By now, we are aware that most businesses are in the middle of a “data reawakening.” Every asset, product, system and person now generates data, either through sensors, smartphones or computers. But sadly, enterprises seem overwhelmed by these enormous streams of data cargo, rather than meaningfully utilizing its potential to develop serious value of it. In the last few years, the bar of integrated and intelligent services has exponentially raised and these interactions represent a global reality — IT/OT convergence.
Why do the two domains need to work together?
Over the last few years, information technology and operations technology (IT/OT) have been viewed as two entirely separate entities. Traditionally, these two domains did not overlap; they had different goals, had different objectives — IT ran business applications while OT centered around manufacturing, assets, operations and building efficiency (you find the likes of SCADA, BMS, PLC, etc.). Yet data from these technologies remained confined within multiple proprietary systems and organizational silos, making it less accessible and non-interoperable by stakeholders, compelling IT and OT to independently fluctuate business performance based on non-linear, deferred problem data.
The gap is pretty obvious. Technologies need to combine and converge to not only solve interoperability issues, but also to simplify the means of acquiring, processing and analyzing data so that reactions can be concluded across the last mile, in real time. This translates the concept of IoT that fundamentally focuses to close the IT/OT divide and facilitate blending of data both horizontally (between things like machines, assets and equipment) and vertically (across corporate IT systems and business applications).
IoT will be deep-rooted in IT systems to automate operations
There are two angles to this, though. On one side, we have businesses looking for solutions to centrally automate and increase operational efficiency across the physical world. They want to utilize machine data to understand performance trends of energy, assets and products, be it at a fanned-out infrastructure or a factory floor (read: connected buildings). On the other side, we have product companies innovating on R&D that is based on IoT-driven consumer insights. They want to deliver better customer service, forecast sales and maintenance and be in control of product health through its lifetime (read: connected products).
Clearly, IoT enables various business drivers to realize the benefits of IT/OT convergence, making information accessible across teams and organizations involved, more easily and timely — eventually, unifying an environment of diverse equipment and interfacing protocols.
Organizations have new expectations: “Orchestration of things”
For example, an air-conditioning unit in your building begins to underperform. Your IoT solution analyzes its performance trend through a specific duration and recognizes a leak in the gas pipe that’s causing the unit to work below capacity. It automatically raises a ticket to your operation team’s helpdesk and you remotely prioritize and route your maintenance staff to attend to this issue. Simultaneously, the IoT solution alerts your A/C supplier of the irregularity, either through its CRM/ERP or by email, enabling the business to keep track of product performance over time and schedule replacements if required. You see how data consolidation takes place — by building a unified, common ground (of sensors, gateways and platform-enabled software), you begin to converge and derive profitable value from both these worlds, enabling data to interact and interoperate across legacy and newer systems — ergo, creating an orchestration and integration of “things.”
What will the collaboration look like?
By way of working IoT as small yet specialized cloud applications (that run on a reliable, multitenant platform architecture), businesses soon start to realize a true plug-and-play IoT environment across verticals. Let’s take the case of connected buildings: your head of operations begins her day by logging onto a central, connected-projects console. It delineates all essential operations in a single unified view that helps her observe the overall performance of your geographically distributed infrastructure. This includes the generic health of environments managed, health of assets in each environment, total number of underperforming assets, root cause of inconsistencies, consequent under-optimized operations, cost equated to downtime, the teams working on it and much more.
More flexibility in managing operations: Ease of IT in OT
You begin to empower your teams to manage energy or water consumption just as straightforwardly as managing your internet bandwidth — on the go, on demand and in real time. You start to transform into a unified infrastructure, rethinking traditional business models to create new connected services. You begin to effectively improve day-to-day business processes and, sooner or later, start doing IoT.
The way businesses are being managed is changing for good, and so are the underlying technologies that interact with machines and people alike. The IT/OT convergence will continue to help provide organizations the right information they need, anywhere, any time — and by that greatly simplifying the lives of millions of working people, more intelligently.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
According to IDC, spending on the internet of things was at $737 billion in 2016 and forecasted to grow at an annual rate of 15.6%, reaching $1.29 trillion in 2020. That is not surprising, as forecasts projecting massive growth for IoT exist everywhere. While consumer IoT is often where the hype is, much of the current spending is in the enterprise, with manufacturing, transportation and utilities representing 44% of the 2016 spend (per IDC).
Another hyped market is big data. Also from IDC, spending on big data and business analytics solutions will grow by more than 50% from 2015 levels to more than $187 billion spent in 2019, with the big spenders in big data coming from the manufacturing and banking industries.
I don’t think there is much question that IoT and big data represent rapid growth and hype. I also don’t think many would disagree that much of the IoT and big data opportunity overlaps with each other. IoT is much more than connecting to a new sensor, device or thing, it is also a mechanism to collect and distribute data. This is something I wrote about last year when I talked about the opportunity for IoT in the enterprise:
“The value in this enterprise context is the potential for IoT to manage the interactions within this complex fabric of new sensors, gadgets, mobile devices, apps and old legacy applications and physical infrastructure.”
