The Internet of Things needs to educate on the risks as well as the rewards

The Internet of Things needs to educate on the risks as well as the rewards.

The Internet of Things needs to educate on the risks as well as the rewards

 

 

For those in the technology and information services industry, the term “The Internet of Things” has become an almost daily part of conversation and referenced almost, if not more often than the weather, Google and the Kardashian’s. And as we lured into a life where cars drive themselves and stoves can be turned on via our mobile devices, those in the security community are trying (rather unsuccessfully) to get the message that out that with these great conveniences come great risks.

Wikipedia describes the Internet of Things as the following:

a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data

A study last year by HP Security Research concluded that 70% of the most commonly used Internet of Things devices had serious security flaws with 90% of the devices using unencrypted network service and 70% vulnerable through weak passwords. So what are impacts to the individual consumer and more importantly, what are potential risks if access to devices on a more large scale is breached and in the wrong hands, these devices become a risk to national security and safety? Many security advisors specializing in the infrastructure and utilities industry believe that it is not a matter of if but when. For those who attended the recent International Consumer Electronics Show in Las Vegas, the buzz was all the trends and technology being led by the Internet of Things movement. You heard a lot of about what was here and what was on the horizon but very little about the risks associated with these advancements.

The top 11 tech trends of the Consumer Electronics Show

Those with the loudest voices in the Internet of Things movement need to temper the message with more dialogue around the importance of security if this technology is to deliver the conveniences of life that so many consumers are being enticed by.

 

Sounding the alarm for consumers

While scrambling around this morning assembling backpacks and trying to find gym socks that actually match, my youngest son announced from the breakfast table “Hey Mom, Home Depot got hacked.” My boys, age 11 and 9, have come to know a great deal about data breaches and cyber security mostly by environmental osmosis. Whether its a conference call, a social media posting or conversation over dinner preparations; my kids have grown to know what hackers do, how they can impact a business or government and why this can be potentially devastating for many including you and I.

Unfortunately, for the vast majority of consumers there is still an overwhelming lack of understanding and urgency when it comes to a breach. A recent study by Experian found that the number of US consumers who reported receiving a data breach notification doubled in 2013. Too add to this, 62 percent of those surveyed said they received multiple data breach notifications involving more than just one vendor or incident. Rather than taking action to protect themselves through recommended remediation, the majority were doing little to nothing including something as simple as changing accounts or resetting passwords.

Identity theft

Identity theft resulting from a hack is on the rise. In fact, it has become a thriving and global business. eBay’s breach earlier this year is estimated to have gathered 233 million customer records including telephone numbers, addresses and credit card details. All of this information greatly enables hackers to gain further access to other personal data including banking information and other online accounts.

“What I don’t know can’t hurt me” 

When I explain to people that current legislation does not require businesses or organizations to report breaches currently they are shocked. The fact is, the choice to report is left with the organization. In many cases, breaches are most often made public through internal leaks to the press or the threat of legal recourse due to the overall magnitude of the incident. While there is no acknowledged timeline when Target knew about the magnitude of their breach, many reports have indicated that the warning alarms to a breach started going off in November of 2013 well before the US Department of Justice stepped in to notify Target of what they had found in mid December. It was at that point of government intervention that consumers were notified.

Many of the businesses and organizations you interact with are targeted in online attacks on a daily basis.  And the truth is many of them invest significant time, resources and money in protecting your information against these attacks. Most times they are successful but there are times, more than you are aware of, when they aren’t.

You have a voice, use it

Consumers have a strong and crucial role to play in helping create standards for how online security threats are reported and managed. In my work with CATA, one of the key sector groups I am targeting are those representing the interests of the consumer. While industry and government step forward outlining the realities they face in this daily reality, consumers need to voice how they want their information safeguarded.

These numbers don’t lie…

Cyber Security and Customer Service

Cyber Security and Customer Service.

Cyber Security and Customer Service

Recent article from Financial Post-Canadian Press

Contact Management Issue 2

The media attention given to Heartbleed, Target, Canadian Revenue Agency and the National Research Council security breaches has slowly raised the awareness of organizations interested in protecting important data. With the firing of Target’s former CEO Gregg Steinhafel directly linked to the breach, senior leadership is now an active part of the discussion with both President Obama and Prime Minister Harper actively engaged with industry and government leaders about what can and should be done going forward.

As organizations focus on the IT, operations and brand impacts of this issue, there is a serious lack of attention being paid to the impact and role customer care organizations play in both the planning and breach management stages. When Target’s breach of 40 million credit cards was announced in early December, worried consumers were pointed in the direction of online and call center resources. Call volumes within the Target call centers were estimated to have tripled requiring additional staffing, extended hours reaching well into the New Year with long wait times. Online channels including social media went viral with rumours, conspiracy theories and angry consumers.

The first few days are criticaI

Industry experts cite the first 72 hours as critical to the successful management of events like recalls and breaches as this is when most organizations with a high volume of effected consumers will reach out. Having a plan to manage the messaging (what you are going to say and how you plan to say it) is crucial to ensuring that you reduce the anxiety that can not only be felt by the consumer but also by the employees on the front line. This planning is traditionally done by the Communications and Public Affairs teams but should most certainly include leadership from Customer Care.

Build a plan around the technology

Many sophisticated call centers feature scalable, multi-functioning technology that can be utilized within minutes to address many aspects including spikes in call volumes, routing and messaging through the IVR, specialized chat queues, email management, etc. Make sure to engage and challenge your customer care teams to see what can be done in the critical minutes and hours following a breach. If your organization does not have this technology, another consideration is to outsource to a provider trained in managing these types of incidents.

