Coca-Cola: Original formula in an IoT world
Modernizing Coca-Cola's trucking fleet while monitoring security and privacy risks.
“In 20 years, every physical item will have a chip implanted in it.” – Marc Andreessen
“These are no longer cars…These are data centers on wheels. Any part of the car that talks to the outside world is a potential inroad for attackers.” –Marc Rogers
IoT devices hold the promise of optimizing fleet management. Real-time vehicle tracking, informed maintenance schedules, dash cams, temperature regulation in cold chains, and a single dashboard to manage all data sources are a few of the trends that are leading to more effective fleet management and cost savings. Coca-Cola and their bottling partners form a network of company-owned or -controlled bottling and distribution operations as well as independent bottling partners, distributors, wholesalers and retailers to form the world’s largest beverage distribution system.
While Coca Cola can increase the efficiency of their fleet through IoT integration, adoption is complex and requires unique device integration, a highly distributed infrastructure, large data volumes, and event streaming. Recent startups, like Samsara, are tackling the fleet IoT integration challenge but still lack the depth of product functionality required by the largest fleets.
Security and Privacy
The technology adoption cycle is not the only challenge for Coca-Cola, it is managing the security and privacy. In October 2016 many top internet properties (e.g. Twitter, Reddit, NY Times, etc…) were inaccessible for hours while DNS provider Dyn was under attack by an IoT botnet, comprised of toasters, cameras, and any other device connected to the internet. Without a standard security protocol for IoT devices, many are easily hacked with simple passwords. If Coca Cola adopts IoT to revolutionize their fleet, so many endpoints will proliferate throughout the fleet that merit constant monitoring, analysis, and a focused investment in security protocols.
Privacy is another concern. With so much real-time data flowing through these devices the privacy regulatory landscape is changing swiftly. In the EU, the General Data Protection Regulation (GDPR) will be implemented in May 2018. GDPR requires stringent privacy requirements to make sure data remains in the European Union. If firms fail to meet these privacy requirements, they face fines of up to €20 million, or 4% of the worldwide annual revenue, whichever is larger.
Decentralization across bottlers
Coca-Cola is beginning to adopt new IoT technologies to modernize their fleet. In October 2017, in an effort to reduce collisions and insurance claims, Coca-Cola initiated a proof of concept for dash cams. If the trial succeeds, Coca-Cola will rollout dash cams to its entire corporate fleet in North America. However, with hundreds of bottling partners fleet management decisions are decentralized and lack uniformity. The fleet manager at Coca- Cola Amatil, the largest Coca-Cola bottler in Australia, was recently jailed in a corruption payment scandal. The decentralization of fleet management best practices spins a complex web of fleet privacy and security risks.
If Coca-Cola is going to optimize fleet management using IoT, they’ll need to embrace new technologies across regions, and also prepare for the security and privacy concerns that come along with the adoption.
Create a new C-Suite Position
Coca-Cola should take the brave step to create two new roles that manage fleet best practices across all bottling groups: a Chief IoT Officer, and a Chief Privacy Officer. While the CPO is a modern role created in the last 20 years , the CIoT doesn’t yet have mainstream adoption. The role of a CIoT will be responsible for the trial and selection of best of breed devices. Once devices are trialed locally on the corporate Atlanta fleet, the CIoT can evangelize the technology to the other bottlers so the entire organization benefits from the new technology adoption. The CPO will work in tandem with the CIoT to ensure a culture of compliance as the technology change spreads throughout the organization. Without these two roles Coca-Cola will continue to make decentralized fleet technology decisions, fail to realize the benefits of IoT, and expose themselves to the security and privacy risk landscape that changes daily.
1) Given the pace of technology If Coca-Cola identifies a new IoT technology to integrate into the fleet, will it be outdated in a short time period?
2) Coca-Cola’s ability to manage the bottlers. A few of equity method investee bottlers include Coca-Cola FEMSA, CCEP, Coca-Cola Hellenic in which Coca-Cola maintains equity ownership interests of 28 percent, 18 percent, 23 percent. Is this minority interest enough to guide the strategy of what has been a traditionally decentralized, and siloed, fleet management decision making process?
(Word Count: 763)
 Murgia, Madhumita. “Famed investor Marc Andreessen: ‘In 20 years, every physical item will have a chip implanted in it’.” Business Insider, 24 Dec. 2015, www.businessinsider.com/marc-andreessen-internet-of-things-and-connected-devices-2015-12. Accessed November 2017.
 Perlroth, Nicole. “Why Car Companies Are Hiring Computer Security Experts.” The New York Times, 7 June 2017, www.nytimes.com/2017/06/07/technology/why-car-companies-are-hiring-computer-security-experts.html. Accessed November 2017.
 The Coca-Cola Company. (2017). Form 10-K. Retrieved from http://www.coca-colacompany.com/content/dam/journey/us/en/private/fileassets/pdf/investors/2016-AR-10-K.pdf. Accessed November 2017.
 Wilson, Deborah. “Hype Cycle for Multienterprise Solutions, 2017” Gartner. October 23 2017. https://www.gartner.com/document/3818163. Accessed November 2017.
 Sanger, David. Perlroth, Nicole. “A New Era of Internet Attacks Powered by Everyday Devices.” The New York Times, 22 October 2016, https://www.nytimes.com/2016/10/23/us/politics/a-new-era-of-internet-attacks-powered-by-everyday-devices.html. Accessed November 2017
 Majkowski, Marek. “Say Cheese: a snapshot of the massive DDoS attack coming from IoT cameras.” Cloudflare. 11 October 2016, https://blog.cloudflare.com/say-cheese-a-snapshot-of-the-massive-ddos-attacks-coming-from-iot-cameras/. Accessed November 2017
 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union. http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf. Accessed November 2017
“Coca-Cola Adds Lytx DriveCam Video Safety System.” Work Truck, 13 Oct. 2017, www.worktruckonline.com/channel/safety-accident-management/news/story/2017/10/coca-cola-reduces-unsafe-driving-with-lytx-drivecam.aspx. Accessed November 2017
 “Former Coca-Cola Fleet Manager Jailed for Receiving Corrupt Payments.” Automotive Fleet, 05 September 2017, http://www.automotive-fleet.com/channel/global-fleet/news/story/2017/09/former-coca-cola-fleet-manager-jailed-for-receiving-corrupt-payments.aspx. Accessed November 2017.
 Fusaro, Roberta. “Chief Privacy Officer.” Harvard Business Review, November-December 2000 Issue, https://hbr.org/2000/11/chief-privacy-officer, Accessed November 2017.
Student comments on Coca-Cola: Original formula in an IoT world
Despite the very valid concerns you express around privacy/ security and the cost of IoT technology that could quickly become obsolete, the introduction of IoT technolgy to optimise fleet management in the Coca Cola supply chain seems like a no regrets move to me. Not only could such technology help Coca Cola to reduce distribution costs (further optimising routes) but it will also help Coca Cola to reduce the maintenance costs within a supply chain. Using the IoT vehicle data they could ensure no truck breakdowns by performing preventative maintenance, increasing the reliability and costs within their supply chain (assuming the costs of any breakdowns is far higher than the maintenance), owing to late deliveries etc.
Furthermore, your idea of proven centralized pilots of such technologies should help Coca Cola to get their minority owned bottlers to buy-in.
I think the first open question is a great point. Because of how frequently IoT technology is changing (both on the hardware and software side), managing such developments is going to be difficult. To me, the point about creating explicit positions for IoT makes a lot of sense, because whoever is responsible will have a really important decision to make – whether to develop these capabilities in-house or to use 3rd party providers to do so.
