Deloitte Insights and our research centers deliver proprietary research designed to help organizations turn their aspirations into action.

DELOITTE INSIGHTS

  • Home
  • Spotlight
    • Weekly Global Economic Outlook
    • Top 10 Reading Guide
    • Diversity, Equity, & Inclusion
    • Cyber Risk
    • Digital Transformation
  • Topics
    • Strategy
    • Economy & Society
    • Operations
    • Workforce
    • Technology
  • Industries
    • Consumer
    • Energy, Resources, & Industrials
    • Financial Services
    • Government & Public Services
    • Life Sciences & Health Care
    • Technology, Media & Telecom
  • More from Deloitte Insights
    • About
    • Deloitte Insights Magazine
    • Press Room Podcasts

DELOITTE RESEARCH CENTERS

  • Cross-Industry
    • Home
    • Workforce Trends
    • Enterprise Growth & Innovation
    • Technology & Transformation
    • Environmental & Social Issues
  • Economics
    • Home
    • Consumer Spending
    • Housing
    • Business Investment
    • Globalization & International Trade
    • Fiscal & Monetary Policy
    • Sustainability, Equity & Climate
    • Labor Markets
    • Prices & Inflation
  • Consumer
    • Home
    • Automotive
    • Consumer Products
    • Food
    • Retail, Wholesale & Distribution
    • Hospitality
    • Airlines & Transportation
  • Energy & Industrials
    • Home
    • Aerospace & Defense
    • Chemicals & Specialty Materials
    • Engineering & Construction
    • Mining & Metals
    • Oil & Gas
    • Power & Utilities
    • Renewable Energy
  • Financial Services
    • Home
    • Banking & Capital Markets
    • Commercial Real Estate
    • Insurance
    • Investment Management
  • Government & Public Services
    • Home
    • Defense, Security & Justice
    • Government Health
    • State & Local Government
    • Whole of Government
    • Transportation & Infrastructure
    • Human Services
    • Higher Education
  • Life Sciences & Health Care
    • Home
    • Hospitals, Health Systems & Providers​
    • Pharmaceutical Manufacturers​
    • Health Plans & Payers​
    • Medtech & Health Tech Organizations
  • Tech, Media & Telecom
    • Home
    • Technology
    • Media & Entertainment
    • Telecommunications
    • Semiconductor
    • Sports
Deloitte.com
Deloitte Insights logo
  • SPOTLIGHT
    • Weekly Global Economic Outlook
    • Top 10 Reading Guide
    • Diversity, Equity, & Inclusion
    • Cyber Risk
    • Digital Transformation
  • TOPICS
    • Strategy
    • Economy & Society
    • Operations
    • Workforce
    • Technology
  • INDUSTRIES
    • Consumer
    • Energy, Resources & Industrials
    • Financial Services
    • Government & Public Services
    • Life Sciences & Health Care
    • Technology, Media & Telecom
  • MORE FROM DELOITTE INSIGHTS
    • About
    • Deloitte Insights Magazine
    • Press Room Podcasts
  • Welcome!

    For personalized content and settings, go to you My Deloitte Dashboard

    Latest Insights

    In a competitive labor market for retail workers, sustainability programs could give employers an edge

    Article
     • 
    5-min read

    A framework for managing an extended and connected workforce

    Article
     • 
    2-min read

    Recommendations

    Government Trends 2023

    Article

    Navigating toward a new normal: 2023 Deloitte corporate travel study

    Article
     • 
    17-min read

    About Deloitte Insights

    About Deloitte Insights

    Deloitte Insights Magazine, Issue 31

    Magazine

    Topics for you

    • Business Strategy & Growth
    • Leadership
    • Operations
    • Marketing & Sales
    • Diversity, Equity, & Inclusion
    • Emerging Technologies
    • Economy

    Watch & Listen

    Dbriefs

    Stay informed on the issues impacting your business with Deloitte's live webcast series. Gain valuable insights and practical knowledge from our specialists while earning CPE credits.

    Deloitte Insights Podcasts

    Join host Tanya Ott as she interviews influential voices discussing the business trends and challenges that matter most to your business today. 

    Subscribe

    Deloitte Insights Newsletters

    Looking to stay on top of the latest news and trends? With MyDeloitte you'll never miss out on the information you need to lead. Simply link your email or social profile and select the newsletters and alerts that matter most to you.

Welcome back

To join via SSO please click on the key button below
Still not a member? Join My Deloitte

Making smart cities cybersecure

by Piyush Pandey, Deborah Golden, Sean Peasley, Mahesh Kelkar
  • Save for later
  • Download
  • Share
    • Share on Facebook
    • Share on Twitter
    • Share on Linkedin
    • Share by email
13 minute read 11 April 2019

Making smart cities cybersecure Ways to address distinct risks in an increasingly connected urban future

13 minute read 11 April 2019
  • Piyush Pandey United States
  • Deborah Golden United States
  • Sean Peasley United States
  • Mahesh Kelkar India
  • Mahesh Kelkar India
  • Save for later
  • Download
  • Share
    • Share on Facebook
    • Share on Twitter
    • Share on Linkedin
    • Share by email
  • Smart cities face unique cyber risks
  • Convergence of the cyber and physical worlds
  • Interoperability between legacy and new systems
  • Integration of disparate city services and infrastructure
  • A holistic approach to cybersecurity
  • Securing cities for growth

Smart cities face many risks as digital and physical infrastructure converge. To help address this challenge, cities should embed cybersecurity and privacy principles in each stage of their development.

Smart cities are the future of urban living, harnessing the power of three Ds—digital technologies, data, and design thinking—to boost the efficiency and effectiveness of city services. However, this new wave of digital transformation also brings new cyber risks that could fundamentally impact the existence of smart cities. Cyber threats have been on the rise for years, but the last few years have seen an explosion in cyberattacks that target both data and physical assets.1

Learn More

Explore the Smart city collection

Subscribe to receive related content

As connected devices proliferate at a breakneck speed—the number of IoT devices is expected to rise from 8.4 billion today to almost 20 billion by 20202—cyberattacks and vulnerabilities in one area can have a cascading effect on numerous other areas. The consequences could extend beyond just data loss, financial impact, and reputational damage risks—severe enough as they are—to include disruption of crucial city services and infrastructure across a broad range of domains such as health care, transportation, law enforcement, power and utilities, and residential services. Such disruptions can potentially lead to loss of life and breakdown of social and economic systems.

In March 2018, the city of Atlanta faced a ransomware attack that hit some of its customer-facing applications.3 At one point, the city had to shut down its free Wi-Fi network at the Hartsfield-Jackson Airport as a precautionary measure. Overall, the attack hit 5 out of 13 city departments, and it took the city weeks to get back to normalcy.4 Such attacks are also growing in frequency: According to a 2016 survey of chief information officers of cities and counties, about a quarter of local governments were facing attempted cyberattacks every hour.5

The rapid hyperconnectivity and digitization of cities are accelerating cyber threats. To tackle the challenge, government leaders, urban planners, and other key stakeholders should make cybersecurity principles an integral part of the smart city governance, design, and operations, not just an afterthought. In this paper, we examine the key factors that influence cyber risks in a smart city ecosystem and a broad approach that city leaders can adopt to manage these risks.

Smart cities face unique cyber risks

A smart city is a complex ecosystem of municipal services, public and private entities, people, processes, devices, and city infrastructure that constantly interact with each other. The underlying technology infrastructure of the ecosystem comprises three layers: the edge, the core, and the communication channel (figure 1). The edge layer comprises devices such as sensors, actuators, other IoT devices, and smartphones. The core is the technology platform that processes and makes sense of the data flowing from the edge. The communication channel establishes a constant, two-way data exchange between the core and the edge to seamlessly integrate the various components of the ecosystem.

This massive amount of data exchanges, integration between disparate IoT devices, and dynamically changing processes creates new cyber threats, compounded by complexities in the other components of the ecosystem that wrap around the technology infrastructure. For instance, data governance can be a thorny issue for cities as they need to think about whether the data is internal or external; whether it is transactional or personalized; whether the transactional data is collected via IoT devices; and how the data is stored, archived, duplicated, and destroyed. In addition, due to a lack of common standards and policies, many cities are experimenting with new vendors and products, which create interoperability and integration problems on the ground and exacerbate cyber risks.

