2017 was a mixed bag for technology and business.
We got hacked — a lot. We learned we had to take social media seriously — like Russia does. We lost “net neutrality.” We learned about bitcoin (mostly from “Grey’s Anatomy”). But we also saw incredible advancements in health care, including gene therapies, electronic records, and telemedicine. Self-driving cars became a functional reality. And data — exabytes of it — positioned itself at the top of the tech food chain.
2018 promises to continue the battle between privacy and security, bring artificial intelligence (AI) into the mainstream, and see some sci-fi storylines become a reality. Hal from 2001 did, at the least, wake up and find himself reborn in Amazon’s Alexa and Google’s Home.
With so much happening this year, it’s hard to target the biggest trends. But I picked three based on this important criterion: I found them interesting.
GDPR: Are you ready?
Come May, the European Union’s (EU) General Data Protection Regulations go into effect. Generally considered the gold standard of personal data security, these updated regulations will impact many U.S. businesses. Maybe yours.
Businesses that own or conduct business in the EU have been preparing for this since they were published in May 2016, but even businesses without a presence in the EU can be subject to the new regs.
For example, do you sell something on your website globally? Did you purchase your domain with international prefixes in the EU, such as portfoliosc.uk — an important indicator that you are “marketing” to EU consumers?
Among the many elements that could impact you include the “plain language” terms and conditions, the “right to be forgotten,” and the 72-hour notification requirement. The last is particularly important since under current U.S. laws, there are no notification timelines. Equifax took more than six weeks to notify its 145 million customers of the hack. Only a handful of states (South Carolina is not among them) do have a notification time requirement, but even then it ranges from 30 to 90 days. There are many good sources for information online (goo.gl/PGfMG3).
What if you are a service company with no EU clients? You could still be affected if one of your clients does business in the EU. The new regs put responsibility (i.e., fines for noncompliance) strictly in the hands of the “controller”; but you may still have work to do. If you have clients with an international footprint and you haven’t heard from them, you better make a call.
In 2017, the U.S. was the big winner in the “Cost of Data Breach” category. We had the largest number of breaches, the highest cost per capita, the greatest expense to ameliorate the impact, and the largest customer losses following a breach. This is according to the Ponemon Institute’s 2017 report (goo.gl/sRGx8i), which studied the impact on 419 companies in 11 countries and two regions.
How do we counter this? With education, risk assessments, and a comprehensive effort to establish compliance standards. One Southern state has thrown itself big-time into this effort. Georgia is investing $95 million in the Hull McKnight Georgia Cyber Center for Innovation and Training, an incubator hub for tech startups and a virtual testing space for cyber initiatives.
Other states investing heavily in a cyber-secure future include Michigan, Rhode Island, and California. The methods may be different, but the goals are, not surprisingly, to attract businesses with a world-class workforce, a secure public and private infrastructure with responsive resources in the event of breaches, and a standards-based set of regulations that protect all businesses — public, private, governmental, and nonprofit.
A supportive public infrastructure is important, but the battle for cyber safety is going to be won one click at a time. Cyber-aware company cultures — from big entities to mom-and-pops — will set the tone with independent risk assessments, and ongoing education and empowerment of employees. Sounds like an expense, right? But if a dollar spent saves a bitcoin, that’s a big ROI. Like all ROI, we just have to see whether it really materializes.
Alexa, Cortana, Siri, is that you in the conference room?
We’ve gotten used to our phones being the ultimate device: phone, scheduler, entertainer, music player, web viewer, recorder, and more. So it was not surprising when, as a contractor, I participated remotely in a conference call where the smartphone on the center of the conference room table was supposed to take the place of a Polycom. Not quite.
They’re good, but not that good.
To the rescue comes Amazon, which introduced Alexa for Business in December. The service enables businesses to use Echo devices in either a personal or shared configuration, adds integration with business apps like Salesforce, and opens the ability to create your own “skills” to increase automation and efficiency specific to your business.
Although the logical first step is in conference rooms for collaborative meetings with clients, remote employees, and contractors, it is just the tip of the iceberg.
Alexa for Business (goo.gl/BBx2qb) has dashboard controls for enrolling users, registering devices, assigning profiles, setting up conference rooms, and enabling skills to be used — on a user-by-user basis if you choose. Analysts are adopting a wait-and-see attitude on how strong the security profile will be.
While Alexa, with the infrastructure already in place, has a big leg up over other virtual assistants, I certainly wouldn’t count Apple and Microsoft out at this early stage. In tech, it’s not always who does it first, but who does it best.
Since corporate networks became the norm in the early 2000s, we’ve struggled to find our way to real, functional collaboration. Will 2018 be the year we take that big step toward finally realizing a two-decade-old promise?
If you’re preparing for the GDPR, leading the charge for cyber awareness in your company, or implementing virtual assistants in your company, I would love to talk to you about your experiences. Reach out to [email protected]