Research shows that the implementation of smart cities has a significant impact on the development of an urban green economy.[1]

In my hometown of Stratford, Ontario, a Smart City initiative with city-wide digital capabilities provides citizens and visitors with access to information and public services.[2] It’s a smart way to improve lives, boost tourism, and streamline operations. The power of the cloud transforms cities, improving energy efficiency, lowering greenhouse gas (GHG) emissions, and helping citizens live a more sustainable life.

Automated solutions that measure performance in real-time and generate environmental, social and governance (ESG) reports can help municipalities make better use of resources. However, operating in the public cloud can also make cities more vulnerable to cyberattack. That’s why smart cities need a smart cloud.

Smart clouds make smarter cities

As the imperative for environmental stewardship grows, municipalities are looking for solutions to keep cities safe while contributing to a greener economy.

According to a study by the University of California, Berkeley, “Smart city technologies are all the rage, and investment in [these] technologies is expected to reach US$327 billion by 2025.”[3]

But smart technologies may also expose municipalities to security and privacy issues. In a joint publication on cybersecurity best practices for smart cities, the Canadian Centre for Cyber Security and its global cybersecurity partners warn that “Smart cities are an attractive target for criminals and cyber threat actors to exploit vulnerable systems to steal critical infrastructure data and proprietary information, conduct ransomware operations, or launch destructive cyberattacks.”[4]

We need to look at what makes a city smart, how technology can contribute to the right kind of solutions, and—just as importantly—how we can ensure data security and cybercrime protection.

Smart cities and the green economy

The European Commission defines a smart city as “a place where traditional networks and services are made more efficient with the use of digital solutions for the benefit of its inhabitants and business.”[5]

Smart technology helps municipalities deliver and/or regulate better transport networks, economical land use, reliable water and waste disposal facilities, and more efficient lighting and heating. Digital solutions can automate, track, report, and streamline operations, improving efficiency in healthcare, crime prevention, and education sectors—and it is all powered by data.

That data is exactly what hackers are looking for when they target a municipality’s digital infrastructure. Their interference can lead to disruption of services, breach of sensitive data, financial losses, erosion of trust, and, in extreme circumstances, even peril to property and lives.

Safe cities, secure data

Smart cities collect vast amounts of data. Every connected device, from rented bicycles or cars to smart metres, traffic lights, and digitized public services, collects and shares information that can create vulnerabilities and privacy issues.

Citizens who share their names, contact information, government identification numbers, and bank accounts online, need to know that their information is secure.

As noted in the Berkeley study, “The biggest risk for residents of a smart city stems from the potential leaking of personal identifiable information…. If a city keeps that type of data and it gets compromised, that can be devastating to cities.”[6]

While it’s true that data stored in the cloud is vulnerable to cyberattack, municipalities can minimize risk by maintaining a robust management system to analyse data, determine where it needs to be stored and delete what is not needed.

In an interview with Canadian Government Executive, ThinkOn CEO, Craig McLellan said, “Just because I felt comfortable sharing information today, doesn’t mean that I gave a licence for my data to be used forever. So, data trust becomes important. If we are going to harvest metadata, we need to be clear on its use cases.”[7]

Canada has stringent rules on data privacy.[8] Working with a cloud vendor approved under the Shared Services Canada Privacy Management Framework agreement for secure workloads guarantees that all privacy guidelines are strictly adhered to, safeguarding Canadian data.

The ransomware discussion

Ransomware events are becoming alarmingly frequent, and smart cities are among the most vulnerable targets, according to Canada’s spy agency, CSIS. “The Canadian Security Intelligence Service warns that technological innovations adopted by municipalities could be exploited by adversaries such as the Chinese government to harvest sensitive data, target diaspora communities, and interfere in elections.”[9]

A successful cybercriminal could control our water supply or electricity and transportation systems through the artificial intelligence used to optimize public services. CSIS warns that simply by using a public cloud, Canadian municipalities may inadvertently agree to partnerships with third-party vendors with foreign interests, who would then have access to Canadian data.

According to the CSIS report, a cyberbreach could have dangerous consequences:

“This sort of exposure will have serious financial, social, and health and safety implications in Canada. Imagine a scenario where a co-ordinated cyberattack took down safety locks that prevent catastrophic explosions at a petrochemical facility, while simultaneously controlling traffic lights to inhibit the emergency response.”[10]

Continuous monitoring of the entire ecosystem in a municipality’s digital framework is necessary to detect, block, and mitigate at the first sign of an attack. That can be difficult on a foreign-owned public cloud with unknown global third-party resources.

