No one doubts that the so-called Internet of Things is going to expand exponentially in the next decade.
But, a Cisco Systems executive warns, organizations that aren’t up front with consumers and partners about what personal data is being gathered and why they’ll find themselves in trouble.
“I don’t think security or trust issues will slow down the Internet of Everything — it’s out of the box,” Joseph Bradley, vice-president of Cisco’s IoE consulting practice told reporters in Mississauga, Ont. on Thursday.
“But what it will definitely do is define winners and losers. You’re going to pay a heavy price if you get my security wrong … you’re going to get crushed.”
As proof, he cited the Target Corp. department store chain, which he said suffered financially in the initial months after a 2013 data breach was revealed.
[In February Target said sales for the 12 month period ending Jan. 31 were up 1.3 per cent over the same period a year before. Fourth quarter sales were up 4.1 per cent to US$21.billion. Including an insurance payout, the breach cost the company $145 million to fix.]
Bradley was a keynote speaker at the annual Cisco Connect conference in the Toronto suburb highlighting Cisco [Nasdaq: CSCO] products and partners.
The need for organizations to establish trust to meet user privacy worries was one of the central issues of his speech.
Trust, he emphasized, is a matter of context: Consumers, for example, are willing to trust a stranger with their credit cards — if the stranger is a waiter or a sales person. Similarly, he added, consumers are willing to let people see what they are buying when they put purchases on a store counter.
But, Bradley added, they will only be willing to surrender personal data if they believe they will get something valuable in return — be it better service or special pricing.
He expanded on the theme later in a roundtable with reporters.
“The important thing is to be very clear on what is the perceived value that a citizen or employee or enterprise will receive from your solution. If you are not explicit on what that value statement is the rest doesn’t matter. They’re not going to ask about (IoE) security. If I (as a customer) don’t understand what the fundamental value proposition is, it’s over.”
Bradley also disputed the theory that younger people, particularly millennials, don’t care as much about privacy as others. “Technology now is so pervasive that if you’re trying to cut people based on demographics, you’re missing out.”
And while he believes giving people the option to opt in to personal data collection — and not have it automatic (see list below) — he also believes most will want to do so.
Here’s what Cisco says every organization should tell customers about data collection
–Exactly what data is being collected
–How the data technology collection works
–How the data is being secured
–Why the data is being collected.
–How the data is being analyzed and reported
–Who is seeing the data
–The consumer benefits of the data collected
–Personal data is only collected after the owner opts-in
Bradley also said organizations should start small with IoT projects, leveraging exisiting infrastructure and in areas where benefits will be see quickly — smart building lighting or energy management, for example.
