Securing the Digital World

With the Increased Adoption of Advanced Technologies, Can Digital Risk Be Far Behind?

May 05, 2019 | by Marshall Toburen |

Already widely used in the manufacturing sector, robots are emerging in a variety of new industries today. As this trend grows, organizations realize benefits ranging from more efficient operations to improved customer service. But they also see the potential for additional risk—including digital risk such as threats to cybersecurity, business resiliency and data privacy. Industry and government leaders alike are talking about whether and how to regulate AI in today's organizations and the European Commission has already issued a set of guidelines which may pave the way for formal regulation. Read on to learn more about the emergence of robots and AI beyond manufacturing, the digital risk they pose and the European Commission's actions.

Robots Everywhere

Robots are becoming increasingly important to operations across a variety of industries. The following are just a few examples.

  • Manufacturing: According to the International Robotics Federation's World Robotics Report for 2018, robot sales increased by 30 percent in 2017. The report attributes the accelerating demand to the ongoing trend toward automation and continuing improvements in industrial robots.
  • Retail: The Wall Street Journal recently reported that Walmart is expanding its use of robots. The company said 300 stores will use robots to scan shelves for out-of-stock products; 1,500 will use autonomous floor scrubbers; and 1,200 will use automation to scan and sort products as they come off trucks. The addition of each machine is expected to cut a few hours a day of work previously done by a human.
  • Financial Services: JP Morgan Chase Chairman and CEO, Jamie Dimon, proclaimed the company is "all in" for AI in his 2018 letter to shareholders. He listed a number of company-wide initiatives, including plans to deploy AI-driven robots as virtual assistants to handle tasks such as maintaining internal help desks, tracking down errors and routing inquiries.
  • Healthcare: The use of robotics is becoming widespread in medicine, where robots are everywhere from the operating room to the research lab, according to a TechCrunch report. The story describes a diagnostics procedure in which a flexible robot explores the body from the inside, guided by doctors using video game-style controls.

The growth of robotics is dramatic. According to Gartner, Inc., robotic process automation spending will total $2.4 billion by 2022[1]. And in an interview for the CBS news show 60 Minutes, AI expert and venture capitalist Kai-Fu Lee pulled no punches about his belief in the importance of AI: "I believe it's going to change the world more than anything in the history of mankind. More than electricity."

Robots, Risk and Regulation

Robots create exciting new digital opportunities as they revolutionize how organizations operate. With the help of robots, organizations can deliver products and services in new and better ways, increase quality and reduce costs. But robots also introduce digital risk in several areas, including cybersecurity, data privacy and business resiliency.

  • Cyber attack risk: Like any digital platform, robotics platforms have the potential to be used as a way into an organization's network. The consequences could range from taking down key systems, to stealing intellectual property, to destroying valuable data.
  • Business resiliency risk: Organizations have always faced the prospect of business interruption from human error, technology failure and natural disasters. The increasing use of robotics may increase the impact to an organization should the robotics infrastructure fail, be misconfigured or become compromised. Organizations must understand the criticality of business activities supported by robotics and have viable contingency plans in place should a business interruption occur.
  • Data privacy risk: Today's organizations are responsible for protecting the personal data of customers, employees and others, and robotics platforms can provide a path to that data if they are compromised. AI requires massive amounts of information to "learn." Privacy risk may be increased by collecting more information than usual and retaining it longer than usual. The price for failing to protect personal data can be steep; certain privacy-regulation violations can result in substantial fines and regulatory sanctions, not to mention the resulting reputational damage.

This brings me to my final point: regulation. While there may not yet be complete consensus on whether and how to regulate AI, IndustryWeek reports that the U.S. is developing a coordinated strategy around AI that is expected to address regulation. Meanwhile, in the EU, the European Commission established a High-Level Expert Group on AI that just released a set of ethics guidelines for trustworthy AI, which may be a precursor to broad codified regulation. CNBC described the recommendations as "another reflection of Europe's efforts to be a leader in regulating big technology companies."

AI and robotics are exciting illustrations of the digital innovation more and more organizations are turning to in their pursuit of opportunity. The desire to leverage technology to help meet business objectives is something every organization experiences, provided they can do so affordably and within their established risk appetite. Digital risk management is the application of risk management principles to risks that organizations will likely encounter as they adopt digital transformation strategies. Effective digital risk management is the key to ensuring an organization's goals can be achieved in the pursuit of digital transformation.

[1] Forecast Snapshot: Robotic Process Automation, Worldwide, 2018 Update, October 2018

# # #

Learn more about RSA perspectives on adopting AI and addressing digital risk in the age of digital transformation.

Join the #TalkingDigitalRisk conversation on Twitter and social media by following @RSAsecurity.