The “Internet of Things” at Risk

Internet-enabled devices improve productivity and help us achieve greater innovation, but there are three major risks that could unravel it all.

It is estimated that 90 per cent of the world’s data has been generated over the past 2 years. Every second, the data equivalent of 150 million books is created. A large part of this expansion is attributable to the Internet of Things (IoT), the network of “smart” physical devices that collect and exchange data.

When most people think of internet-enabled devices, examples such as Fitbit and Apple watches naturally come to mind. But these products are quickly being outnumbered by others that are less familiar. These new devices capture data from industrial plants, machines and even the human body, then transmit it elsewhere over the internet or another network where it can be stored and analysed to enable better decision making.

There are countless applications for virtually every industry related to construction and real estate, from telecom to energy. Many of these applications are designed not just for convenience, but also for safety. For example, electrical systems can be equipped with sensors that detect wiring failures, warning technicians of fire hazards before the fire can occur.

But while the IoT may herald a period of unprecedented opportunities, it is also one of unprecedented complexity. These devices pose new challenges for managers and risk specialists who need to be connected with their R&D departments as never before. We see three big new IoT dilemmas that society needs to resolve.

Data Confidentiality

The first is confidentiality. Consider the use of smart TVs. Unlike the old-fashioned projectors, they are connected to the internet. They are operating behind the firewall and are plugged into sensitive networks, often without necessary care. What happens when sensitive information is leaked? More fundamentally, all Internet of Things pioneers must grapple with well-known concerns over privacy — how to balance expectations of privacy with the inherent need to collect and analyse data in ways that harness the true power of the Internet of Things.

Personal data is easily shared by various companies and devices creating all sorts of potential privacy concerns. For example, workout data from one device can be connected to insurance company systems to calculate health and life insurance premiums.

Most insurance companies have already started offering better rates to those who can demonstrate more healthy lifestyles. The Internet of Things means behaviors can actually be tracked and validated with much greater precision. But what about individuals who cannot afford or simply refuse to wear IoT devices based on privacy concerns? This raises key questions for insurance companies, elected officials and regulators.

Data Connectivity

There have been numerous high-profile cyber-breaches which have caused damage. But the risk takes on a different dimension when so many devices are connected. In fact every node on the internet is a potential access point for someone unscrupulous or malevolent. As a society we are installing billions of connected devices in everything from aeroplanes to flood defence systems.

A connected and automated system can improve the efficiency of a town’s electricity grid. But it also gives a hacker a way to shut down that electricity grid from their own computer.

Even without any malfeasance, this connectivity also creates issues in case of catastrophic outages. If an earthquake massively degrades network capacity in a large area, the use of smart lifts for building evacuation might be impacted. Urgent payments for medical care or intelligent traffic lights could also be crippled.

Data Liability

The biggest risks for the insurance industry during the Internet of Things revolution, however, center on increasingly complex questions about liability and cybersecurity. If a sensor fails to detect a potential problem in a machine, it might be difficult to determine who is at fault? If a semi-autonomous truck is involved in an accident, resolving who is responsible takes on multiple dimensions. This could also depend on the jurisdiction in which the vehicle is driven. With so much data collected and shared across a host of machines, someone needs to be accountable for accuracy and security. Now that everything can be monitored, failing to monitor is an even greater risk.

There is also the ethical conundrum of how connected machines should be programmed to make decisions. We are not used to objects acting on their own and they might act in unexpected ways.

But more than that, so much of the potential of the IoT lies in the seamless transfer of data between devices. This will make it very difficult to associate an individual piece of data with an individual device, and to allocate responsibility for any failure.

The insurance industry has developed over centuries as a means of transferring risk of loss from one entity to another in return for payment. The effective transfer of risk is a fundamental pillar of the modern economy that relies on understanding contingencies. This process is going to become much more complicated in the near future.

Image Courtesy: INSEAD Knowledge

This article is republished courtesy of INSEAD Knowledge
(http://knowledge.insead.edu). Copyright INSEAD 2014

 

logo-insead

 

About the author  ⁄ Gilles Hilary

Gilles Hilary

Gilles Hilary is a Professor of Accounting and Control at INSEAD and The Mubadala Chaired Professor in Corporate Governance and Strategy. He has an MBA from Cornell University and a PhD from the University of Chicago. He also has a French professional accounting degree (DESCF). Before joining INSEAD, he has worked at the Hong Kong University of Science and Technology (HKUST) for close to 7 years, for HEC Paris for approximately a year and, before that, for leading (“Big Four”) accounting firms.

© 2016 Paul Writer, . All Rights Reserved. Powered by MetricFox