One interesting data point from the IDC research above is that much of the investment is happening in select verticals like manufacturing and banking. You can argue that manufacturing started doing IoT before it was called IoT. Manufacturing saw early on the tremendous potential to automate workflows across their manufacturing processes. The question is, once you get outside of manufacturing, what types of opportunities will there be in the enterprise for the intersection of IoT and big data?
The intersection of IoT and big data
This is a broad question, probably better to ask where is there not an opportunity. IoT, and the rapidly increasing set of devices, sensors and things, represent a tremendous opportunity to connect everything together, and there will be tremendous value generated by all of these new connections. The question then becomes what to do with all of the data generated by these connections? Will this data unlock new opportunities and help solve unsolved problems? And where does the typical enterprise organization start in unlocking this potential?
It turns out, the typical enterprise has started. According to 451 Research, 71% of IT leaders are already gathering data for IoT initiatives. A big advantage of IoT is the ability to easily collect data across all parts of the organization, including parts of the organization that historically may not have dealt with each other that much:
“IoT affords cross-industry and cross-silo interaction at a data level. CIOs must remember that data is ultimately platform independent and data science is also now available as a service.”
– Ian Hughes, 451 Research
Collecting the data is the easy part, putting it into use is the hard part. According to Forrester, only 33% of companies are leveraging the data they collect to inform any type of useful insight. I believe a reason for this is the data collected is still associated with specific silos within the organization. The real benefit of analytics to the enterprise will be leveraging data collected across the entire organization. Looking for new insights that cross silos, cross business units and connect competing groups.
In my interactions with customers, the characteristics I see in those most ready to take the leap into an enterprise IoT initiatives are those that have some sort of cross-functional technology user group in place. They have put in place the means for users, IT, operations, facilities, etc. to collaborate on solving complex business problems. IoT in many cases provides an easier way to solve those problems. The first step in putting IoT and big data into play for your organization is ensuring open lines of communication across all parts of your organization. The next step is figuring out which business problem to tackle. One area worth investing in is tying IoT and big data to your organization’s security strategy.
IoT and big data: Tools for enterprise security?
Looking at recent data from the Ponemon Institute, the vast majority of organizations feel that their existing security solutions are outdated. They expressed a need for a new IT security framework and that they are not fully prepared to deal with security risks related to IoT.
That same study also found that 70% of organizations believe that big data will be important to them in reducing security risks. To summarize, there is broad consensus among organizations that their current security approach is not appropriate, and that a new approach is needed. They also see big data as a potential tool to include in an updated security portfolio.
If IoT and big data can be a tool in your security portfolio, where is a good place to start?
Revisiting the Ponemon Institute security study, protecting access to apps and information is an area where current security approaches are not effective. Only 37% of organizations feel they have a good handle on protecting access to information on devices, servers or in the cloud. And only 40% feel they are effective in protecting their apps and data.
This is a problem that big data can help solve. To solve it, you will need consensus across your organization on what data you have access to, what you are looking for and the goal for your insights. Analytics can track when your most sensitive applications are accessed. This can be combined with other access events, like when employees badge into building access, where they are at when they use a smartphone to check email, and when they access even more mundane apps like email. This gives you a picture of common access patterns, and allows you to trigger alerts when access patterns do not follow the norm.
A common example often used is the physically impossible access event. Like when an employee checks their email in a Starbucks in New York when at the same time there is a building badge in access event in Boston. That could mean compromised devices, badges or credentials. Also useful is understanding typical usage patterns for access to sensitive information. An employee suddenly accessing sensitive information from a network or cloud location late at night on a Saturday potentially indicates stolen credentials, or perhaps malicious activity from the employee. Applications themselves may abruptly start sending information to other locations and applications in an abnormal way. Knowing the difference between normal or abnormal access activities should be a big part of anyone’s security strategy. And big data and machine learning enables this by illustrating the overall access patterns for your employees and your applications.
Where does IoT fit into this? Remember, the enterprise definition of IoT mentioned above is managing interactions in a complex fabric of data, devices, things and applications. IoT can feed the appropriate data from multiple sources across your entire organization to your big data analytics solution. Additionally, IoT can close the loop on your security approach. Big data combined with machine learning is good at offering descriptive analytics on what is happening now, or predictive analytics on what could happen. However, actions based on the results of that analysis will not happen without some sort of workflow. IoT closes that loop by triggering workflows and acting on alerts based on what the analytics is telling you. Examples include automating the revoking of access or triggering the monitoring of access for further observation. IoT makes it easier to trigger workflows across different systems managed by different teams throughout the organization.
We know current enterprise security strategies aren’t working, but combining IoT and big data will move businesses in the right direction.
We know most enterprise organizations are not satisfied with their current security approach. And we know that most are investigating and collecting data for IoT initiatives. Combining these sentiments is an opportunity area for the enterprise to improve their security posture. The good news is there are plenty of tools out there for you to leverage. And you don’t have to start with an expensive set of tools. You can start small by using IoT and big data tools to correlate when physical and virtual resources are accessed and how they communicate with each other. This by itself helps to inform your security strategy, providing guidance on appropriate and inappropriate access patterns throughout your organization. And it is worth noting, hackers are also using big data and IoT automation to improve their attack techniques. This infers a real risk falling further behind in your security strategy if you don’t find ways to put IoT and big data to use.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Every commuter has experienced the untimely misfortune of a delayed or cancelled bus, train or plane. Yet in today’s day and age of connectivity and smart transit, no one should be left asking, “Where’s my bus?”, let alone wondering what the best transit route is.
