as how it is stored.
Based on a survey as part of its overall 2022 cybersecurity report, AT&T found that the U.S. public sector ranked the highest in “mature” edge development and third in use cases that were in mid-stage development. Gunshot detection was the top use case considered “mature” for the public sector, with automation of public services (such as smart meters) the highest-ranked use cases that were in mid-stage development.
The survey also delved into the perceived cost and perceived effectiveness of various cybersecurity solutions, such as passwords, firewalls, multi-factor authentication and so on. Public sector officials tended to see all their options as both being too expensive and/or not effective enough—which, the report said, could mean that the public sector is essentially “paying the price for being early adopters by not having the optimal mix of controls.”
Read more from the AT&T 2022 Cybersecurity Insights report here.