Visit us on stand 906 at BlackHat Europe 5 – 6 Dec Read More
Heroes of healthcare need heroic tools, not insecure compromises Read More
Pushfor Featured in Financial Times – How to Spend It Read More

The Instant Generation by Mike Williams, CEO

Millennials on their mobile phones

Opinion Piece looking at how digital technologies continue to drive human behavioral change and the rise of a new generation that expects instant gratification and with a very different view on their willingness to share personal data.

 

The Instant Generation

It’s almost impossible to imagine life before the public emergence of the technology that changed the world – the world-wide-web (web) in August 1991.  Soon to follow was its by-product, electronic mail (email) which didn’t really become common in the workplace until around 1996 – 1997. It transformed the speed of business communications and collaboration.

The dawn of the digital era

Since then the speed of technological change has been mind-blowing as we witnessed the dawn of the digital revolution including the mass worldwide adoption of devices such as the smartphone – hardly just a phone anymore. In 2008 when the Apple Appstore launched it had 500 mobile apps available, mainly gaming apps, and today there are around 2.2 million apps available with over 5million forecast by 2020.  There is literally an ‘app’ for everything – how many times have you heard someone say, ‘there’s an app for that’. We are also now beginning to see a foothold in homes of the first wave of consumer affordable Artificial Intelligence (AI) with Personal Virtual Assistants such as Apple’s Siri, Amazon Echo, and Google Assistant.   And with the Internet of Things (IoT) and smart devices becoming more affordable and mainstream – well the mind boggles.  20 years ago this will have been regarded as science fiction by most or certainly to be many light years away – but now we have millennials who don’t even consider the underlying technologies but regard the abilities and speed of information that they have at their fingertips – literally – as normal day to day life.   Most millennials would grimace if you suggested that they ‘send you an email’ – it would be considered an archaic way of communicating and sharing content now in the new world of instant messaging and social media.

It is fascinating how these technologies are fundamentally changing the ways in which humans behave and the expectations that we have – it is almost more than a behavioral change it sometimes feels that our brains are evolving in line with digital transformation.  How many times have you seen a young toddler try to swipe a television or laptop screen and then look baffled because it has not done as they expected – it’s almost like they are born with the knowledge!

The need for instant gratification

We are now living in the digital world where everyone (and soon to be everything) is connected, ‘always on’, everything instant and on demand.  Waiting for something is no longer an option, patience seems a human trait of the past – we want instant gratification.  Remember when you would race to the shop to buy your favorite artists latest album and smug to be the first amongst your peers to own it, or the excitement of waiting for that 35mm photo film to be developed or waiting for that postcard from your loved ones on holiday to see if they are having a good time -– not any more – everything is real-time and instant – we are an ‘expect and want it now’ generation.

Flowing data creating digital footprints

Another major change in human traits compared to previous generations is our willingness to share personal data.    Data is often referred to now as the ‘new oil’ the world’s most valuable resource – and there is no stemming the flow of humans sharing it.   The most downloaded iOS Apps in 2017 included the social media giants SnapChat, Facebook, Instagram and YouTube – all completely underpinned by users instantly sharing personal data and content.    Research shows that the average user engages with 30 apps a month from their mobile device. And don’t forget our day to day engagement with technology giants such as Amazon and Google – ‘just google it’ has become an everyday verb.   Every digital interaction is essentially sharing personal data at some level or form, a digital trail of footprints is left everywhere we go – the current ad campaign run by Experian refers to the ‘data self’ and the content behind it demonstrates how attitudes and behavior has changed when sharing personal data and the power that this data can have.  Experian states ‘we believe that data should be a force for good’ and they are undoubtedly looking to help individuals use their ‘data self’ to improve their financial circumstances.  However, the very concept of a ‘data self’ floating around the internet can be somewhat disconcerting but that is exactly what we are creating with every single interaction with the internet be it via a connected device, an app or browser.

Our ‘data self’ is the holy grail for companies. Rather than mass marketing, smart data algorithms and predictive analytics enable ‘one-to-one’ (1:1) marketing strategies so we are targeted with relevant, contextual products and services at a time when we are more likely to buy. This is the ‘trade-off’ individuals are making in sharing their data – most are happy to share personal data in return for something of value.  Many enjoy being marketed to as an individual and the personalized user experience that comes with it – in fact, the new millennial generation expects and demand it. It is, therefore, no wonder that companies are eager to capitalize on this never-ending flow of data, harvesting it to sell us more products and services and drive customer loyalty, influence our behavior and thoughts and in some cases to monetize the data and sell on to other 3rd parties.  The disruption to business models is unprecedented.

However, the temptations and opportunities presented by this flowing sea of individual’s data are like in the Garden of Eden – both good and bad.  There is rarely a day goes by without another news report of a data breach – some resulting from the malicious use of stolen or ‘hacked’ data and other resulting from human error – the impact of which can be severe financial and reputational damage for everyone involved.