The advantage of developing these services in-house is that they will have a complete understanding of it and be able to customize the solution to their needs. However, it is less likely that Coca-Cola will be able to attract the tech talent needed to build this out and more importantly, to remain properly up-to-date from a security/privacy perspective. Given the number of companies that specialize in building these exact services, it may make more sense to do that instead. No matter what they decide, these are the types of difficult decisions that require dedicated c-suite members.
Building onto your first open question, I wonder if Coca-Cola is the right player to even test out IoT at scale. In some ways, there is a first movers *disadvantage* to innovating for a marginal improvement in one’s cost structure.
To this point, I am curious what Coca Cola’s business case for its IoT investments look like. Does the executive team believe that this will radically transform its cost structure, or does it believe that this will be a marginal improvement? If it’s a marginal improvement, perhaps Coca-Cola should not take on the risk of its endeavor. As “Test” mentioned, Coca-Cola may find it challenging to find the right challenge. Why not leave this challenge for someone else–perhaps a logistics company like Amazon, UPS, or Fedex–to perfect first?
That said, if Coca-Cola truly believes this can be transformative, it certainly makes sense to do this!
Coca-Cola’s 1982 smart vending machine is commonly considered one of the first true IoT implementations. Given this, I see Coca-Cola’s move into IoT as opportunity to develop their legacy in this space. While there is risk that IoT technologies can become obsolete quickly, most developers are moving toward standardized networks with common protocols and spectrum, such as LPWA. This suggests that technology should be possible to manage into generational upgrades such that a single IoT technology can be maintained beyond its payback period and then updated or replaced without significant network interference. If Coca-Cola can align on a vision for a connected supply chain and a commitment to executive involvement in privacy, they are absolutely capable of a successful IoT strategy implementation.
Rephrasing your first question, given the pace of technology change, will a new CIoT officer be outdated in a short period? I agree that creating new c-suite executives sends a powerful message, but there is a limit to how many direct reports a CEO can efficiently manage. Therefore, Coca-Cola may be better served by having new technology introduction led by a single fixed C level function such as the CTO. This will allow Coca-Cola to respond to the arrival of new technology and ideas without the need to enlarge the executive team.
While the conceptual “IoT future” and all of its use-cases (particularly in the context of Coca Cola) is intriguing, I think this is still “too much, too soon” for Coca Cola to roll out to the extent you are proposing. Without a tried and true technology in existence today, this feels like a too expensive concept to roll out at scale. I think the right move here is for Coca Cola to wait for a first mover to prove out this story, as the risks to security are too high at this point in addition to the cost for Coca Cola amid a slowing soft beverages backdrop.
Great points. It is early for IoT fleet management. It is currently succeeding in smaller organizations, and you’re right, it will probably need a couple of years to cross the chasm from early adopters to the majority. If you’re interested in the topic check out some of Samsara’s customer use cases: https://www.samsara.com/customers/cowgirl-creamery. https://www.samsara.com/customers
Minority interest can be extremely powerful when wielded by a industry behemoth such as Coca-Cola. Rather than forcing companies to adopt a specific piece of equipment, they could set standards for technology expected to be met within a certain time frame – that would incentivize the distribution companies to meet the standards or lose the contract to a hungry competitor ready to work with Coca-Cola. That being said, Coca-Cola would have to prove the advantages of said technology – for instance the dash cam provides a trucking company insurance against other bad drivers on the road and possibly improves their own driving records. Without a monetary, possibly contractual incentive as well as a proven technological advantage, Coca-Cola will have to rely on just their strength as a market giant to change industry standards.
While I can see the benefits of integrating IoT into their fleet, IoT is still in its early stages and like most early stage technology would require constant investment to improve and stay up to date to the point where it becomes a significant competitive threat. I agree with Samir that Coca Cola is probably not the best player to do this and I dont see the competitive advantages overcoming the heavy investment and competition that they will face from the big logistic players. I also feel that Coca Cola is probably aware of this and I see this IoT piece as a clever marketing ploy to create some PR and showcase that Coca Cola is cutting edge in their technology solutions.