One company ready to give commuters the answers they’re looking for is mobile software creator TransLoc. Its TransLoc app solves the “first mile/last mile” problem — enabling commuters to easily get to and from their fixed transit locations — while at the same time helping transit companies optimize their services.
To help riders find their ideal routes, TransLoc’s smart transit app combines walking, public transportation and Uber (and if you think Uber is going to usurp public transportation, you’re wrong; the company estimates public transit serves about 14 times more people than Uber). The app can even notify the Uber driver picking you up from the train station if your train is delayed. It also learns user preferences and can, for example, take weather into account.
“The average American doesn’t want to walk more than a quarter-mile to a transit stop,” said Doug Kaufman, CEO at TransLoc. “But I’ll walk long distances, so the app should know that Doug will walk up to a mile — but only assuming it’s not raining — so let’s give an option to Doug that includes transit up to a mile away and integrate that service into the app. But when it rains, it won’t give that option to me.”
TransLoc services the Research Triangle Region in North Carolina, an area that includes Raleigh, Chapel Hill, Carey and Durham. With more than two million people, it is one of the fastest growing regions in the country. However, it is home to seven transit agencies — each with its own disparate technology system of fares, schedules and platforms, which can make it confusing for commuters and the companies that want to learn commuter metrics. This is when TransLoc stepped in.
GoTriangle, one of the transit systems in the Research Triangle Region, operates 67 buses and 12 express routes for more than 7,000 passengers a day. Jeff Mann, general manager at GoTriangle, said ridership has increased from 1.1 million in 2008 to 1.8 million in 2016, and believes the TransLoc smart transit system has paid off.
“One of the most valuable things to the end user is they don’t have to worry about which (of the eight transit agencies) it is,” Mann said. “It’s one-stop shopping to get you from point A to point B.”
Beyond customer satisfaction, the smart transit app’s benefit has been clearly recognized in the call center, which Mann said has seen a 50 to 60% reduction in calls since the partnership began in 2011.
Agencies also benefit from the data TransLoc collects. With real-time data about where riders get on and off as well as mobile surveying of riders right in the app, transit agencies can make data-driven decisions to optimize routes and improve services.
“It’s just a first step towards a much bigger vision of bringing every mode of transportation together and getting them to all work together,” Kaufman said.
The TransLoc app doesn’t incur any additional costs to riders and it is free for transit companies to add their services into the app; TransLoc will provide APIs to the company or work with them to integrate company APIs into the program.
TransLoc is currently working with more than 160 transit agencies across the country to enable and expand its smart transit system.
Historically, businesses have been able to treat user consent purely as a risk management exercise, something they have to do simply for privacy compliance. However, the rise of the internet of things combined with a fast-changing regulatory environment means this mindset needs to change — and soon.
A fast-changing landscape
The move to a genuine “internet of things” is undoubtedly going to be the next major phase of digital transformation, one that will lead to a wave of new business models, services and behaviors. However, IoT brings one change that is not often discussed: the fundamental reshaping of our interaction and consent options.
The classic web and mobile models of gathering permission will simply not be practical for the IoT era. A huge range of IoT devices and services will be accessed and operated without the use of a conventional interface, raising major questions regarding how we can properly manage user consent and data privacy.
Regulations like the EU’s General Data Protection Regulation (GDPR) make consent an increasingly important value, one that goes far beyond basic “data protection.” The GDPR, which will impact any business that operates in the European Union or who sells to EU citizens, requires organizations gathering consent from individuals to make consent as easy to withdraw as it was to give. In practical terms, this means it had better be a convenient and pleasant experience.
More broadly, businesses need to change the way they think about consent in order to build — and maintain — trusted relationships with customers. The increasing digital transformation of business puts pressure on personal data to flow farther and faster. However, consumers are increasingly sensitive and savvy about their personal data — and will not be slow to take action if they feel they are being taken advantage of.
So, what’s the solution? We must imagine a positive new approach to privacy and consent, one that takes a holistic view of the individual-business relationship based on a balanced view of risk management and business aims. Often “user consent” is optional according to the letter of the law. To succeed in building trusted digital relationships, we must be bold about taking that option — lean in to consent! We cannot be trustworthy if we don’t act trustworthy. Luckily, with new “consent tech” that puts the user back in control, it’s possible to live up to this vision.
As an industry, we need to recognize a more comprehensive paradigm for consent and permissions that can guide the evolution of our digital consent strategies. Personal data should be thought of as a joint asset, something that is valued by both users and service providers. Users do want to take advantage of the features and benefits of smart devices. However, they also want control over their own data — and control sometimes means sharing for personal benefit.
Imagine all the ways in which an Airbnb host wants to be in charge of selective sharing, not just of smart-home device data, but also device functions. If you are renting out your spare room or apartment for a series of short-term tenants, you will probably want to share limited access to certain devices or services with your renters for the duration of their stay, and then revoke that access when they have left. And with smart beds and connected cars part of today’s landscape, both device owners and renters have an incentive to ensure that data is associated with the correct “body” and shared only with correct parties. As the sharing economy becomes increasingly mainstream, companies should be building this kind of relationship-focused identity and permissioning control into all of their services.
