Over the course of 2020, Protocol collected more than 200 responses to questions about the future of tech from our group of industry experts, known as our Braintrust. The questions often required members use their knowledge to look ahead at how their industries were being shaped. And what a year it was for shaping ... well, everything.
Now, with the benefit of hindsight, we're highlighting some of the places where members were spot on. Here are five times Braintrust members hit the nail on the head predicting an unpredictable year.
Ransomware became the threat executives feared
2020 was a bad year to be a piece of private data. As the number of coronavirus cases grew, so did the number of cybersecurity incidents, thanks in large part to an explosion of ransomware attacks.
In a recent report, enterprise security company Positive Technologies found that ransomware made up 51% of all attacks in the third quarter of 2020, compared to just 39% in the previous quarter and 27% the year before.
In February, William Peteroy, then the CTO of Gigamon, had highlighted shortcomings he'd seen:
"The biggest risk that I feel businesses aren't taking seriously right now (likelihood and impact) is sophisticated ransomware … Most organizations I interact with do not do comprehensive threat modeling and with the continued rise of more sophisticated threats like SamSam, Ryuk and Fin6 — it's not just script kiddies doing ransomware anymore."
The health care sector was one of the biggest targets in 2020, but as Darktrace's Director of Strategic Threat Marcus Fowler noted in February: "Rather than targeting companies based on their size, industry, assets or market share, cyberactors are now going after the vulnerabilities, wherever and whatever they are."
And in October, Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory, zeroed in on critical infrastructure and the food production supply chain as spots with vulnerabilities:
"We pay a lot of attention to the potential for attacks on critical infrastructure in areas such as energy (power plants, electrical grid, etc.), but I'm wondering whether we'll see an uptick on attacks in the farming and food production/supply chain, which is just as crucial to the continued running of society but perhaps less sexy … I would be unsurprised to learn that farming and food supply, like many sectors, are behind the curve on information security, despite being an area of critical infra."
Less than two weeks after Pfefferkorn responded to that question, Americold, one of the largest refrigerated warehousing and logistics companies operating in the United States, fell victim to a cyberattack that temporarily shut down its systems.
Most recently, the still-unfolding SolarWinds saga that left at least five government agencies exposed to backdoors — believed to have been exploited by Russian actors — reinforces Pfefferkorn's fear of cybersecurity weaknesses in critical infrastructure. While the SolarWinds breach was a supply chain attack carried out via malware rather than a ransomware attack, the targets themselves point to what McAfee CTO Steve Grobman saw as the most vulnerable space, regardless of the attack method. In November, he described the most at-risk areas as "those with a high reliance on legacy technology that is inherently difficult to patch, upgrade or replace."
Fintechs broadened their horizons as the world moved online
In 2020, big fintechs including Robinhood, Chime and Stripe all saw valuations soar as user behavior changed through the pandemic. That behavior change wasn't all that surprising for some members of Protocol's Braintrust.
Nine days before the first stimulus checks hit bank accounts, Plaid's Global Head of Policy John Pitts highlighted the need for better payments infrastructure.
"If the government wants to move fast to get billions of dollars into the hands of consumers and small businesses, they need to make the same digital transformation. And new tools and services must be built that meet the rapidly evolving needs of consumers and businesses struggling to make ends meet. The digital-first habits that will be born out of the pandemic will accelerate the demand for a digitally delivered financial system."
In the week that followed, a number of fintech companies became directly involved with disbursement of funds from an individual's or from a business's perspective via the Paycheck Protection Program. Square and PayPal were approved to offer SBA loans on April 13, while their P2P offerings, Cash App and Venmo respectively, offered new ways for Americans to accept their direct deposits. Challenger bank Chime went a step further and allowed some users to access the funds in the forthcoming stimulus check before they actually hit an account.
Now, As a second stimulus package makes its way to Americans' wallets, even more fintech involvement is possible. And it could take the form of partnerships between financial services companies and startups, according to Mastercard's president of operations and technology, Ed McLaughlin:
"The idea that it's Big Tech versus the incumbents is a false dichotomy. In reality, there's a lot more partnership and 'coopetition' than many people realize. That's because in any highly-regulated industry, deep domain expertise is paramount. So, consumer tech companies are teaming up with financial technology experts."
