A survey taken in April for the Unisys Security Index found that Britons are dubious of health insurance companies using wearable trackers to understand their fitness habits, but are in favour of smartwatch enabled panic buttons. David Matthews, security industry director for Unisys EMEA, talked to DataIQ’s Toni Sekinah about the findings.
Of 1,000 British people surveyed, 51% said they would not be supportive of health insurance providers tracking their fitness activity to determine premiums or reward safe behaviour. Of those who said they were not in favour, 41% said they would not want the organisation to have that data about them, and 36% said there is not a compelling enough reason for the organisation to have this data.
David Matthews, security industry director for Unisys EMEA, told DataIQ that the UK public has become more sceptical about how safe and secure their data would be in relation to Internet of Things devices since the report was last published in 2014. When asked if this scepticism is rational, he responded that people’s views are based on two things: their personal experience and external inputs from either the media or people that they know.
“There is no doubt that the threat landscape is increasing. Attackers are simply becoming more sophisticated and launching attacks outside traditional signature and rule set approaches,” he said. He also highlighted other drivers of the increased threat landscape as the opening up of IT - including cloud and mobile, the shortage of skilled people to deal with security threats and more data breaches. “Most people now know of someone within their network that has been a victim of ransomware either at a corporate or personal level,” he noted.
Matthews stressed that the antipathy of the British public towards IoT devices is not blanket and across the board. The report also found that there are instances in which Brits are very much in favour of IoT devices, as 79% would support having an emergency button on their smartwatch or smartphone that would send their location at the time to the police if they needed help. Also, 74% said they would be in favour of medical devices that immediately transmit any significant changes to their doctor.
The response was evenly split for what could be a controversial use of an IoT device. For police accessing data from a person’s wearable at their discretion to determine the wearer's location at a certain time, 41% were in support, 41% were not in support and the remaining 18% responded do not know. There was also concern about possible abuse of IoT devices by authorities and intelligence services, as 49% of those surveyed believed that intelligence services can and will listen to and watch them via their smart TV and other connected devices.
Matthews said: “People are all in favour of personal safety, whether it is medical or an emergency button. What they seem to be more worried about is the Big Brother thing, the authorities knowing where they are and the health insurance companies knowing how many times they go to the gym or not.”
This suspicion of health insurance companies may well be warranted. The flip-side to a company that has access to one’s health information rewarding good behaviour is penalising "bad" behaviour and determining what that constitutes.
The market for consumer IoT devices is large and expected to grow. According to Gartner, 5.2 billion connected "things" will be in use globally by the end of this year, predicted to grow to 12.8 billion by 2020, with spending amounting to just under $1.5 trillion.
In response to consumer concerns, Matthews said he has noticed many companies becoming more conscientious when it comes to security and data. He said: “What I’m seeing now is lots of companies really trying to get their act together at the board level. They want governance and compliance to legislation, so things like GDPR are having an impact, but so is reputation and [possible] brand damage.”
According to Matthews, 90% of companies in the FTSE 250 are doing dummy desktop exercises around data breaches as no executive wants to go through what Dido Harding of TalkTalk did with being questioned on the news.
Unisys, a global information technology, has conducted the Unisys Security Index since 2007 in the countries in which it has its largest customer base, 13 countries across North and South America, Europe and Asia Pacific. The index takes into account four types of security; personal, internet, financial and national. Matthews explained that the UK’s score is 144, which indicates a moderate to serious level of concern and is 40% higher than it was in 2014. In comparison, the global average is 173 and this average has increased by 20% compared to three years ago.