In a professional context, where connected assets such as a police car or body camera might be used by different officers throughout the day, this is even more important. For instance, it might be necessary to check the data from these assets to investigate specific events. Doing this accurately requires the ability to associate the right car or camera with the right officer at any given time. The ability to associate and disassociate human and device identities seamlessly is critical to making this work effectively.
Among privacy advocates in the healthcare sector there’s a saying: “No data about me, without me.” This should become the core principle for IoT players as well. An identity-centric approach to security and privacy is key to making this possible. You have to be able to look at the relationships between people, devices and services and make adjustments accordingly.
As founder and chair of the working group for the User-Managed Access (UMA) standard at the Kantara Initiative, I have been working to innovate a way to give individuals a unified point for controlling who and what can get access to their cloud, mobile and IoT services. The essence of the UMA approach is that organizations need to be focused on delivering convenient control for users.
Trust is essential for businesses and users reaping the advantages of IoT and in fact all facets of digital transformation. The businesses that can prove their trustworthiness will reap the benefits in the form of better customer relationships and greater insight into user need.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Internet of things solutions are constantly evolving and producing massive amounts of data at an unprecedented rate. In order for these products or services to be successful, they require a cloud-based monetization engine to handle the avalanche of information that IoT provides. But while most billing applications these days claim to be cloud-based, not all “clouds” are created equal.
So how can companies ensure that they are marrying their IoT initiatives with cloud-based billing engines that drive meaningful ROI over the long term? Here are four essential characteristics every company should consider:
1. Monetization from the start
In 2016, it was apparent that the monetization of IoT still tended to be near the bottom of a company’s IoT checklist. Still focused on IoT hardware, many companies had been fixated on how to bring their smart devices to market rather than how to make money off these products over the long term. The ability to quickly integrate and adapt IoT-specific business models is set to reach a major tipping point in 2017. To ensure that an IoT-device will not just be profitable months from now — but also years from now — a monetization model needs to be at the forefront of a company’s IoT plan. By doing so, organizations will be better suited to articulate ROI on an initiative and understand how it impacts the entire business.
Most IoT solutions are inherently elastic. With sensors everywhere, companies can see huge spikes in event volumes. As IoT solution providers monetize these events, they need a solution that easily adapts to these demands. This is where the elastic cloud comes in. An elastic cloud architecture dynamically monitors system demand against current capacity, automatically adjusting system resources to address demand. The beauty of this solution is that it allows companies using cloud solutions to only pay for what they consume when they consume it. There’s one catch: just because something is hosted in the cloud, does not mean it is engineered to leverage the benefits of elastic compute. As IoT companies evaluate solutions, they need to make sure they’re only paying for what they need.
The only certainty in business is that business will change. Translate that into requirements for a billing solution — companies need to rely on a solution that will be adaptable and flexible to their business. In evaluating cloud solutions, some service providers will offer you a “black box” solution that requires a company to adapt its business to the black box capabilities. These solutions are typically cheaper and can be implemented faster. Unfortunately, these solutions are unable to adapt to most businesses as they grow and become increasingly more complex. Ideally, a cloud-based solution should offer 90% or greater “out-of-the-box functionality” and provide a highly configurable and extensible product that allows for the solution to continually evolve and adapt to a company’s needs.
4. Technology abstraction
Like death and taxes, technology evolution is inevitable. It’s been happening for decades and isn’t slowing down anytime soon. The question is, how can companies prepare for what’s ahead? When deploying a monetization platform, consider a solution that is not dependent on one technology platform, one ecosystem or one provider. Seek out a billing platform that is cloud-agnostic, for example. This allows a business to have geographic flexibility and the ability to work across all providers such as Amazon Web Services, GE Predix, IBM Bluemix and others. In this model, companies are given the diversification and abstraction from technology allowing them to rest well knowing their solution will not vanish.
In summary, it’s important for businesses to know what to look for when making mission-critical infrastructure decisions that will last the test of time. Being able to identify and define the key characteristics of a cloud-based monetization engine will help ensure that a business is set up for success for not just today, but for years to come.
The age of the dinosaurs came to an abrupt end with the arrival of a large meteor. As the huge reptiles died off, the quicker, nimbler creatures adapted and rose up. Today’s digital transformation of business and government is having a similar effect, making short work of organizations that do not evolve rapidly. CEOs must quickly define where their organizations can compete for success and lead them on that journey. If they can’t — or won’t — change, they risk fading away like the dinosaurs.
Transformation at the speed of digital
If digital transformation is the outcome of the digital revolution, leaders must position their companies to ride this digital tidal wave. Operations technology (OT) isn’t going away, but a rise in the convergence of information technology (IT) and OT infrastructures means that evolution is necessary to survival.
Leading analyst group IDC predicted that IoT will be a $7 trillion industry by 2020. This is a tremendous growth trajectory with significant implications. According to a recent study, 40% of companies at the top of their industries will be replaced in the next ten years. Yet, the same survey found that 45% of respondents do not think digital disruption is worthy of attention from their organization’s board of directors.