The smart city ecosystem comprises three layers: The edge, the core, and the communication channel

Three factors influence the potential cyber risk in a smart city ecosystem (figure 2):

  1. Convergence of the cyber and physical worlds

  2. Interoperability between legacy and new systems

  3. Integration of disparate city services and enabling infrastructure

Three key factors influence cyber risk in cities

To begin to understand how to manage the cyber risk landscape, it helps to explore each of these factors further.

Convergence of the cyber and physical worlds

Smart cities blur the lines between the physical and cyber worlds. In this environment, people, processes, and places are integrated via both information technology (IT) systems used for data-centric computing and operational technology (OT) systems used to monitor events, processes, and devices and adjust city operations. Such convergence allows cities to control and govern technology systems through remote cyber operations.

However, this convergence, where many devices in the edge could be cyber threat vectors, gives rise to the risk of malicious actors entering the system and disrupting operations on the ground—thus exponentially expanding the cyber risk landscape.6 With the proliferation of IoT devices, attackers now have countless entry points to compromise a city’s systems and take advantage of the resulting vulnerabilities.

In 2014, a German steel mill was a victim of a spear phishing attack. Through targeted emails appearing to be from a trusted source with a malicious attachment, the attackers first obtained access to the business network and then to the production network lacking required separation. The attackers remotely disabled the blast furnace by taking over the control systems, resulting in massive physical damage to the furnace system, costing millions of dollars.7

In another example, as an experiment, University of Michigan researchers successfully targeted the Intelligent Traffic Signal System (I-SIG), which is one of a series of CV-based transportation systems being deployed, tested, and implemented under the US Department of Transportation's CV Pilot Deployment Program. The researchers used data spoofing and fake messages from a nearby connected vehicle to create a traffic jam in a simulated environment, increasing average delays by 38 percent.8 This attack turned out to be quite easy to do, highlighting the expanding cyber risk landscape.

Interoperability between legacy and new systems

Often, organizations that pursue digital transformation need to integrate new digital technologies with legacy systems, which can create significant challenges and risks. These challenges include inconsistent security policies and procedures and disparate technology platforms, resulting in hidden security vulnerabilities throughout the smart city ecosystem.

In 2015, the US Office of Personnel Management’s (OPM’s) systems suffered a data breach, giving hackers access to personnel file records of 4.2 million employees. This breach was primarily due to the OPM’s old network’s inability to encrypt data.9 The OPM has spent millions of dollars since then to accelerate the modernization process.10

This situation is exacerbated as many cities increasingly use IoT solutions, but within a retrofitting model. For instance, large, established gas and water systems within a city have deployed sensors on a large scale. These sensors need to connect to a broader network for the data to be aggregated and analyzed centrally. However, these sensors have minimal security protocols.11 In the long run, retrofitting may not be a viable option as many devices could become physically incapable of upgrades.12

Another challenge is the lack of generally accepted standards governing the functioning of IoT-enabled devices. City departments and agencies typically use sensor technologies from different vendors that generate data in different formats and use different communication protocols. Creating interoperability in such situations can be difficult, and cities may face a trade-off between interoperability and security. Each new device added to an IoT ecosystem adds a new attack surface or opportunity for malicious attack.13

Integration of disparate city services and infrastructure

Traditionally, cities have offered a wide range of services that were largely independent of each other (e.g., power, water, sewer, transportation, public works, law enforcement, firefighting, and social services). Each of these services was typically provided by an agency using its own systems, processes, and assets. Now, these services are slowly being integrated and linked through an interconnected web of digital technologies.

As cities gain opportunities for new services and efficiencies, this comingling of services and systems comes with its own set of challenges. The increasing integration, interconnectedness, and data exchange create shared vulnerabilities where a problem in one service area can quickly cascade into other areas—potentially leading to widespread and catastrophic failures. In addition, cities need to rethink regulatory requirements, rationalize varied security protocols, and address data ownership and usage challenges.

