As we started 2020, it would never have occurred to many of us that before the end of the spring, we would be faced with moving our daily lives almost entirely into a virtual world. We have seen a substantial change in the way we conduct business, educate our children, and generally interact with the world around us. In May 2020, the New Jersey State Bar Association conducted its 2020 Annual Meeting 100% virtually. Something that would have seemed virtually impossible (pun intended) a few months ago went off seamlessly with literally thousands of attorneys interacting and learning remotely from colleagues, industry professionals, and the New Jersey Judiciary.
Embracing the “New Normal”
The “new normal,” as many people call it has led organizations of all sizes to question how businesses should operate in the future. It is assumed that at some point there will be a vaccine or treatment for COVID-19. So, what does that mean in terms of returning to work and our old lives?
For many, we may never return to the “old” way of doing things regardless of whether we are concerned about COVID-19 or not. The reason is very simple: what seemed impossible only four months ago (i.e. a completely remote workforce) now seems totally doable and, in many cases, more economical and feasible for companies. Even our court systems are now operating remotely. The United States Supreme Court held its first virtual hearing on May 4, 2020. The Justices, attorneys, and members of the public were even treated to the sound of a toilet flushing during the Supreme Courts’ virtual hearings. This fundamental shift can impact the ways in which organizations of all sizes start to think and rethink the way business is done. Another example is Twitter, which announced that employees that can work from home will be able to do so…forever.
When Remote Work Is Not Feasible — Automate
However, there are just some jobs that cannot be done remotely. So how will the COVID-19 affect the way those industries change business as usual? Take manufacturing for example. It is impossible to build an airplane or a car remotely. Since remote work is not an option, the manufacturing industry has to approach business operations differently. That means doing things like teaching employees to distance themselves by 3 feet or more whenever possible, using personal protective equipment (PPE) when available, and even rescheduling non-critical services to be performed on off-peak hours. However, social distancing and staggered work is not the only thing being considered.
Artificial intelligence and automation have been encroaching on “human” jobs in manufacturing, along with other sectors of business, for decades. The shutdowns caused by the COVID-19 pandemic could hasten and expand the process of automation and job losses as companies and consumers are forced to quickly adapt to new technologies and ways of doing things that are not likely to change. 57.43% of CISOs, CIOs, CTOs, architects, engineers, and analysts across the finance, healthcare, public sector, federal industries said that a lack of automation was a pressing concern for their organization, making it the top priority in 2020. After the COVID-19 crisis started, all business departments reported a spending freeze except for those involved with transitioning to automation. Despite the fact that COVID-19 has affected all workers, regardless of education or income distribution, it seems that relatively low-wage occupations are bearing the brunt of the unemployment crisis, i.e. those in the manufacturing sector of the economy.
COVID-19 may in fact change the way companies manufacture products. Instead of manufacturing being driven by individuals, automation may be an easier way for companies to address the impacts of things like a global pandemic. However, in solving the COVID-19 problem through changes like automation and artificial intelligence, we see the opportunity for other types of infections rise. Using computers and robots generally to complete tasks normally performed by a human being may seem like a good option. After all, robots cannot contract COVID-19 (shudder to think otherwise!), they don’t take sick leave, they don’t need time off to attend their child’s wedding, and the list goes on. However, just because a robot cannot get COVID-19, does not mean machines cannot get “sick”.
Companies that invest in and develop “smart factories” will likely see enormous benefits and efficiencies, like the ability to transmit data over a wireless internet connection in real-time. However, these smart factories also leave manufacturing operations open to increased cyber threats. And, many of these companies, including the manufacturing industry, are not prepared. The EEF’s 2018 Cybersecurity Report found that “while 91% of manufacturers are investing in digital technology, 35% said they are inhibited from fully investing due to cybersecurity concerns”. Further, 24% of manufacturers admitted they have already sustained financial or other business losses as a result of a cyberattack. However, for organizations to compete, they must innovate- which means dipping the proverbial toe into the AI and automation pool while correspondingly being ill-equipped to address these issues.
Automating With Cybersecurity Built In
When dealing with an automated system, there will always be different goals, objectives, and assumptions about what systems or mechanisms are critical and need to be protected. In addition, the way a system is architected can impact the operability of the system when using automation. However, aside from the system architecture, a company’s network infrastructure connects many business and manufacturing operations. This creates a new and larger threat vector that hackers can exploit to enter the production and process environments.
Cybersecurity threats against automation networks can take different forms. These threats are no different from other cyber-business threats but can be more impactful when a workforce is a machine and not human. Aside from the obvious inoperability of the network (and therefore potentially the entire manufacturing operation), there are additional issues to consider including serious safety issues for the humans that are present and loss of intellectual property.
As we move into a new phase of human evolution and address issues like automation and AI, it is important that we do not lose sight of the risks associated with such transitions. Moving too quickly can be just as dangerous, from a security and privacy perspective, as failing to innovate at all. Creating a secure and workable IT infrastructure requires more than just technical expertise, it requires legal advice to ensure that organizations are taking appropriate, reasonable, and legal steps. A multi-disciplinary approach to data privacy and security is essential. Creating systems and processes that embody Privacy by Design and Security by Design principles will be critical for organizations that want to do more than just survive but thrive in this new environment.
* * * * * *
Nothing contained in this blog should be construed as creating an attorney-client relationship or providing legal advice of any kind. If you have a legal issue regarding cybersecurity, domestic or international data privacy, or electronic discovery, you should consult a licensed attorney in your jurisdiction.