Digitization presents both danger and opportunity. No industry is immune.
Netflix has been able to capture the online streaming content subscription market as traditional brick-and-mortar video rental stores are rarely seen today. So would you rather be a Netflix or a traditional video rental store? It is important for industry leaders to plan for digital transformation proactively instead of reactively. Nearly 30% of businesses worldwide have already begun limited IoT deployments, according to Strategy Analytics’ 2015 IoT Deployment and Usage Trends Survey. Organizations cannot wait for change to overtake them. If they are not prepared and have not set up the infrastructure to adapt quickly, change could sweep them away.
IoT opens up new worlds of possibilities because organizations now can extract data from network connected devices and sensors — data that was never available before. Insights from this data can add enormous value to organizations, but they must reshape their current infrastructures in order to use their data effectively. And they must hire and train the right people to bring their digital change strategies to fruition.
In the IoT age, part of the infrastructure reshaping means that siloes cannot remain. IT and OT were once separate and did not often communicate with each other. Now they must come together. It’s a huge and critical step in the digital journey.
However, it’s easier said than done. Most organizations don’t know how to merge IT and OT. At this point in the evolution in the industry, many IT and OT professionals do not fully grasp converged IoT networking. Industrial IoT security adds another challenge, as do endpoint data management and analytics. And it remains to be seen how all of the preceding will add value to their organizations. How will it lead to new business models? Or new services and revenue sources?
Both new talent and the right training to update the skills of existing staff will be required to find answers to these questions. The World Bank predicts that over the next decade, there will be 2 million unfilled information and communication technology-related jobs worldwide. There will be a global need to train 220,000 new control engineers every year for manufacturing plant operations alone.
The IT department is better positioned to take the lead in the digital journey due to its historic role of information processing. Data from IoT-connected devices is just one more information stream to parse, interpret and monetize. But IT must collaborate with OT during the transition.
Here’s a real-world example to underscore the need for this collaboration. A steam valve system that controls water flow through a cooling apparatus has and will continue to operate within the OT domain. However, manual intervention had been required to take its readings and make decisions. Now, in an IoT environment, the data is collected, analyzed and acted upon via the interconnected network and IT software that monitors all of the valve systems’ parameters. Therefore, data generated from these OT managed devices and sensors is delivered across the IT system to take critical, real-time action to maintain or drive to specific parameters.
Benefits and challenges of the IoT
In the long run, IoT data analysis leads to new revenue opportunities, which all departments will benefit from. What organizations must avoid is a scenario where their IT and OT departments never talk to each other; each working in siloes. If both departments build networks that exclude the involvement of the other, the organization can incur unnecessary costs and reduced efficiency.
It doesn’t have to be this way, and for companies that want to survive, it can’t. In a major cultural shift, OT executives must align with current IT initiatives in addition to breaking out of existing silos. It is a tall order because OT executives are facing a major talent gap, in addition to a lack of process or any industry-recognized talent framework for IoT job roles and related trainings and credentials. Insufficient staffing and lack of expertise are the top-cited barriers for organizations currently looking to implement and benefit from IoT, according to research from Gartner.
A successful journey arises from two factors.
Leadership is the first one. Digital champions need to be installed in every organization that wants to thrive. These leaders will have a firm IoT vision and the enthusiasm to motivate employees to make transformational changes in systems and processes. Companies that take bold actions to align their value proposition, capabilities, products and services together view their culture as their greatest asset.
The second factor is current skills. Time after time, CEOs report that key skills are a top concern. Both IoT and OT require digital expertise, and training staff for this is essential for organizations to avoid the proverbial meteor and thrive.
The old-school silo approach is the fastest approach to extinction these days. To avoid the fate of the dinosaurs, organizations must embrace digital transformation in a way that coordinates IoT with the OT and IT departments.
Today’s cities, factories, power plants, oil rigs, hospitals and industries are changing. The rise of the industrial internet, big data and other trends are reshaping how industrial companies need to identify, hire, skill and manage talent.
Much is being discussed about digital transformation today given the rising importance of the internet of things. However, this is a broad category. The focus of our work and this paper is on the industrial internet of things — and IIoT is still a large, ($225 billion), space with unique challenges and complex issues.
It’s important to realize that this process of digital transformation looks very different at an industrial company versus a pure technology company. The idea of technological speed and agility are evolving concepts in the industrial world. The industrial sector is just beginning to embrace more digital elements in order to compete successfully in the current era. Shifting the culture of an industrial company to more quickly adopt and embrace digitization will be one of the biggest factors in a successful transformation.
Where to begin?
Thinking about digitally transforming your organization can be overwhelming, so it’s best to start simply. Ask yourself and your leaders a few key questions:
- Where do you see your current business model potentially getting disrupted by digital?
- Where do you have new opportunities for growth using data and analytics?
- Where do you have opportunities inside your company to better leverage digital in a way that directly benefits your customers?
Use these insights to formulate a vision and explore another set of questions often forgotten or understated:
- Do you have the talent in your organization today to fulfill this vision?
- What is your culture (the unwritten norms that exist) today and where does your culture need to be?
