The Disconnect Between Innovation, Human Security and Manufacturing
Each year since 1967, manufacturers across multiple industries, their employees, contractors and vendors look to technologies’ promising innovations, showcased at the Consumer Electronics Show (CES).
There, companies can catch a glimpse of the future to better assess spend, staff, and competitors. But this year’s conference theme, “How Technology Can Advance Human Security for All,” may have unwittingly presented an underlying impasse.
“Tech solves some of the world’s biggest problems,” said Jamie Kaplan, vice president of communications for CES-host Consumer Technology Association (CTA), during a Cision-supported webinar. Human security is a global concern, she said. CES 2023 is focused on products providing greater human security.
What Is Human Security?
Defining the tenets of human security can be subject to discussion. Its basic principles, according to the United Nations (U.N.), present a measurement in individuals, groups and societies, determined by situational, physical and environmental pressures that threaten the existence of or access to “quality of life.” The U.N. originated a Human Security for All initiative to help fulfill the need for solutions.
“Human security was borne from social responsibility. Tech has to be socially responsible,” said Camille Rollason, Cision UK insights director. However, getting there has its challenges. Young people are more trusting with technology as they seek better information and more ways to build community,” she stated.
Human security may be easier to grasp by examining what is lacking in the world. From the U.N. perspective, ‘human insecurity’ is a security threat. Their 2022 Human Development Report reveals that people, in nearly every country, perceive their safety and security at an all-time low. Concerns stated include the use and misuse of digital technologies and anxiety surrounding healthcare systems’ ability to handle new challenges. The report indicated that people with higher levels of human insecurity are three times less likely to find others trustworthy. Declining human security can invariably impact the way we do business.
Human Error Is Often the Culprit of Security Risks
Findings in the Verizon 2022 Mobile Security Index report indicated a rise of security threats across mobile devices. Business-dedicated mobile devices migrated from the sanctity of offices to employees’ work-from-home base. Nearly two in three chief information security officers (CISOs), participants in the Verizon report, said remote working brings added vulnerability.
Enterprise security company Proofpoint, in its recent survey, showed almost four-fifths of respondents cited changes at work behaviors increased their company’s security risks. Of the 77 percent of those surveyed, within businesses and IT departments from across the globe, said they increased spend on protective measures to help mitigate security risks.
Consider visualizing the flow of exposure, emanating from a company laptop and its connectivity to other devices and apps. A dangerous cross pollination of data, some ultra-sensitive, exists between computers, smart phones, notebooks, smart TVs, electric vehicles (EVs), internal combustion engine (ICE) vehicles and more. Each electronic touchpoint adds another potential security risk.
A Resilinc 2022 report, Cyberattacks in the Supply Chain, stated “93 percent of worldwide businesses have suffered at least one indirect data breach,” while data breaches to supply chains increased by 37 percent in the last year.
In a world that favors convenience over process, it’s only a matter of time before the next human security breach is knocking at a corporation’s back door. A 2020 Ponemon Cost of Insider Threats report stated, “nearly two-thirds of cyberattacks attributed to (company) insiders were due to negligence rather than malicious intent.”
Does Innovation Acknowledge Human Security?
Being at the forefront of product development is the crux of CES’ purpose, serving as a forum for future possibilities through technology. With this year’s focus on human security, did manufacturers meet human security need?
“Trending technology discussions are about our human connectivity,” said Rollason, “with an overarching concern for data privacy.” Consumer empowerment will come from greater connectivity and direct access to more data, she said, in health care and the automotive industries.
“We’ll see innovation in digital health, pain management, remote patient monitoring and wearables for health and fitness, Kaplan added, saying the intent is “better patient outcomes.” In automotive, she said, air mobility and vehicle data privacy will be highlights, as well as ways to conserve energy at home and in business, and how technology can assist in mediating global risk of food insecurity.
During CES 2023, according to Bloomberg and TechCrunch, auto innovations included (1) a Sony/Honda joint venture vehicle with level 3 automated driving capabilities, (2) bringing virtual reality to the driving experience via an Audi-backed Holoride technology platform, and (3) BMW’s i Vision Dee concept car with hands-free voice assistant from the windshield.
But as convenience drives today’s innovation breakthroughs, security may be taking a back seat.
The Gap in OT Versus IT
CEO and cofounder Tom Sego of California-based BlastWave, a Zero-Trust Network Access (ZTNA) solutions provider, stated in a recent interview that most operational technology (OT) in manufacturing has a 30-year lifecycle compared to a typical three to five years in information technology (IT). With most human-machine interface and other systems running Microsoft Windows or SCADA systems no longer supported and incapable of patching, hackers can readily cripple a manufacturing operation.”
For manufacturers, mitigating security challenges starts with a Zero Trust operational integration. Cybersecurity software technology company Crowdstrike defines Zero Trust as “a security framework requiring all users, in or out-of-network, to be authenticated, authorized, and continuously validated” before receiving and maintaining access to data and applications.
Microsoft, in its Zero Trust Security model, recommends an end-to-end zero trust framework. “The modern enterprise has an incredible diversity of endpoints accessing data, but not all these endpoints are managed or even owned by the organization, leading to different device configurations and software patch levels. This creates a massive attack surface,” Microsoft researchers note. Improving endpoint security, they state, enables more secure hybrid working environments.
Manufacturers have an opportunity: to identify human behaviors and practices that generate insecurity, learn from them and integrate solutions by removing threat risks, from the point of product ideation through supply chain end-to-end.