The Emotet malware virus struck the city of Allentown, Pennsylvania, in February 2018. The virus quickly multiplied in a week and rendered the city’s finance department system unusable by not allowing it to make external bank transactions. Also, the police department could not access databases controlled by the Pennsylvania state police. Containing the virus and getting back to operational status is estimated to have cost the city US$1 million.14

Furthermore, data stored in different systems can be susceptible to misuse, potentially affecting citizens’ privacy. For instance, it is a leading practice to mask or delete personal identifiers in data. However, techniques and methods that allow malicious attackers to match different datasets to reidentify an individual are becoming increasingly sophisticated. So, a breach that compromises multiple systems and datasets can become a serious privacy incident for cities.

Cyber risk will continue to evolve in the coming years, as many cities plan to integrate a wide variety of services and infrastructure, connecting even more data, systems, and devices.

Understanding the cyber risk evolutionary curve in smart cities

Most smart cities follow a four-stage evolutionary path that relies on varying mixes of new and legacy technologies. With each step up the curve, the scale of technology infrastructure and the potential attack vectors can significantly increase, necessitating corresponding maturity in the cybersecurity strategy (figure 3).

Cybersecurity strategies need to evolve along with smart cities’ digital transformation

During the initial stage, when data is being collected through a small number of city-controlled, hard-wired sensors, the potential breach points are generally limited. However, at the next (intentional) stage, when a city starts to collect data from citizens’ smartphones and connected infrastructure, there are suddenly millions of uncontrolled potential breach points, most of which are beyond the city’s control. In the most advanced stages, when software bots at the core use artificial intelligence to make decisions and act without human involvement, the potential attack vectors are nearly endless—and continuous.

It is important to note that as a city moves up the evolutionary curve, the degree of convergence, scale of technology infrastructure and corresponding interoperability, and integration of services increase. For instance, while a city might have a few hundred connected devices in the initial or intentional stage, the same number can be in thousands or millions in the integral and transformed stages and will require better infrastructure to support such growth. The situation, in turn, drives more complexity in the core, edge, and communication layers of the smart city ecosystem. Therefore, the maturity of cyber risk capabilities should be directly proportional to the degree of integration of smart city ecosystem components, and the cyber risk management approach should consider all these components.

A holistic approach to cybersecurity

The convergence of physical and digital infrastructure, the ensuing interoperability, and interconnectedness between city systems and data is an ongoing effort in many cities. The security goals of a smart city—confidentiality, integrity, availability, safety, and resiliency—should be grounded on both the objectives of traditional IT (to secure data) as well as those of OT (to ensure safety and resiliency of systems and processes). These combined security objectives can help cities maintain a more secure and resilient operating environment (figure 4).

Smart cities must take a holistic approach to smart city cybersecurity

An integrated cyber risk framework can provide cities with management principles to incorporate into their smart city planning, design, and transformation stages. It comprises industry standards, legal, and regulatory requirements to determine how cyber risk may affect all the ecosystem participants, including users, government, services, infrastructure, and processes, as well as assess each system’s and asset’s influence on each other. Such an integrated approach can enable city stakeholders to view threats and vulnerabilities in their entirety rather than react to specific services or operational impact, eventually allowing them to develop the core capabilities of a cybersecurity program described in figure 5.

An integrated approach to cybersecurity is based on five core components

Securing cities for growth

Balancing the promise of smart cities against the potential of cyber risks—and managing the associated risks effectively—will be critical to realizing the potential of smart cities. Cities should begin by engaging all the stakeholders and entities in the broader ecosystem. The next steps that cities should consider include the following:

  • Syncing smart city and cyber strategy. Cities should define a detailed cybersecurity strategy that is in line with their broader smart city strategy and that can mitigate challenges arising from the ongoing convergence, interoperability, and interconnectedness of city systems and processes. Cities should consider carrying out an extensive impact assessment of their data, systems, and cyber assets to identify, assess, and mitigate the risks associated with technology processes, policies, and solutions. The integrated view of the risks and knowledge of interdependencies of the critical assets can enable cities to develop a comprehensive cybersecurity strategy. For instance, Singapore launched its National Cyber Security Master plan in 2013 and followed it with a new cyber security bill in 2016. Both initiatives were an integral part of Singapore’s smart nation strategy.24