- Do you have a talent/organizational ecosystem (e.g., organizational structure, compensation, benefits, rewards) that will attract and retain talent?
- Is your vision compelling enough to attract top IoT talent that wants to work on cutting-edge solutions and advanced technologies?
Many of the top industrial internet talent magnets are working on meaningful problems that are changing how the world works. Articulating this value proposition to potential candidates is crucial to success.
The right talent
People are the key differentiator in successful digital industrial transformations. It is critical to acquire talent that has grown up in tech and is comfortable with agile methods of process, as well as an agile culture. But it’s also important to bring in the right talent at the right time. I like to think of this change involving a “first” and “second” generation of talent.
In the “first generation” of your digital transformation, look for talented disruptors, similar to those who might be part of a startup. This initial stage also requires a safe environment for experimentation, without pressure to deliver immediate results or implement across entities. You need to expect that some things may fail and that needs to be okay. This seeds a culture of taking chances and learning from what works and doesn’t work. Pick a few big problems and begin experimenting. GE Digital initially formed as a Software Center of Excellence, away from other business units, in order to create the initial proof of concept (POC) of what became Predix. By taking this incubation approach, we were able to learn fast, apply the platform to internal business use cases and build a successful POC before going to market.
As your business matures in its digital industrial transformation to what I call “second generation,” you need people who know what it means to disrupt, as well as what it means to scale. Talent at this phase should meet the organization where it’s at, while also pushing progress forward. This talent profile has typically has worked in multiple startups and at large companies. Ideally, they bring experience of being acquired and spending time at the acquiring company. Bottom line: this talent knows how to juggle the demands of a startup in a larger company environment.
At every phase of your digital industrial transformation, it is critical to give your key talent permission to disrupt, push back and question how things are done. By talking with each other, digital talent and industrial talent can learn from each other — and both get better.
Digital natives and digital migrants
So who are the right people to accelerate digital industrial transformation in your business? It should be a healthy mix of external and internal candidates, which can be referred to as “digital natives” and “digital migrants.”
A digital native has spent his or her entire career in technology and has experienced — and more likely participated in — tech disruption. Digital migrants are industrial by background but are now starting to learn the principles of agile development in a digital environment. Both are critical to the success of the modern, digitized industrial company. A recent Industry Week article by Jens-Thomas Pietralla and David Finke analyzed the psychometric profile of a productive disruptor versus a traditional industrial leader and supports the rationale for why both personas are needed to successfully transform traditional industrials to digital industrials.
Within the industrial organization, the goal is to nurture and develop a cadre of digital migrants as part of the existing workforce while attracting digital natives into a new kind of workplace. Digital natives coming to an industrial for the first time need to understand the end-customer and the larger, industrial ecosystem, while having an appreciation for a matrixed organization.
Digital migrants should have high learning agility, systems thinking, empathy and coaching skills. Typically, they serve in a translator role, understanding enough about both the digital natives and the current workforce to educate and coach both groups, becoming true advocates for transformation. Cross-functional leaders from finance, HR, manufacturing and engineering are great candidates for becoming digital migrants.
Change is difficult. It always is. But this is not an ordinary change — this is transformation. It requires a strong vision, leap of faith assumptions and a fierce protection of the new idea you are incubating, lest it be choked by the inertia of the existing culture.
Incoming leaders must assess what the cultural values are for the company today, and strike a balance between that existing culture and integrating new talent who can teach and bring the company and its culture further along.
My own personal example helps bring light to this concept. When I joined GE Digital four years ago (when it was a software center of excellence) to lead the HR function, I came from 11 years in one of GE’s largest industrial businesses — GE Aviation. As one of only a handful of traditional industrial employees in the software business, I initially felt like an outsider. Over time, I became a “digital migrant” among many “digital natives.” Success required learning from digitally experienced and minded colleagues while incorporating their insights into the larger GE world — embracing change and innovation, while also protecting what is best about GE. This process is ongoing, but I believe that the digital and industrial worlds have a lot to learn from each other.
The growing trend of digitization is impacting no sector more profoundly than the industrial, a fact that I live every day. The digital transformation of industrial organizations requires sweeping changes to how the company identifies, hires, skills and manages its talent. Ultimately, the digital transformation of industrial organizations requires the full alignment and buy-in of corporate culture and its leadership to bring them into the digital era.
A decade ago, spurred by his concerns over the amount of waste plastic utensils created, an entrepreneurial Indian scientist had this idea: Why put in the landfill what you can (nutritiously) put in your stomach? So Narayana Peesapaty decided to invent an edible spoon, and last year his creation finally gained traction thanks to a viral video and his considerable determination.
There is much that the smart city can learn from this venture.
Consider that in 2014, according to an EPA fact sheet, Americans produced 33.2 million tons of plastic; and though around a third of that was recycled, that’s mountains of waste going into landfills. While Peesapaty’s approach, though admirable, won’t scale to address the sustainability needs of entire cities, it is an object lesson in how those issues can be addressed in — you might say — bite-sized chunks.
The internet of things will empower smart cities to achieve widespread sustainability in those discrete chunks. Indeed, it is in the very nature of IoT-driven smart solutions to reduce waste, eliminate unnecessary infrastructure and create cost savings in the process.
