Disruptive technology such as machine learning, artificial intelligence, and the Internet of Things (IoT) hold a great deal of promise, offering to digitally transform your business processes and your organization as a whole. Market research firm IDC projects that worldwide spending on cognitive and artificial intelligence systems will nearly quintuple from $12 billion in 2017 to $58 billion in 2021.
However, it’s important to remember that with every great potential opportunity, organizations open themselves up to risk as well. Below, we look at the 6 biggest disruptive tech risks that we see businesses facing in 2019, and talk about the way that organizations are mitigating them.
Risks of Machine Learning
1. User Privacy
Concerns about consumer privacy reached new heights in 2018, as a number of companies suffered high-profile data breaches that compromised their customers’ private information. Notably, it was reported that Marriott International Inc. faced a breach that exposed the personal information of 500 million customers. Through the attack, the hackers were able to gain access to names, phone numbers, emails, passport numbers, travel details and payment information of customers.
Machine learning necessarily requires vast amounts of data. With breaches like this on the rise, companies are facing the difficulty of gathering this data without violating their users’ privacy or exposing their personal information to malicious actors.
2. Fairness and Equity
Machine learning is exciting for many applications because it offers the possibility of removing human biases from the equation when making important judgments and decisions. However, this is only effective if the dataset and model are themselves free of bias.
In October 2018, for example, the news broke that Amazon had reportedly scrapped a machine learning tool for selecting the top resumes among its job candidates, because the system discriminated against women. The bias was apparently due to the fact that the tool was trained on a dataset of resumes from previous applicants, who were predominantly male.
Risks in Artificial Intelligence
3. Reputational Risk
Microsoft’s “Tay” chatbot offers a cautionary tale of an AI system gone rogue, creating a major embarrassment for the company. Tay “learned” from her interactions with Twitter users, some of whom “taught” her to make extremist and bigoted statements. The bot was quickly shut down after only a single day on the platform.
While the backlash from Tay was relatively mild, AIs left to run unchecked can represent a major and even existential risk to your business’s reputation and bottom line.
AI systems that are prone to errors, subject to bias, or easily hacked can expose your organization to public criticism, as the government of Australia recently discovered when they implemented an algorithm that was designed to detect welfare fraud. Flaws in the algorithm caused thousands of welfare recipients to receive false debt notices. This eventually led to a large public outcry and an official investigation by the Australian Senate.
4. Ethical and Legal Concerns
Companies that are researching self-driving cars, such as Uber and Tesla, must deal with their own versions of philosophical dilemmas such as the trolley problem. For example, when an accident is inevitable, is it acceptable for a self-driving car to divert its course in order to save more people if that puts its passengers’ lives at risk? Whose lives should be prioritized – the car’s passengers or the pedestrians outside the vehicle?
As AI systems become more intelligent and gain more agency, addressing these questions will be a preeminent concern.
Risks in the Internet of Things (IoT)
5. Greater Complexity
Ericsson forecasts that there will be 29 billion devices connected to the Internet of Things by 2022, from smartphones and GPS devices to “smart” thermostats and toasters. This massive IoT growth offers billions of new attack vectors for malicious actors.
Businesses need to make sure that their IoT-connected devices are safe, with no default passwords and with all security updates installed.
6. Public Safety
Data breaches of customers’ personal and financial data are devastating enough, but the repercussions are limited to the individual. What happens when attackers are able to breach an IoT network that manages public infrastructure? From hacking traffic lights to bringing down power plants, the possibilities are extensive, and the risks are severe.
When the IoT is applied to infrastructure such as electrical grids, they must be protected with both physical security and cyber security. The massive Northeast blackout of 2003, which affected more than 50 million people, offers a picture of what could happen in a worst-case scenario during an IoT attack.
Mitigating the Risks of Disruptive Tech
Although the risks that accompany disruptive technologies like machine learning and the IoT are substantial, there are ways to deal with them.
When it comes to avoiding bias in machine learning, the solution is generally to ensure that the input data you feed to your AI is as accurate and free of prejudice as possible. Although this solution seems simple, it can be hard to implement in practice; the methodological problems that data gathering algorithms can suffer from can be very hard to spot. When in doubt, more data is usually better, although it’s important to consider where that data came from as well.
There are several approaches to protecting a users’ personal information. Some tools allow you to build machine learning models that guarantee differential privacy by adding random noise to the dataset. Other researchers are investigating whether machine learning can be effective on data that is already encrypted.
Using Software to Find Vulnerabilities
Regularly assessing your company’s website and networks with a vulnerability scanner can help identify known security holes. Many organizations also hire outside security consultants (such as penetration testers) to identify and fix the vulnerabilities that remain. Keeping your devices and information secure is a process that never really ends, of course, and when managing a large volume of security-related data, it can be very helpful to use software to keep track of these risks.
Resolver helps companies not only track these risks and implement controls, but also helps them to monitor remediation efforts. Interested in learning more about Resolver?