Data protection for the digital age

The last revision to the UK Data Protection Act was back in 1998, 10 years prior to the launch of the smartphone.  Few people could have predicted the sheer scale and impact of the digital footprints and corresponding data now flying around the ether.   Data breaches by Yahoo, Equifax and Uber are some of the largest data breaches of all time and have been instrumental in driving governments around the globe to re-examine data protection laws and regulations that are not fit for this digital universe of data.    The European Union is leading the way with the imminent enforcement of the General Data Protection Regulation (GDPR) which became law on May 25th, 2018.  This regulation is driving the most radical shake-up across global enterprises in protecting individual’s data and data storage and processing activities.  Any business, large or small, that holds any data on an EU citizen is legally bound to comply with GDPR.  The consequences of non-compliance are potentially business-crippling with fines of up to 4% of global turnover and up to €20 million – whichever is the greater.

However, in addition to regulation, there is an argument that protecting personal data is everyone’s responsibility – be it in our personal lives or working lives.  Without any question, companies that we trust with our most valuable and personal data such as financial institutions and healthcare organizations, have a moral responsibility to protect us from the devastating consequences that could occur from a data leakage.  However, there also needs to be personal responsibility and accountability in how our data is protected and shared.   GDPR will give individuals far more control than before by forcing companies to gain consent from individuals in how their data is used. For example, it will be no longer sufficient to have a single ‘opt-in’ allowing companies to use your data in various ways, post-May 25th individuals now need to opt-in for every single use case.

The need for education

But we need more than regulation – we need increased awareness and education.  We need education in our home, in our schools, in our universities, in our local communities and in our workplaces across every single sector.  Both individuals and businesses need to be able to thrive in a safer and securer digital environment whilst reaping the benefits that this new valuable data resource can bring when utilized responsibly.

The recent facebook saga is probably one of the most significant and controversial data breach incidents of all time – not necessarily because of any financial damage it caused to individuals or companies but because the way in which the data was used and the media attention that it attracted. It brought the topic of data protection and GDPR into millions of households around the world – it may be one of the most effective, albeit it undeliberate, ‘data protection awareness’ campaigns ever to be known.  It has been a catalyst in individuals ranging all ages and from all races and cultures, waking up to the power of their data and why they need to take responsibility for the ways in which they share it.

The scale of recent data breaches and the threat of massive fines from GDPR are forcing companies to embark on internal ‘data protection and information security’ training initiatives with their employees.  Human error is regularly cited as the weakest link in a company’s data security processes with 96% starting with email as the main entry point for a ‘phishing’ attack.   This can drastically be reduced with training and education.

Empowering users versus security risk

However, businesses also need to provide employees with work tools and technologies that provide the same levels of agility, speed, and convenience that they are used to in their personal lives.  It was mentioned earlier that millennials regard email as archaic and much prefer to use more social, consumer-centric apps for sharing information – they are easier, user-friendly and fast however they were not designed for business use.  The boundaries between our personal life and work life have become totally blurred with smartphones and devices at the heart of everything we do. The ‘always on’ connected world referred to earlier means that the days of 9 – 5 working is a thing of the past.  This has led to an increasing number of Bring Your Own Device (BYOD) policies adopted in the workplace together with a surge of ‘unsanctioned apps’.   Consumer-centric apps have now become widespread in business, were never designed for enterprise use or business-critical communications and are essentially subjecting an organization to a massive security risk.  It is staggering that the likes of government and military officials find it acceptable to spin up groups in the workplace on platforms such as WhatsApp – it’s like going to go battle with a Google self-driven car!  Let’s hope the recent decision of WhatsApp founder Jan Koum to quit because of his concerns around data privacy being diluted will make both individuals and companies think twice before choosing WhatsApp for communicating in the workplace let alone across government departments.

There is a famous quote by Randall L. Stephenson, CEO of telecoms giant AT&T which is ‘When the iPhone came out, every CIO in America said, ‘You’re not bringing that into our corporate environment,’ my CIO included’ – hindsight is a marvelous thing but who could have imagined the impact that smartphones and other mobile devices would have on the business world.  40% of the global workforce is forecast to be mobile and 5.5 billion mobile users are forecast by 2020.  Therefore, businesses are having to think ‘mobile first’ when considering new ways of engagement with employees and customers. Consequently, we are seeing companies, including disruptor banks being built entirely on a mobile-first business model. However, in one sense you could argue that they were words of wisdom from those American CIO’s who potentially saw the potential security risks to the business.

A way forward

Data is continuing to explode with forecasts that by 2020 about 1.7 megabytes of new information will be created every second for every human in the world. Organizations need watertight data protection and information security processes and tools in place to mitigate business risk when storing, processing and sharing this data –internally and externally.  But they need to do this without stifling the DNA and ethos of digital innovation and the opportunities it presents.

So, we are all faced with a massive challenge but the good news is there is a range of new technologies designed specifically to address the opportunities and threats the instant generation are experiencing – both in their personal and working lives.  These technologies are ‘secure by design’ and are readily available – there are no excuses anymore!