A smart cloud for smart cities

Planning for a cyberattack is the best defence against cybercrime. A smart cloud approach analyzes outcomes and deploys the best solution—a strategy that allows municipalities to plan for resilience, rather than relying on a reactive approach after an attack occurs.

In Canada, ransomware attacks on public service have targeted the Canada Revenue Agency, the Toronto Transit Commission, and Canada Post. U.S. cities, including Atlanta, Maryland, and New Orleans, have suffered ransomware demands that crippled services and incurred financial damages in the millions.

Hackers are getting smarter, and while it’s impossible to fully protect a city from every cyberattack, defending digital infrastructure—with built-in automated detection, frequent upgrades, robust backup and data management systems, and hybrid solutions for data storage—can block attacks, and in the event of a breach, mitigate damage, protect sensitive data, and restore operations quickly.

John Slater, Chief Security Officer at ThinkOn, says, “Digital transformation is necessary in today’s global world. It is a huge opportunity to streamline operations, increase efficiencies, and automate ESG. And you should not have to sacrifice security or compliance to make that happen.”[11]

A smart cloud, operated and managed by a government-approved domestic provider, enables smart cities to keep citizens safe while enjoying the benefits of streamlined communications, lower operations costs, and a greener economy.

Learn more about cloud smart solutions with ThinkOn.


[1] Liu, K., C. Meng, J. Tan, & G. Zhang. 2023. “Do smart cities promote a green economy? Evidence from a quasi-experiment of 253 cities in China.” Environmental Impact Assessment Review (99). 107009. https://doi.org/10.1016/j.eiar.2022.107009

[2] Invest Stratford. “Smart Community.” https://www.investstratford.com/smart-city

[3] Trapenberg Frick, Karen, Giselle Mendonça Abreau, Nathan Malkin, Alexandra Pan, Alison E. Post. 2021. “The Cybersecurity Risks of Smart City Technologies.” CLTC White paper series. University of California, Berkeley. https://cltc.berkeley.edu/wp-content/uploads/2021/03/Smart_City_Cybersecurity.pdf

[4] Canadian Centre for Cyber Security. 2023. “Cyber Security Best Practices—Smart Cities.” April 19. https://www.cyber.gc.ca/en/news-events/joint-publication-cyber-security-best-practices-smart-cities

[5] European Commission. “Smart Cities.” https://commission.europa.eu/eu-regional-and-urban-development/topics/cities-and-urban-development/city-initiatives/smart-cities_en

[6] Trapenberg Frick, Karen, Giselle Mendonça Abreau, Nathan Malkin, Alexandra Pan, Alison E. Post. 2021. “The Cybersecurity Risks of Smart City Technologies.” CLTC White paper series. University of California, Berkeley. https://cltc.berkeley.edu/wp-content/uploads/2021/03/Smart_City_Cybersecurity.pdf

[7] Craig McLellan. 2022. “Canadian Cloud Difference.” Canadian Government Executive. https://canadiangovernmentexecutive.ca/the-canadian-cloud-difference%EF%BF%BC/

[8] Government of Canada. 2022. “Privacy Management Framework.” Last modified May 16. https://www.canada.ca/en/revenue-agency/corporate/security/privacy-management-framework.html

[9] Jim Bronskill. 2023. “Canada’s spy agency warns ‘smart city’ platforms pose security risks.” Global News. March 9. https://globalnews.ca/news/9538658/smart-city-technology-security-risks-csis/

[10] Cybersecurity Ventures. 2022. “Cybercrime Damages To Cost The World $8 Trillion USD in 2023.” Newswires. December 15. https://www.einnews.com/pr_news/606505844/cybercrime-damages-to-cost-the-world-8-trillion-usd-in-2023

[11] John Slater. 2023. “Cyberattacks Cost Organizations Millions in Revenue Loss and Reputational Damage: The Hidden Threats of Missing Out on the Right Cybersecurity.” ThinkOn. Last modified March 3. https://thinkon.com/blogs/hidden-threats-of-missing-out-on-the-right-cybersecurity/