  • Formalizing cyber and data governance. Cities need to formalize the governance approach to data, assets, infrastructure, and other technology components. A comprehensive governance model should spell out responsibilities and roles for each critical component in the smart city ecosystem. To implement an ecosystem approach to tackling cyber issues, various entities will need to work together with a strong governance model as the foundation. Cities can establish a network among other cities, state agencies, academia, and corporations to share threat information, capabilities, and contracts to strengthen cyber defenses.25 Additionally, data management—including robust data sharing and privacy policies, data analytics skills, and monetization models that facilitate the sourcing and usage of “city data”—constitutes a critical aspect of this governance. Policies, legislation, and technology must be continuously aligned to maintain the right balance of protection, privacy, transparency, and utility. The governance, policies, and processes must mature along with the city’s overall cyber strategy. For instance, the city of Hague is home to the “Hague Security Delta,” an ecosystem of more than 200 organizations working in the national security, cyber and urban security, critical infrastructure, and forensics.26

  • Build strategic partnerships to grow cyber capabilities. The cyber skills gap is not going away anytime soon, so cities need to be innovative and proactive in plugging the cyber skills gap in their cities. This approach may require city administration to explore nontraditional efforts to tap into cyber talent such as crowdsourcing, prizes, and challenges to solve cyber-related issues. A smart city requires new skills and competencies across the various ecosystem layers. Cities can augment existing capabilities through strategic partnerships and contracts with service providers.

It is critical for city leadership to realize that securing cities from cyber risk is not a one-time event where cyber strategy evolves as cyber threats evolve; instead, it is also important to be able to recover when a cyberattack happens. Also, this is not a battle that cities can or should fight alone, but instead with an ecosystem of city governments, academia, the private sector, and startups. Technology can be one part of the cybersecurity solution, but the latter also needs a comprehensive governance model toward data and assets. More importantly, cities need an integrated approach to managing cyber risk with cybersecurity principles baked into every stage of the smart city development process (i.e., from strategy and design to implementation and operations). Cybersecurity is just too important to be treated as an afterthought.

Acknowledgments

The authors would also like to thank Mike Wyatt, Srini Subramanian, Irfan Saif, Timothy Li, Rahul Gupta, Christian Franzen, Peter Wirnsperger, Rana Sen, Steven Hamilton, and Ravi Dhaval for reviews at critical junctures and contributing their ideas and insights to this research project.

In addition, the authors would like to thank Melissa Barrows, Marguerite Zacharovich, Jaideep Balekar, Ali Muzaffar, Divya Nayak, and Biju Kadapurath for their key contributions during the research and development of this project.

Cover art by: Kevin Weier

Endnotes
    1. World Economic Forum, The global risks report 2018, 2018. View in article

    2. John P. Dzrik, “Cyber risk is a growing challenge. So how can we prepare?,” World Economic Forum, January 17, 2018. View in article

    3. Jerry Bowles, “America’s cities are under cyberattack. That’s bad news for IoT and Smart Cities,” Diginomica, March 30, 2018. View in article

    4. Mary Scott Nabers, “Smart city security: Atlanta cyberattack cripples city,” IoT Word Today, April 5, 2018. View in article

    5. ICMA, Cybersecurity 2016 survey, April 19, 2017. View in article

    6. Irfan Saif, Sean Peasley, and Arun Perinkolam, “Safeguarding the Internet of Things: Being secure, vigilant, and resilient in the connected age,” Deloitte Review 17, July 27, 2015. View in article

    7. Kim Zetter, “A cyberattack has caused confirmed physical damage for the second time ever,” Wired, January 8, 2015. View in article

    8. Qi Alferd Chen et al., “Exposing congestion attack on emerging connected vehicle based traffic signal control,” University of Michigan, February 18–21, 2018. View in article

    9. Phil Goldstein, “Legacy federal IT systems are a ticking time bomb of risks,” FedTech, December 7, 2015. View in article