The key to this sustainability is the networking capacity of IoT sensors and the ability to analyze and act upon the data they provide, both of which produce a cascade of benefits. Consider what can be accomplished simply with networked waste receptacles:
- Because they are discoverable with mobile devices, residents and visitors to cities can be directed to the nearest to either dispose of or recycle their waste.
- The receptacles can monitor their own capacities and alert the waste collection agency when they are nearly full.
- The agency can then tailor collection routes to only service those receptacles, reducing the amount of fuel consumed by trucks.
- Since the trucks can be equipped with sensors as well, they can automatically deliver waste and recyclables to the appropriate processing facility when they’re full, eliminating wasted trips.
- Because the system helps divert recyclables from the waste stream, it extends the usable life of a landfill.
This domino effect on sustainability can be replicated within almost any smart solution. Smart lighting and utility metering reduces demand on electricity, saving money and allowing larger populations to be served without increased generating capacity. Electronic ticketing not only reduces paper waste, but by eliminating ticket vending machines allows for unhindered access to transit services, reducing journey times and energy costs.
There are also more passive ways IoT allows smart cities and businesses to affect sustainability and meet environmental regulations. Air quality can be monitored and adjustments made or alerts sent out as necessary. Sites where illegal dumping has occurred can be monitored remotely, and law enforcement alerted when more takes place. Utility usage in public buildings and other infrastructure can be tracked, providing data that can be used to determine where to invest in energy efficiency, or possibly alerting to situations like leaking water pipes or unauthorized access.
Key in all of this is the fact that sustainability benefits are frequently ancillary to other IoT implementations — they’re a bonus, in other words. Networked smart meters are not generally installed by utilities because they will cut down on fuel costs since no one has to drive around reading them, for example — they’re installed for the ability to holistically monitor the system enables more rapid response to problems and more effective maintenance.
Edible spoons are an imaginative approach to a serious sustainability challenge; they are, in their own way, a smart solution. But when cities apply IoT to the larger challenges facing them, they will broadly improve sustainability across the urban ecosystem while implementing solutions that improve the urban experience.
Whitfield (Whit) Diffie is a giant in the crypto world.
Whit sat down with Rubicon Labs for an extensive Q&A interview that we publish as the mammoth RSA Conference gets underway this week in San Francisco. The interview also coincides with the 40th anniversary of the publication of “New Directions in Cryptography.” The paper, co-authored by Diffie and Martin E. Hellman, laid the groundwork for public key cryptography, set the stage for the broad adoption of the internet and made e-commerce not only possible, but safe. The pair were named 2015 winners of the prestigious Turing Award, widely considered the Nobel Prize of Computing.
In part one of this two-part edited Q&A, Whit weighs in on the privacy risks in an unprotected IoT world, tells why it’s better to build a bank vault than hire a guard service, why using GPS to track truck drivers is an invasion of their privacy and shares why he doesn’t own a Nest thermostat. Part two of the Q&A will be published tomorrow.
At the 2017 RSA show there will be a lot of attention focused on products that detect intrusions and malware. Are these good investments in your view?
If the amount of money spent on antimalware were spent on something else, it would be better. The malware industry depends on the problem not being solved. Protecting against malware is like hiring guard services to protect something valuable.
Are you saying that more investment should be put into secure software rather than into detecting flaws in the fingerprints of malware?
Yes. That is what works with crypto and it also works with bank vaults. Almost nobody gets into bank vaults.
But, the software industry wants to run incredibly fast.
Well, yes, that may be an intrinsic problem. There are a whole bunch of fans of a moving-target strategy and I think they are mostly wrong. And I parody what they say as “let’s keep everything jumping and hope it confuses the opponents more than it confuses us.”
Back when you co-created public key cryptography in the 1970s, did you in your wildest dreams ever imagine state-sponsored cyberattacks, ransomware or the Mirai viruses of today?
That was simply not a direction for crypto that I thought about in the 1970s. I knew about breaking into systems, but I didn’t so much think about system security as much as crypto security. My goal at the time was to secure the North American phone system because my collaborator Martin Hellman and I lived in North America, there were 100 million landline phones, lots of people, and there was just a sense of scale that we could achieve.
With the explosive growth of IoT devices, what are your biggest concerns?
My biggest concern is probably what is going to be built in an IoT device to snoop on everybody.
So you’re worried about “Big Brother” in your kitchen or living room?
I’ve believed for decades that human freedom cannot stand the decline in human communications. And I think this is just another sign of it. Truck drivers had a very independent job a generation ago. And now they are being watched by GPS all of the time. A generation ago, loosely speaking, a truck driver’s boss would say, “Here we are in Maine, get this to San Diego in a week.” And they wouldn’t know or even much care if he stopped to pick up some other stuff and went a little out of the way to take it to somebody. And, presumably now that is essentially impossible because they know where the drivers are every second. This is sort of an attack on privacy.
How do you mean?
Let me give an example on the other end of the spectrum. In the year 1800, the president would assign military generals and say, “Go take care of this problem,” and a year later he would either reward them or court martial them. The notion that the president — or in this case a company — is entitled to immediate control is one of the greatest security threats to the United States because presidents have a vison but not direct knowledge of a given situation.
