Leadership Series: Kate Kidd

For executives and operations leaders, autonomous robots and “Physical AI” are moving from single instances into enterprise-scale deployments, which is prompting a new set of questions: What data do robots capture, where does that data live, how can it be accessed, and how can you keep data connections secure?

In this Q&A, Helen Dwight sits down with Kate Kidd, VP Product to focus on a critical slice of the broader security conversation as it relates to autonomous floor care robotics: data security and privacy. We outline a practical, executive-friendly introduction built around common questions we’ve been asked on topics relating to risk and control: the robot itself, navigation, connectivity, and remote access management.

The result is a clear message for executives and operations leaders: Physical AI introduces new considerations, but with the right architecture and operational controls, enterprise deployments can be designed to be secure, auditable, and aligned with modern procurement requirements.

Top Security Considerations for Commercial Service Robots

An Interview with Kate Kidd, Vice President of Product at SoftBank Robotics America.

Helen Dwight (Helen): Welcome Kate. Thank you so much for joining me here today to discuss the extremely important topic of security as it relates to the use of Physical AI and more specifically autonomous service robots.

Kate Kidd (Kate): Thank you Helen. I’m excited to have this discussion. Security is an extremely important topic especially for enterprise organizations. Since the inception of SaaS, there have been concerns around security and data flows. The explosion of Generative AI has only increased these concerns, which undoubtedly will continue to be a trend moving forward. I am looking forward to talking about this topic in the context of physical AI.

Helen: Physical AI brings new security and safety concerns with its engagement of the physical world. Let’s start our discussion today on the topic of data security.

Kate: For sure. When I hear “Physical AI,” I think AI that can perceive, decide, and act in the real physical world through machines like robots, vehicles, drones, or smart devices.

I think it’s important to break the topic of data security into several parts as it relates to robotics. First, the robot itself, and then how connectivity and remote access are managed. An organization’s risk profile, in general, can change depending on factors such as, whether the robot can be accessed remotely, what data it captures, how data is transferred from the robot, and how the data can be extracted. The robots that SoftBank Robotics America deploys in its automation program, mitigate these risks by design.

The Robot: Data Collection and Storage

Helen: Thank you for the great introduction. Let’s start with the robot. I would imagine that robots capture a lot of data to perform their routine tasks. What data is collected, and how is that data stored?

Kate: As it relates to our robots, our data security strategy focuses on data minimization. What that means is collecting the minimum data required for operation. As an example, our Whiz robot uses a low-resolution camera to assist in static object avoidance. We leverage LiDAR and 3D cameras on the device itself for the purposes of mapping and navigation, but those cameras do not record or transmit images. This is an intentional first step in reducing risk to our customers. We do not use cameras or imaging to capture any more data of the environment our robots are operating than is necessary for the performance of the task.

Minimal data is stored locally on the robot. Only the maps, operational data from the previous run, and various sensor data to enable navigation, are stored. Most of the robot’s data is stored in the cloud where we apply multiple layers of security. This operational data includes metrics like runtime duration, efficiency performance, data on which exact areas were covered by the robot, and so on. All of this is securely accessed and managed via SoftBank Robotics Connect.

I should point out that SoftBank Robotics America is not an OEM. Our expertise is in enterprise robotic integration and orchestration. We go through rigorous testing and evaluation to make sure the most appropriate solutions are available to customers. Therefore, any robot certifications are typically decided before we onboard the solutions.

All our solutions are ISO 27001 compliant.

Remote Access

Helen: How do you operate the robot? Is teleoperation (the use of a device to control robot movement) part of your strategy? I saw a story about an individual accessing thousands of consumer cleaning robots, using a games controller. Could the same happen for commercial cleaning robots?

Kate: I can’t answer for all commercial robots, but at SoftBank Robotics America the short answer is No. At SoftBank Robotics America we have removed the ability to teleoperate any of our robots – primarily because teleoperation can create risk as we saw with the example you referenced at DJI^[1]^[2]. This policy might change in the future, but it would be for limited purpose only, for example, if we wanted to train a robot to perform a new task, such as cleaning a bathroom.

The important point to note is that today, we turn OFF the teleoperation ability and intentionally avoid it because this reduces the attack surface from remote control workflows.

I think it’s important to note that robots are edge-computing devices which means the hardware processes data locally to where the data is generated, instead of sending data to a central cloud or data center. For example, maps are stored locally on the device and backup is conducted by AWS hosted in the US. This means the robots will operate even in the event of internet loss.

Critical decision making for things like navigation, obstacle avoidance or safety logic happens on the robot and not in a centralized remote-control center. Local operation reduces the need for persistent, high-trust remote access paths into the machine.

Navigation

Helen: You mentioned navigation, and clearly the robot needs to ‘see’ where it’s going to perform any task. Aren’t the use of LiDAR and a 3D camera going to be a data security/privacy risk?

Kate: One of the most common questions I get from customers is whether the robot is taking videos of the space it’s cleaning or recording images or using a microphone to listen.

Again – short answer is No. There are no video feeds and no video data available to view with the human eye.

The robot uses LiDAR and a 3D camera for navigation. However, the 3D camera data is not treated as recordable ‘video’. As an analogy, imagine if you opened your phone camera app and it could detect objects, but you do not have the option to record or save the footage. In addition, the output is abstract and would appear to the human eye as blobs and lines. For example, I would not be able to distinguish one plan as an airport lounge and another as a retail outlet, let alone the precise location. For the robot, the same image supports spatial understanding of the area to be cleaned, in the case of floor care.