    10. Jason Miller, “3 years after data breach, OPM still struggling to modernize IT,” Federal News Network, February 27, 2018. View in article

    11. Saif, Peasley, and Perinkolam, “Safeguarding the Internet of Things: Being secure, vigilant, and resilient in the connected age.” View in article

    12. Ibid. View in article

    13. Ibid. View in article

    14. Daniel Patrick Sheehan, Emily Opilo, and Daryl Nerl, “City of Allentown computer systems hit by virus that will require nearly $1M fix,” The Morning Call, February 20, 2018. View in article

    15. Trevor Jones, “Microsoft takes holistic approach to IoT security concerns,” TechTarget, April 18, 2018. View in article

    16. Mark White, Jason Killmeyer, and Bruce Chew, Will blockchain transform the public sector?, Deloitte University Press, September 11, 2017. View in article

    17. William D. Eggers, Delivering on Digital: The Innovators and Technologies That Are Transforming Government (New York, Rosetta Books, 2016), pp. 164–5. View in article

    18. Joseph Marks, “LA cyber center hopes to be a model for cities nationwide,” Nextgov, December 7, 2017. View in article

    19. Eggers, Delivering on Digital, pp. 199–200. View in article

    20. Saif, Peasley, and Perinkolam, “Safeguarding the Internet of Things: Being secure, vigilant, and resilient in the connected age.” View in article

    21. Srini Subramanian and Doug Robinson, 2016 Deloitte-NASCIO cybersecurity study: States at risk: Bold plays for change, Deloitte Insights, October 22, 2018. View in article

    22. National Institute of Standards and Technology, “NICE cybersecurity workforce framework,” accessed July 17, 2018. View in article

    23. Deborah Golden and Ted Johnson, Augmented security, Deloitte University Press, 2017. View in article

    24. FTI Consulting, Singapore’s approach to cyber security, 2016. View in article

    25. Subramanian and Robinson, 2018 Deloitte-NASCIO cybersecurity study. View in article

    26. Hague Security Delta, “About HSD,” accessed on April 13, 2018. View in article

Show moreShow less

Topics in this article

Digital Transformation , Government , Cyber risk , Public Sector , Internet of Things (IoT) , Risk management , Smart cities

Cybersecurity

As the world becomes more connected, cyber threats are growing in number and complexity. Cyber is moving in new directions—beyond an organization’s walls and IT environments and into the products they create and the factories where they make them.

Learn more
Get in touch
Contact
  • Piyush Pandey
  • Advisory managing director, US Risk and Financial Advisory
  • Deloitte & Touche LLP
  • pipandey@deloitte.com
  • +1 717 460 0184

Download Subscribe

Related content

img Trending

Interactive 3 days ago

More insights for Government and public services

  • Payments and the future of mobility Article4 years ago
  • Government cloud: A mission accelerator for future innovation Article4 years ago
  • If you want to prosper, consider building roads Article4 years ago
  • The smart base Interactive4 years ago
  • Flying smarter with IoT Article4 years ago
Piyush Pandey

Piyush Pandey

Piyush Pandey is the managing director of Deloitte’s Risk and Financial Advisory practice and Smart Cities Cybersecurity leader. He has more than 17 years of experience, including enabling digital transformation of state, local, and city governments by shaping cybersecurity vision and strategy; design and implementation of identity solutions and advanced authentication programs; development of security standards and solutions, as well as resiliency and incident management plans; implementation of vulnerability management solutions; and establishment of data protection and privacy programs. Pandey has an undergraduate degree in computer science and a Master’s in business administration.