Robust channels for internal communication

Another mission critical factor throughout the management of a breach is the continuous flow of internal communication. Sometimes this is focused solely on what is being said at a senior leadership level and within the media but in reality, the most important nuggets of information will come from the front lines who are seeing and hearing what customers and the market is saying. Ensure that the front line has a voice in all communications to ensure that your organization has the most well-rounded view of the issue and how to best navigate recovery going forward.

 

Boiling the ocean is bad for business

Boiling the ocean

(v.)
To attempt something that is way too ambitious, effectively impossible. An idea too broad in scope to accomplish

 

A good friend recently took a new role with a company and found herself faced with having to steer an internal committee looking to make some significant technology upgrades which would effect the way their company managed and interacted with their customers. Seeing that the project was already well underway and she was somewhat out of her comfort zone, she asked me to sit in as an unbiased observer for a presentation from a vendor currently under consideration.

This vendor, although not new to the market wasn’t considered a top contender with competitors holding varying pieces of the current infrastructure and very strong executive level relationships. That said, I was eager to hear what this company had to say as I always hold a soft spot for the unexpected superstar.  The presentation was detailed (107 slides and 133 minutes in total) and provided a very extensive overview of the company and technology.

Following the presentation and over a generously poured glass of pinot grigio, I gave my friend the following insights on what worked and more importantly, what didn’t work

Build messages around the audience

The vendor team was well represented with the account executive leveraging the support and expertise of subject matter experts in the varying areas of the proposed technology solution in addition to a senior member of their leadership team which demonstrated commitment to the opportunity. The wheels came off the proverbial wagon with a presentation that was too detailed, too technical and did not speak to the varying interests of the client team which included IT, finance, marketing, sales support and customer care. In many cases including this one you will find yourself losing members of the audience to the allure of things like emails and bathroom breaks.

Too much you, no me and very little us

It is great that many of us are excited about our company and the exciting things we are doing, saying and creating in the industry but don’t forget that you are there to talk about the client and how working together can solve their problems, create opportunities and deliver the results their business desires. 107 pages of details on your company, your technology and your customers make for a very one-sided and short-lived relationship. If your audience leaves not being able to articulate how you can help, you have ultimately failed.

No one is great at everything

You talk to those in the banking industry and they will tell you that certain banks are better at retail lending strategy while others stake their claim in being highly successful in the investing world. There are telecommunications companies who brag about having the best 4G network while others tout their convergence and Omni channel superiority. No company, no matter how skilled, can be everything to everyone. Laying claim to being everything to every industry undoubtedly sets you and your company up for increased scrutiny and greater chances of failure. Focus on how your company is the best choice for this customer and your chances of achieving the desired outcome are much greater.

More isn’t always better

Prospective clients want to hear what makes you different, better and best for their business. We can all take a page from the Amazon model in keeping our messages on our business and our commitment to our customers clear and simple. Don’t ever build your value proposition on having more than your competitors. Focus on doing what you do better than your competitors. Your customers will appreciate it and so will your shareholders.

Hitting the bottom-line

Hitting the bottom-line

Legal and operational costs aside, the impact of data breaches have a direct impact on bottom-line revenue through impact on brand loyalty and trust.

http://www.huffingtonpost.com/adam-levin/why-there-will-be-another_b_4834590.html

http://www.huffingtonpost.com/adam-levin/why-there-will-be-another_b_4834590.html

The financial and brand value costs associated with data breaches need to be more actively discussed in order to catch the attention of senior leadership, investors and consumers. Hats off to Mr. Levin for acknowledging that this is a problem that will not be going away for a while.

 

“One has not only an ability to perceive the world but an ability to alter one’s perception of it; more simply, one can change things by the manner in which one looks at them.” – Tom Robbins

 

Many of us are told at an early age that change is a constant. It’s a series of life lessons meant to help us prepare for where we are ultimately meant to be…or so we are told. But if change is constant then is there really one place we are meant to be for more than that moment in time?

I personally enjoy change. I enjoy watching it, experiencing it and being a catalyst for it. Change, even when it is painful, has the ability to teach, challenge and inspire. As a parent, I have instilled in my sons the belief that change is part of their own personal evolution and should not be feared or avoided. For some, small changes like a commitment to physical fitness or learning a new language can impact the way one feels about themselves and the world around them.

There are also times when change comes in bigger, more dramatic ways. I met with a professional friend recently who has experienced some significant changes in his personal life over the past few years that left him feeling very unfulfilled both personally and professionally. After a period of serious contemplation, he made the decision to leave a successful career to pursue a long-held desire to own his own business in an exotic locale. Many question him for what he is leaving behind. His perception was more about what he was moving towards and to me, this is (as I told him) a time where he will find himself open to many things that he could have never imagined.

In the professional world we are sometimes too quick to establish a perception of a company or profession. Even worse, we are even more quick to place labels on each other as a way of neatly organizing and compartmentalizing who this person is, where their talents lie and how they fit into a role or organization. To remove these labels and re-establish ourselves in a different way, we must first shift our own perceptions of who we are and then slowly shift how others view us.

 Unfortunately for some, that shift or shall I say “change” is either too difficult or too time consuming to process. I believe the best people and organizations to work with are the ones on the cusp of great change, whether by choice or necessity. That is where big ideas, great courage and bold initiative is incubated.