McLaughlin gave this answer about Big Tech and financial services overlap after the company had acquired Finicity and after the Visa-Plaid deal had been announced, but as the fintech M&A market heats back up, McLaughlin could be right about more movement in store for 2021.
AI updated supply chains
"Utilizing AI across business processes" has been on every industry analyst's report for years. But at the end of February, we asked Braintrust members to highlight applications of AI they believed would be important but might not receive the hype some projects do. Before COVID-19 left grocery store shelves empty, Rumman Chowdhury, Accenture's global lead for responsible AI, pointed to food demand as one area for improvement.
"Did you know that nearly 1.3 billion tons of food simply rots on shelves in stores due to poor infrastructure, and that this waste is identified by the U.N. as one of the top sustainability problems worldwide? Better predictive models to determine demand, combined with tracking technologies, can reduce that waste. While likely one of the least headline-grabbing use cases for AI/ML, the halo impact of predicting demand, understanding where goods and raw materials are, who is handling it, and when, will create a beneficial ripple effect."
In the months that followed the response, some grocery companies began leaning further into AI applications to better control their supply chains. Unilever partnered with Orbital Insights in April to better track the extended supply chain during production. In the U.K., Sainsbury's overhauled its system to better forecast demand amid the unpredictability of the pandemic.
Data privacy only became more important
If obtaining and using more data was the story for companies through the pandemic, consumers better understanding how data connected to them personally was the flip side. Though it was Big Tech companies that faced multiple hours-long hearings from members of Congress, the way other companies were using data was the focus for many Americans.
In April, Braintrust members were asked about the data privacy holes that had opened up as a result of pandemic policies. Ruby Zefo, Uber's chief privacy officer, highlighted the risks of geolocated data in the hands of public entities.
"Unlike the GDPR, privacy laws in the U.S. typically do not govern the public sector, so government agencies can collect and use personal data like specific geolocation data in ways that a private company cannot. This issue is coming to a head now because the location data is also attached to sensitive health data, as governments seek to track the spread of COVID-19.
However, even in this urgent new situation, the collection of this data should be minimized and the benefit proportional to the impact on citizens' privacy rights. Further, the government should be mindful that any measures put in place for this health crisis should be temporary, and reduced and finally eliminated in tandem with the course of the health crisis."
Though health data was the lens through which the response was given, Zefo's trepidation over governments using geolocated data came to a head over the summer when demonstrations against police brutality became the focus of legislation around police surveillance. More recently, civil rights groups have asked Google to disclose information about geofence warrants that law enforcement agencies requested, which provide information about any devices present in a certain area.
Virtual work brought real change
Over the course of the year, we asked members a lot of questions about digital transformation, from the practices that small businesses would need to employ to stay ahead to the strategies for keeping talent without traditional perks.
And Even Financial's CEO Phill Rosen predicted in April that all of our "temporary" remote work setups could result in a changed geographic makeup of tech companies.
"I am hopeful that this will be a game changer for sourcing untapped talent from rural areas and in cities with more limited job opportunities. It's easy to imagine an engineer in Iowa working on projects with a colleague in Nebraska, even if their team lead is in New York … This has the potential to not only widen the global tech talent pool, but also bring tremendous economic vitality to communities that have yet to benefit from the digital revolution."
In the months since, high-profile tech companies such as Oracle and HPE and executives such as Elon Musk have stopped — or at least, are beginning to stop — calling California home. San Francisco itself has lost as many as 89,000 households through the pandemic as tech workers have sought greener pastures … and rents below $3,000. Of course, some of that exodus has been facilitated by tech companies themselves, as Rosen imagined: Reddit eliminated geographic compensation zones; Microsoft, among others, loosened its in-office requirements for jobs; and Stripe offered employees $20,000 to leave the Bay area (though it's also docking employee pay by 10% to adjust to the different cost of living).
And thinking ahead, Anne Toth, now Amazon's director of Alexa Trust, looked on the bright side when asked about what parts of remote work would stick around once people return to offices:
"For once, we all are bringing our 'whole selves' to work every day with more empathy for one another than I've ever seen. I expect and hope that once we are released back into common working spaces with one another, these moments of fun will stay with us and continue on."
As vaccines start to roll out, it might not be too many more months before we get to find out how right she is.
***In 2021, Protocol will continue to convene expert roundtables around tech's big issues with Braintrust. If you or someone you know would like to become a member, please reach out to firstname.lastname@example.org and tell us why.