“In 20 years, every physical item will have a chip implanted in it.” – Marc Andreessen
“These are no longer cars…These are data centers on wheels. Any part of the car that talks to the outside world is a potential inroad for attackers.” –Marc Rogers
IoT devices hold the promise of optimizing fleet management. Real-time vehicle tracking, informed maintenance schedules, dash cams, temperature regulation in cold chains, and a single dashboard to manage all data sources are a few of the trends that are leading to more effective fleet management and cost savings. Coca-Cola and their bottling partners form a network of company-owned or -controlled bottling and distribution operations as well as independent bottling partners, distributors, wholesalers and retailers to form the world’s largest beverage distribution system.
While Coca Cola can increase the efficiency of their fleet through IoT integration, adoption is complex and requires unique device integration, a highly distributed infrastructure, large data volumes, and event streaming. Recent startups, like Samsara, are tackling the fleet IoT integration challenge but still lack the depth of product functionality required by the largest fleets.
Security and Privacy
The technology adoption cycle is not the only challenge for Coca-Cola, it is managing the security and privacy. In October 2016 many top internet properties (e.g. Twitter, Reddit, NY Times, etc…) were inaccessible for hours while DNS provider Dyn was under attack by an IoT botnet, comprised of toasters, cameras, and any other device connected to the internet. Without a standard security protocol for IoT devices, many are easily hacked with simple passwords. If Coca Cola adopts IoT to revolutionize their fleet, so many endpoints will proliferate throughout the fleet that merit constant monitoring, analysis, and a focused investment in security protocols.
Privacy is another concern. With so much real-time data flowing through these devices the privacy regulatory landscape is changing swiftly. In the EU, the General Data Protection Regulation (GDPR) will be implemented in May 2018. GDPR requires stringent privacy requirements to make sure data remains in the European Union. If firms fail to meet these privacy requirements, they face fines of up to €20 million, or 4% of the worldwide annual revenue, whichever is larger.
Decentralization across bottlers
Coca-Cola is beginning to adopt new IoT technologies to modernize their fleet. In October 2017, in an effort to reduce collisions and insurance claims, Coca-Cola initiated a proof of concept for dash cams. If the trial succeeds, Coca-Cola will rollout dash cams to its entire corporate fleet in North America. However, with hundreds of bottling partners fleet management decisions are decentralized and lack uniformity. The fleet manager at Coca- Cola Amatil, the largest Coca-Cola bottler in Australia, was recently jailed in a corruption payment scandal. The decentralization of fleet management best practices spins a complex web of fleet privacy and security risks.
If Coca-Cola is going to optimize fleet management using IoT, they’ll need to embrace new technologies across regions, and also prepare for the security and privacy concerns that come along with the adoption.
Create a new C-Suite Position
Coca-Cola should take the brave step to create two new roles that manage fleet best practices across all bottling groups: a Chief IoT Officer, and a Chief Privacy Officer. While the CPO is a modern role created in the last 20 years , the CIoT doesn’t yet have mainstream adoption. The role of a CIoT will be responsible for the trial and selection of best of breed devices. Once devices are trialed locally on the corporate Atlanta fleet, the CIoT can evangelize the technology to the other bottlers so the entire organization benefits from the new technology adoption. The CPO will work in tandem with the CIoT to ensure a culture of compliance as the technology change spreads throughout the organization. Without these two roles Coca-Cola will continue to make decentralized fleet technology decisions, fail to realize the benefits of IoT, and expose themselves to the security and privacy risk landscape that changes daily.
1) Given the pace of technology If Coca-Cola identifies a new IoT technology to integrate into the fleet, will it be outdated in a short time period?
2) Coca-Cola’s ability to manage the bottlers. A few of equity method investee bottlers include Coca-Cola FEMSA, CCEP, Coca-Cola Hellenic in which Coca-Cola maintains equity ownership interests of 28 percent, 18 percent, 23 percent. Is this minority interest enough to guide the strategy of what has been a traditionally decentralized, and siloed, fleet management decision making process?
(Word Count: 763)
 Murgia, Madhumita. “Famed investor Marc Andreessen: ‘In 20 years, every physical item will have a chip implanted in it’.” Business Insider, 24 Dec. 2015, www.businessinsider.com/marc-andreessen-internet-of-things-and-connected-devices-2015-12. Accessed November 2017.
 Perlroth, Nicole. “Why Car Companies Are Hiring Computer Security Experts.” The New York Times, 7 June 2017, www.nytimes.com/2017/06/07/technology/why-car-companies-are-hiring-computer-security-experts.html. Accessed November 2017.
 The Coca-Cola Company. (2017). Form 10-K. Retrieved from http://www.coca-colacompany.com/content/dam/journey/us/en/private/fileassets/pdf/investors/2016-AR-10-K.pdf. Accessed November 2017.
 Wilson, Deborah. “Hype Cycle for Multienterprise Solutions, 2017” Gartner. October 23 2017. https://www.gartner.com/document/3818163. Accessed November 2017.
 Sanger, David. Perlroth, Nicole. “A New Era of Internet Attacks Powered by Everyday Devices.” The New York Times, 22 October 2016, https://www.nytimes.com/2016/10/23/us/politics/a-new-era-of-internet-attacks-powered-by-everyday-devices.html. Accessed November 2017
 Majkowski, Marek. “Say Cheese: a snapshot of the massive DDoS attack coming from IoT cameras.” Cloudflare. 11 October 2016, https://blog.cloudflare.com/say-cheese-a-snapshot-of-the-massive-ddos-attacks-coming-from-iot-cameras/. Accessed November 2017
 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union. http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf. Accessed November 2017
“Coca-Cola Adds Lytx DriveCam Video Safety System.” Work Truck, 13 Oct. 2017, www.worktruckonline.com/channel/safety-accident-management/news/story/2017/10/coca-cola-reduces-unsafe-driving-with-lytx-drivecam.aspx. Accessed November 2017
 “Former Coca-Cola Fleet Manager Jailed for Receiving Corrupt Payments.” Automotive Fleet, 05 September 2017, http://www.automotive-fleet.com/channel/global-fleet/news/story/2017/09/former-coca-cola-fleet-manager-jailed-for-receiving-corrupt-payments.aspx. Accessed November 2017.
 Fusaro, Roberta. “Chief Privacy Officer.” Harvard Business Review, November-December 2000 Issue, https://hbr.org/2000/11/chief-privacy-officer, Accessed November 2017.