Foundations: guidance for secure connected places
Updated 10 July 2023
© Crown copyright 2023
This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://www.gov.uk/government/publications/secure-connected-places-smart-cities-guidance-collection/foundations-guidance-for-secure-connected-places
The following guidance will provide all roles within an organisation with a grounding in securing connected places. They provide overarching principles to consider and implement when designing, building, and operating a connected place.
This guidance is relevant to:
- Organisation leadership
- Connected places project leaders/managers
- IT professionals
- Cyber security leads
- Information managers
- Processors and users
The Secure Connected Places Playbook
Owner: Department for Science, Innovation and Technology
The alpha Secure Connected Places Playbook offers practical and accessible support to improve the cyber security of your connected places projects. The Playbook includes resources that address key cyber security challenges such as governance and risk management, procurement and supply chain security and how to conduct a STRIDE-based threat analysis. Designed for project managers of connected places, the Playbook will provide you with advice on how to get your connected places cyber security foundations right whilst setting a strong cyber security culture in the process.
Connected Places Cyber Security Principles
Owner: National Cyber Security Centre
The Connected Places Cyber Security Principles set out a set of series of cyber security principles that will help you design, implement, and manage your connected place in a way that mitigates the cyber security risks and is easier to manage. We recommend that all individuals involved in the design, implementation, and management of a connected place have an understanding of these principles.
Owner: Centre for the Protection of National Infrastructure
PAS 185:2017 sets out a process for establishing and implementing a place-wide, strategic-level security minded approach as part of a connected place’s development and operation. It details the approach for applying holistic measures that are appropriate and proportionate to the risks, while not preventing the delivery of a city’s aims.