Designing an entirely new city presents an essential opportunity to reimagine the scope of digital security, and the role that data and AI might play in predicting threats

On 2 November 1988, academics from Harvard, Nasa and other prestigious American institutions logged onto their computers to find the servers had slowed to a crawl. The only thing moving was a piece of code that had slipped in through the network’s identification system and was gradually replicating itself across hundreds of connected computers.

Six days later, the New York Times named Robert Tappan Morris, a 23-year-old student, as the FBI’s most likely suspect in its investigation into its first “Computer 'Virus' Case”. The stunt was dismissed as being “irresponsible” and “adolescent”, but Morris’s hack was a sign of something far more serious to come.

By 2021, the costs of cyber crime were predicted to rise to more than $8tn a year, as if it were the third largest economy in the world, behind the US and China. As the world becomes more digitally connected, preventing cyber crime requires an entirely different approach, explains Heide Young, Manager of Cyber Strategy and Engagement at TONOMUS, the organisation developing NEOM, the world’s first cognitive community, being built in Saudi Arabia. “First, we need a system that can help make sense of data at scale,” she says. “Second, we need to stop thinking about cyber security in isolation, and recognise it as one part of a holistic operating model.”

Visualising risk

Anyone familiar with data handling will recognise the scale of this ambition. Even analysts working in a single business struggle to identify threats amid the flood of data that washes through the system. Meanwhile, folding cyber security into a holistic operating model would require most businesses to unwind decades-worth of programs and protocols that have been bolted together to tackle emerging threats.

It is the very scale of these ambitions that makes them feasible, however. TONOMUS is not just designing a new cyber security system but an entirely new city. NEOM has no legacy systems to be redefined or upgraded. It offers a blank slate for Young and her team to reimagine what cyber security could and should be. So how will they do it? It starts with making sense of data, Young says, pointing out that risk management professionals are often forced to make decisions without the necessary context. “Say a 5G tower goes down. Without the context, all we can surmise is that people are going to be disconnected. But what if you knew that a nearby hospital was relying on that connectivity to perform lifesaving operations? Suddenly this changes how you should prioritise repairs.”

It also changes how security threats are visualised. As many as 1mn devices can be connected to 5G per square kilometre; that’s 500 times the number that could connect to 4G. Without being able to see how devices are connected and where there are vulnerabilities the threat becomes exponentially larger. To provide this context, TONOMUS is developing a cyber security platform that uses AI and machine learning to model the data flows across a city, providing analysts with a picture of the risks and the steps needed to secure any vulnerabilities.

“The cognitive security platform is constantly evolving and strengthening its own contextual awareness, passing this learning back to its human analysts,” says Young. “This allows them to instantly examine an event, identify any threat, correlate across all emerging data and implement the most effective course of action.” Creating a loop between the AI and its operators not only ensures that humans maintain control of these decisions, but also optimises their response. If, for example, the operator decides to prioritise connectivity to the hospital, the AI could advise rerouting one of TONOMUS’s Low Earth Orbit (LEO) satellites and prepare the necessary steps.

Predictive power

“By doing all the heavy lifting, the AI cuts the response time and limits the network’s exposure to cyber threats,” says Young. But how is it integrated into NEOM’s broader operating model? With an awareness of what data is flowing through an ecosystem and how it’s being used, TONOMUS is not only able to identify threats, but also develop predictive systems.

Thousands of these predictive models will underpin life inside cognitive cities, and ensuring citizens have consistent access to them is critical. But this does not stop at the security of data, explains Professor Mohamed-Slim Alouini, Professor of Electrical Engineering at King Abdullah University of Science and Technology (KAUST). “People forget that natural disasters, even terrorist incidents, can disconnect you from the internet.”

Reducing these threats requires a more robust response. “Understanding the relationship between data sources across the network allows you to reroute the system in the event of a crisis,” explains Young, pointing out that TONOMUS’s cyber security model will not only allow analysts to oversee data flows, but also manage them. “As long as the AI is trained on the relationship of that information source with the rest of it, it can cater for pretty much any eventuality.”

Harnessing AI’s ability to monitor data at scale is crucial as the number of IoT-connected devices is expected to have doubled by 2030. To stop these new connections becoming entry points for bugs such as the one that crept into American institutions’ IT networks in 1988 we need to think about cyber security differently – not as an appendage to the network, but as its foundation.