Potential Seen in Augmented Reality

A study by technology and cybersecurity association ISACA found that 60 percent or more agreeing that a range of suggested AR applications would improve their life and make it easier for them to do their job. However, 67 percent of IT professionals are not certain the benefits of AR outweigh the risks.

The applications of AR consumers see offering the greatest benefits include training guides and retail and healthcare geolocation for personal use, and training, safety guides and product demonstrations in a work setting. At the same time, confusion over the Internet of Things is growing, according to the consumer study. The percentage of consumers who are confident in their ability to identify IoT technologies has dropped 10 points or more from 2015 to 2016 in Australia, the United Kingdom and the United States.

ISACA’s annual IT Risk/Reward Barometer polled thousands of IT and cybersecurity professionals and consumers worldwide to uncover attitudes and behaviors about essential technologies and information, and the trade-offs organizations and consumers are making in gauging the risks and rewards. This year’s consumer study focused on IoT devices in general and those enhanced with AR in the United States, the United Kingdom, Australia, India and Singapore.

According to Goldman Sachs, AR and virtual reality have the potential to become the next big computing platform. The firm’s conservative estimate is that the hardware and software market will grow to U.S. $80 billion by 2025.* Awareness of AR grew rapidly with the launch of the Pokémon Go game in July 2016, and many businesses saw profit directly if their site was incorporated into the game.

“With the proliferation of IoT-enabled devices and the drive to provide enhanced user experiences, IoT and AR have the power to become a source of unprecedented value and opportunity, as well as significant risk,” said Rob Clyde, an ISACA board director. “Individuals and enterprises should focus on rapidly getting up to speed on these technologies while learning how to manage risk so they do not compromise their company’s ability to innovate.”

According to the U.S. consumer segment of ISACA’s 2016 IT Risk/Reward Barometer:

71 percent of U.S. consumers report owning at least one IoT device.
73 percent claim they are knowledgeable in identifying IoT devices—a 10-point drop from 2015.
Fewer than half (43 percent) report being knowledgeable in identifying IoT devices that have been enhanced with augmented reality.
Privacy Breaches and Virtual Graffiti Attacks

The Barometer shows that consumers and IT professionals alike have concerns about the possible risks of IoT devices enhanced with AR. Seventy-seven percent of consumers are concerned that these enhancements may make them more personally vulnerable to a privacy breach. Over half (56 percent) feel that their workplace is vulnerable to so-called virtual graffiti attacks.

The parallel survey conducted among U.S. IT and cybersecurity professionals shows that the business world is still in the early stages of AR adoption:

• 37 percent of organizations have not used AR applications and do not plan to do so in the next year.
• 14 percent of respondents have used AR outside of work.
• The percentage of respondents who say the benefits of business use of AR outweigh the risks (15 percent) is only slightly lower than those who believe the opposite (18 percent), and the majority (67 percent) say they are unsure.
• Nearly 1 in 3 (32 percent) have a way to detect pictures, posts and videos geotagged to their business location or advertisements.
• Only 7 percent have a program in place to monitor negative comments on virtual graffiti apps.
• Top barriers to adoption of AR in organizations are insufficient ROI (18 percent), security concerns (18 percent), insufficient budget (13 percent) and lack of skills/knowledge (11 percent).

“Enterprises need to work on being agile and applying sound measures around governance, security and risk management to fully realize the benefits of these technology advances. Proactive monitoring for malicious activity like virtual graffiti and data breaches is critical for business to gain value and mitigate risk,” said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT.