arXiv: Bridging the Smart City Cybersecurity Data Gap Through AI-Driven Synthetic Dataset Generation

This paper, published on arXiv on June 10, 2026, proposes a novel AI-driven framework for generating synthetic datasets to address critical data-sharing gaps in smart city cybersecurity. The authors argue that real-world cyber incident data from municipal systems is often too sensitive or fragmented to share, hindering collaborative threat detection and regulatory compliance. Their solution uses generative AI to create realistic, anonymized datasets that preserve statistical properties without exposing personal or operational data.

The primary affected sectors are municipal governments, smart city infrastructure operators, and cybersecurity firms serving public-sector clients. Compliance teams in these organizations should evaluate whether their current data-sharing practices under frameworks like the EU AI Act or NIS2 Directive are hindered by privacy constraints. The paper suggests that synthetic data could be used to train AI-based security tools and demonstrate compliance with data minimization principles, provided the generation process is transparent and auditable.

Compliance teams should immediately review their data governance policies to assess if synthetic data generation could replace or supplement real data for testing and validation. They should also monitor regulatory guidance on synthetic data use, as this approach may require new validation protocols to ensure it does not introduce bias or reduce detection accuracy. Engaging with technical teams to pilot such frameworks under controlled conditions is a prudent next step.