“The Safe Path Platform”

5

October

2020

No ratings yet.

COVID-19 has shifted people their opinions and concerns around the increasing use of Artificial Intelligence (AI) and robots. AI creates the possibility for machines to perform tasks like human-beings by learning from their experiences. AI can be applied in an endless way and wide variety of industries. Before the pandemic outbreak, people mostly saw AI and robots as the cause of job losses, privacy violations and several biases.

However, COVID-19 has also shown many people a different side of AI and robots. AI plays a role in reducing the spread of the virus and the use of robots in work has accelerated since people could no longer do their tasks due to lockdowns. This does not alter the fact that close attention still needs to be paid in AI and robot usage, as privacy issues and biases are still a concern. First, AI is based on large data sets and proven to be individual and societal bias sensitive. Second, COVID-19 might make relatively fast solutions and decisions regarding data collection necessary. According to Zelalem Temesgen (infectious diseases specialist), it is crucial to record contact history in reducing an epidemic. With a virus such as COVID-19, this is even more important because people without symptoms can afterwards also turn out to be infected. In addition, Temesgen also indicates the fact that the generated information can play a major role in further knowledge developments around the issue of how the virus is spreading.

Privacy matters still need to be taken seriously as multiple companies are setting up applications to track individuals in able to slow down the spread of the Corona virus.

For this reason, a team from the MIT Media Lab is designing and developing an open-source application platform with a privacy-first approach: The Safe Path platform. This platform includes both a telephone and web application and a so called “PrivateKit”. The latter offers users the option to connect their personal (smartphone-registered) location history to other users their anonymous blurred location histories. This allows a user to check whether he or she has been in the vicinity of someone who later turned out to be infected by the Corona virus. The application guarantees the privacy of both the user and the infected patients at all times. This is possible because users present their location history privately on their own smartphone and completely control their own data. In the future, all data will also be encrypted.

According to Raskar (team leader application development), the app has a privacy-first approach since the location and contact history will never leave a user’s smartphone without the them granting permission. Further, Safe paths is based on anonymous GPS tracking and Bluetooth, this improves traditional contact tracking and can only anonymously track interaction when both parties use the application.

Please let me know your thoughts on the use of such applications and their privacy related aspects, and whether you would be willing to download “The Safe Path Platform”.

 

 

 

References:

https://www.sas.com/en_us/insights/analytics/what-is-artificial-intelligence.html

https://sloanreview.mit.edu/article/ai-robots-and-ethics-in-the-age-of-covid-19/

https://www.mckinsey.com/featured-insights/artificial-intelligence/tackling-bias-in-artificial-intelligence-and-in-humans#

https://news.mit.edu/2020/safe-paths-privacy-first-approach-contact-tracing-0410

https://www.investopedia.com/terms/a/artificial-intelligence-ai.asp

Please rate this

Cybersecurity, should it be a strategic asset?

11

September

2020

4/5 (1)

In 2017 the NotPetya virus was able to spread via an Ukrainian tax preparation program, affecting operations of more than 80 global companies in several industries causing a global economic damage of more than 10 Billion dollars. This is one example of a big cyberattack with major consequences and a big influence on all related stakeholders. Besides major well known cyberattacks the amount of daily (smaller) attacks is increasing and the different types, ways and surfaces of attacks are changing.

The government, regulators and auditors are also paying increasing attention to such cyberattacks and the associated risks. They check security related practices and draw up guidelines and policies for companies. However this is accompanied by the risk that companies only pay attention to those set requirements in order to be compliant. This does not guarantee any safety from cyber-attacks. Cyber-attacks are unavoidable, and therefor companies should be as well prepared as possible with a properly prepared strategy.

Most companies do not yet understand the strategic importance of their cybersecurity. Cybersecurity is responsible to protect all systems used to process or store data and information within a company. It is highly important because nowadays companies work with enormous amounts of (sensitive) data which needs to be thoroughly protected from attacks, damages or unauthorized access. However, Cybersecurity is often seen as a kind of burden, operational issue and a form of cost. This can be explained by the following aspects:

First of all, in most companies cybersecurity is only delegated to IT. Which is seen as an internal service provider instead of a provider of strategic advantage. Secondly, most companies view cyberattacks as random and unpredictable. However, every company has a chance of being cyberattacked, which therefor makes it somehow predictable and a way to uncover weak spots in a company’s strategy. Third, companies that have previously been victims of cyberattacks tend to keep this as private as possible. This ensures that companies cannot learn from each other’s mistakes or solutions and best ways to respond. Last, most supervisors tend to focus on their own fields of expertise when it comes to their strategic priorities, which most of the time does not include cyberattack-related concepts.

A cybersecurity strategy is a structure that includes multiple components developed to respond to challenges of setting up, maintaining and refining the cybersecurity system within a company. This should be seen as an opportunity (rather than a cost) and treated on a strategic (rather than operational) level. Previous victims of cyberattacks were not only exposed to weaknesses in their cybersecurity but also in other non-related business parts. A more strategic oriented strategy will therefor lead to a better integration and cooperation between business and IT.

As mentioned before, cyber-attacks are unavoidable and therefor companies should start strategic planning before they occur rather than after. Companies can identify strategic opportunities and create discussions to form suitable strategic approaches, by proactively addressing the following 4 elements:

1. Companies must protect their business to cyber-attacks, however most cybersecurity spending is mainly focused on the IT infrastructure. With a more strategic approach this would shift towards a more stratified protection with a deeper knowledge of key business processes in order to decrease the companies vulnerability.

2. Executives should broaden awareness of cyberattacks to develop a more suitable cybersecurity strategy. In order to do so, they should look for external connections and information provision from experts at organizations specialised in this field.

3. Companies should manage the potential consequences of an attack by openly communicating and sharing information with their stakeholders. This can lead to positive customer feedback and stakeholders offering help to cybersecurity related practices. When openly discussing risks and a potential attacks you are reassuring and informing your stakeholders about your cybersecurity strategy and actions.

4. Once a company is victimized by a cyber-attack it should follow a plan including a recovery approach and strong response. A company response should first focus on the recovery and make sure they offer high-level leadership support to the technology teams during this process.

In conclusion, cybersecurity is not only related to an IT issue. It needs everyone involved in the network to be attentive, oversight by the board, support from leaders and risk minimization in combination with a suitable and proper response plan set up from and on organization level. In order to be capable of staying ahead of new emerging cyberattack related risks, getting and staying involved in sharing information opportunities is critical.

Considering the enormous consequences and negative impact of such cyber attacks, the fact that there are currently several great examples of cyber attacks and their devastating power along with the fact that it is no longer a completely new concept. I personally think it is remarkable that many companies are still not focused on developing a propper cybersecurity strategy.

I am curious about your opinion and ideas behind the reason that many companies still do not have clear and good focus on cybersecurity strategies, please let me know!

 

 

 

References:

https://digitalguardian.com/blog/what-cyber-security

https://sloanreview.mit.edu/article/cybersecurity-for-a-remote-workforce/

https://search-proquest-com.eur.idm.oclc.org/docview/1788740238

https://sloanreview.mit.edu/article/make-cybersecurity-a-strategic-asset/?use_credit=976a4a7a6d095c7d3c035eb726ba0f04

https://www-degruyter-com.eur.idm.oclc.org/view/journals/cri/14/5/article-p136.xml?rskey=GoCJBf&result=3

https://www.shrm.org/resourcesandtools/hr-topics/technology/pages/top-cybersecurity-concerns-hr-2019.aspx

https://search-proquest-com.eur.idm.oclc.org/docview/2126525526

Please rate this