Our navigation sensor suite is intentionally disabled which reduces exposure in customer environments.

Helen: Could a bad actor access and reverse engineer what the robot “sees” for navigation and therefore get an image of a location?

Kate: To access a robot’s data, a bad actor would need to be physically present. Even if a hacker was present and performed the tasks necessary to access the robot’s data, the process would be extremely time-consuming, and the data recovered would yield limited value.

First and foremost, the robot is not recording or transmitting any visual or video data via its sensors, meaning that a hacker cannot remotely hack into the cloud where a robot’s operational data is stored and gain access to video or sensor feeds.

Given the robot is not transmitting any image data, that means the minimal sensor data is stored locally on the device and overwritten with every task a robot performs. In addition, this is the only “image” data that exists.

If a hacker were to attempt to gain access to the image data that is temporarily stored on the device, the hacker would need to be physically present to gain access to the unique per-device private network as we have locked down remote access to the robot.

The result is a low-risk scenario for hackers to “see” what a robot sees because we have implemented a robust first line of defense (no video feed) and a strong second line of defense (per device network segmentation). Finally, if a hacker were to get through those two layers, the hacker still would only gain access to the data from one robot, not an entire fleet.

And finally, all our robots are password protected for an additional layer of physical security.

Connectivity

Helen: That sounds like a great risk mitigation strategy! Moving our discussion to the connectivity layer. If the ability to remotely access the robots has been intentionally disabled, how do you make operational updates? For example, if you need to swap a map for navigation purposes.

Kate: SoftBank Robotics America uses a secure approach for operational updates. All our Gausium solutions, Phantas, Omnie, Vacuum 40, Scrubber 50 Pro, store maps locally on the robot. Any data synchronization with the cloud is triggered manually. Our control console, SoftBank Robotics Connect, only stores task reports that are automatically sent to the cloud after task completion. SoftBank Robotics Connect does not store map files.

In addition, we have removed remote entry paths, and any updates are carried out using controlled, local cellular network (4G/LTE) procedures.

Helen: Is the robot’s use of a SIM card a potential method of attack for a bad actor?

Kate: Controlling and securing connectivity (including SIM strategy) is part of our broader data security strategy. Fundamentally, if a SIM is tampered with, it is a physical attack and because the SIM card is hard to access inside the robot, any attempt to remove it or replace it would imply that a bad actor is on-site. If a physical attack were to happen, the system would show an alert that the SIM card was missing. The operator would know immediately.

I believe a physical attack is far less likely than a remote cyber intrusion. We use a physical universal SIM card which is designed to create connectivity ‘instances’ across multiple networks simultaneously. This in turn enables the system to select the best available network and, more importantly, rotate or switch networks and profiles in a constantly moving fashion. If you have ever purchased a mobile ticket to an event on Ticketmaster, for example – it’s similar. Even though it’s a physical SIM, it has multi-profile, dynamically switching connectivity which improves resistance to certain attacks. Each SIM card is compatible with AT&T, Verizon, T-Mobile/Sprint, and other US cellular networks.

I should also add that the universal SIM card only connects the robot to the cellular network. It is not a storage device and is not where the maps are stored.

A more realistic cyber risk scenario is the connection between the robot and the cloud. In other words, a bad actor intercepts or compromises the data that is in transit and part of the cloud communication paths. This is the major issue with cloud software currently.

Helen: Let’s address that point. The global cybersecurity market is projected to grow from USD 248.28 billion in 2026 to USD 699.39 billion by 2034^[3]. This is driven in part by rising cyber-attacks. How does SoftBank Robotics America address this issue?

Kate: Our security is anchored in standard enterprise cloud security practices using AWS which means strong encryption and mature cloud-native tooling. We use TLS 1.2 to protect data in transit, and AES 256-bit to encrypt data at rest.

Our standard procedure is to make updates remotely, over the air (OTA) using 4G/LTE cellular networks rather than physically plugging in the robots. OTA is powerful for patching and maintaining fleets quickly, but it increases the importance of strong authentication, secure delivery and encrypted transport – that I mentioned earlier.

Some companies prefer to “throttle” the speed of the connection between the robot and the cloud to make hacking harder. In my opinion, this is fundamentally an awful idea, for a few reasons:

Our robots do not require cellular connectivity to operate locally.
Connectivity is only required for operational reasons such as real-time alerts when robots need assistance and for data flowing to the cloud in a timely manner.

Throttling might marginally make it harder to attack, but it also delays alerts and slows data delivery, which in turn reduces the practical use of the connected program.

At the end of the day, it comes down to customer preference and choice. SoftBank Robotics America is an expert in autonomous robotic solutions, and advising on enterprise scale programs is what we do well.

Helen: As always, thank you so much for your time and insights!

Kate: Thank you!

More Information:

For more information about solutions and services offered by SoftBank Robotics America, please visit the website.

Sources:

[1] The Guardian: The accidental hacker: how one man gained control of 7,000 robots – 2.24.26

[2] CNN World: He accidentally gained control of 7,000 robot vacuums

[3] Source: Fortune Business Insights- https://www.fortunebusinessinsights.com/industry-reports/cyber-security-market-101165#