  • pipandey@deloitte.com
  • +1 717 460 0184
Deborah Golden

Deborah Golden

Principal | Deloitte Risk & Financial Advisory

Deborah, a principal at Deloitte & Touche LLP, is the US Cyber & Strategy Risk leader for Deloitte Risk & Financial Advisory. In the prior six years, Deborah served as the Government & Public Services (GPS) Cyber Risk Services leader, as well as the GPS Advisory Market Offering leader, GPS Empowered Well-Being leader, and the lead principal for a major federal government health care provider. Deborah has more than 25 years of information technology experience spanning numerous industries, with an in-depth focus on government and public services, life sciences and health care, and financial services. She specializes in collaborating with clients on cybersecurity and technology transformation, and privacy and governance initiatives. Deborah received a bachelor’s degree in Finance at Virginia Tech and a master’s degree in Information Technology at George Washington University. She serves on Virginia Tech’s Business Information Technology and Masters in Information Technology Advisory Boards, is a self-proclaimed fitness junky and avid traveler, and trains service dogs with the Guide Dog Foundation in her spare time.

  • debgolden@deloitte.com
  • +1 571 882 5106
Sean Peasley

Sean Peasley

Partner | Deloitte Risk & Financial Advisory

Sean, a partner at Deloitte & Touche LLP, is the Global Cyber Cloud leader and Cyber IoT leader for the Cyber Risk Services practice of Deloitte Risk & Financial Advisory. He delivers solutions to help organizations address their most pressing and pervasive cyber security challenges for Enterprise, Cloud and IoT environments including Cyber Risk, Cyber threat intelligence, Cyber war gaming, IoT and operational technology (OT) security, identity management, privacy and data protection, and business resilience focused. He has over 35 years of consulting experience and serves some of Deloitte’s largest clients. Sean is a proven leader with diversified, in-depth experience in consulting and has demonstrated an ability to consistently achieve desired results and provide exceptional value to clients across a variety of business problems, technologies and industries. He specializes in application security; secure systems development; information technology risk management; governance, risk and compliance; and resiliency. His industry experience spans across automotive; consumer products; energy & resources; financial services; health care; life sciences; manufacturing; and media, entertainment & sports. Sean is passionate about working with the community. He currently serves on the board of directors of YMCA of Orange County and is the chairman of CSUF College of Engineering & Computer Science College Leadership Council.

  • speasley@deloitte.com
  • +1 714 334 6600
Mahesh Kelkar

Mahesh Kelkar

Research manager | Future of cities

Mahesh Kelkar is the Smart Cities research leader for the Deloitte Center for Government Insights. His research focuses on understanding the impact of technology, innovation, and policy on the future of cities. He closely tracks the federal and state government sectors and focuses on conducting in-depth research on the intersection of technology with government operations, policy, and decision-making.

  • mkelkar@deloitte.com
  • +1 678 299 7142

Share article highlights

See something interesting? Simply select text and choose how to share it:

Email a customized link that shows your highlighted text.
Copy a customized link that shows your highlighted text.
Copy your highlighted text.

Making smart cities cybersecure has been saved

Making smart cities cybersecure has been removed

An Article Titled Making smart cities cybersecure already exists in Saved items

Invalid special characters found 
Forgot password

To stay logged in, change your functional cookie settings.

OR

Social login not available on Microsoft Edge browser at this time.

Connect Accounts

Connect your social accounts

This is the first time you have logged in with a social network.

You have previously logged in with a different account. To link your accounts, please re-authenticate.

Log in with an existing social network:

To connect with your existing account, please enter your password:

OR

Log in with an existing site account:

To connect with your existing account, please enter your password:

Forgot password

Subscribe

to receive more business insights, analysis, and perspectives from Deloitte Insights
✓ Link copied to clipboard

Deloitte Insights and our research centers deliver proprietary research designed to help organizations turn their aspirations into action.

Deloitte Insights

  • Home
  • Topics
  • Industries
  • About Deloitte Insights

DELOITTE RESEARCH CENTERS

  • Cross-Industry
  • Economics
  • Consumer
  • Energy & Industrials
  • Financial Services
  • Government & Public Services
  • Life Sciences & Health Care
  • Tech, Media & Telecom
Deloitte logo

Learn about Deloitte’s offerings, people, and culture as a global provider of audit, assurance, consulting, financial advisory, risk advisory, tax, and related services.

  • Terms of Use
  • Privacy
  • Privacy Shield
  • Cookies
  • Legal Information for Job Seekers
  • Labor Condition Applications
  • Do Not Sell My Personal Information