Should people really be connecting all of these IoT devices in their homes or, would you say, the best thing to do is airwall gap your house so you have as few connections as possible?
You probably really don’t have a choice about it. I’m not sure you can fight these things, depending on how you can isolate your house. The truth is you may want to talk to the web and see the TV, etc. Look at Nest as an example, people want their thermostats viewed. They want to look over and see how the house is doing or turn up the heat because they are coming home from somewhere.
So would the father of crypto have a Nest in his house, and would you be concerned about privacy with smart thermostats?
I considered getting a Nest, but not for its communications features. No, the last time a thermostat broke, I went down to the hardware store and there was one on sale for $25. I didn’t buy a Nest because I needed a new thermostat and there was one that cost a 1/10 as much.
Should the burden be on the manufacturer to provide security for IoT devices?
Well I’m sure it should, but that doesn’t mean anything. In the first place, the basic principal of the world is that the more power you have, the more responsibility you have. But, the fact of the world is that the more power you have the first thing you do is try to negotiate your way out of responsibility. All sorts of things — including companies — that are tremendously powerful, in fact, in the end have very little responsibility.
Why do you think there are so many problems with securing IoT devices?
Most people think they can build something and then secure it later. It is obvious why they think that, because it is hard enough as it is to build it without security in it. So to tie your hands by insisting that it be secure at every stage of the operation will mean that someone else will beat you to market. Microsoft is the perfect example. That seems to be a basic problem of how we develop things fast and sacrifice the quality of the software.
What are your thoughts on hacking cars via over-the-air software updates?
Why you should be able to update it over the air or by radio is not clear to me. It is clear why it gets them into security problems.
The internet of things isn’t coming, it’s already here. New healthcare, industrial, home and personal devices are being connected every day, right under our noses. Gartner predicts that by 2020, nearly 21 billion IoT devices will be online. Yet as exciting as this explosive growth may be, it also brings new challenges — and chief among them is security.
As the adoption of IoT grows we are witnessing major security incidents. The Mirai botnet, for example, was able to hijack thousands of connected home devices and launch distributed denial-of-service attacks that knocked out large portions of the internet.
As more IoT devices come online, such attacks — and potentially more dangerous ones — seem inevitable. Keeping them from becoming commonplace will take new approaches to online security, and one of the more promising solutions that’s under research right now is rooted in blockchain.
You’ve probably heard of blockchain if you’ve looked into any of the various digital “cryptocurrencies,” of which Bitcoin is the best known. The success of these currencies has inspired a number of researchers to start applying blockchain technology to other applications, including to help secure IoT.
Without getting into all of the complex computer science behind it, a blockchain is a kind of distributed database that acts as a distributed digital ledger for transactions. With cryptocurrencies, for example, blockchain keeps a record of every time the digital cash changes hands.
What makes blockchain interesting to security researchers is that once it is created, a blockchain is immutable. By the nature of its design, blockchains are inherently resistant to modification of the data. Once the data is recorded, the data in a block cannot be altered retroactively. Any attempt to corrupt and modify the data instantly raises a red flag, because the validity of the blockchain is constantly verified and corrected using cryptographic algorithms and multiple distributed data records. The blockchain is itself secure and difficult for a person or a group of people to hack, making it an ideal tool for data security applications.
The distributed and decentralized nature of blockchain-based technology also makes it a natural fit helping secure IoT. IoT itself is a fundamentally distributed system composed of countless devices, any of which might jump on or off the network at any given time, making it a poor fit for centralized controls.
Who (or what) goes there?
So how can blockchain help secure IoT? One way is through blockchain-based identity and access management systems. The idea is to use a private blockchain to store cryptographic hashes of individual device firmware, creating a permanent record of device configuration and state. This record can then be used to verify that a given device is genuine and that its software and settings haven’t been tampered with before allowing it to connect to other devices or services.
Such systems can be an effective defense against IP spoofing attacks like those launched by later versions of the Mirai botnet. Because blockchain can’t be altered, devices that attempt to connect can’t disguise themselves by injecting fake signatures into the record.
Another application for blockchain to secure IoT is as a directory for device and service discovery. The advantage over other discovery mechanisms is because a blockchain is distributed and cryptographically verifiable, it’s less vulnerable to man-in-the-middle attacks and other exploits. By comparison, not only could centralized controls or intermediaries be compromised, but they also limit the ability of the IoT network to grow and reconfigure itself organically.
Putting the pieces in place
While this is all exciting stuff, however, it’s still too early to say definitively that blockchain will be a major component of IoT in the near future. This is a new and evolving area. There is much work to do in the way of industry standards to make IoT security systems from multiple vendors interoperable.
It should go without saying that blockchain-based security is no panacea, either. Early versions of Mirai relied on simple vulnerabilities like weak passwords and well-known default passwords to compromise devices, some of which were baked into firmware. IoT will never truly be secure until manufacturers accept greater responsibility for locking down their devices and adopt highly secure technologies such as blockchain.
Hardware, however, is only part of the equation. As IoT evolves toward greater autonomy, the need for innovative, end-to-end systems that can secure this new type of network environment becomes increasingly urgent. Blockchain, while still an emerging solution, is one of the more intriguing technologies with potential to set us down that road.