Key takeaways from Marsh's 'The Internet of Everything' report
The latest report from Marsh notes that the rise of IoT devices is changing the cyber risk landscape — and not necessarily for the better.
The power of the internet is felt all around the globe. Through a number of devices, we are more connected than ever — to both the positive and negative aspects of technology’s reach.
According to an Oliver Wyman report, between 50 billion and 100 billion devices are expected to be connected to the internet by 2020. Internet of Things (IoT) products are physical devices or objects that can connect to the internet in a number of ways. Everything from your cellphone to your refrigerator can be connected, and with it comes valuable data.
The latest report from Marsh, The Internet of Everything: Building Cyber Resilience in a Connected World, notes that the rise of IoT devices is changing the cyber risk landscape — and not necessarily for the better.
As technology continues to accelerate, so too will the risks. Staying ahead of such risks means staying informed about the cyber landscape. With this in mind, here are 3 key takeaways from Marsh’s latest report.
Related: RIMS/Marsh survey: Risk management isn’t keeping up with technology risks
Prepare for regulatory changes
Since cyber attacks have risen in frequency and damage, lawmakers have taken note and attempted to curb future attacks. In 2017, bipartisan legislation was introduced in the U.S. Senate to improve the security of Internet-connected devices. Among other things, this legislation would require IoT vendors doing business with U.S. government to ensure their products meet various security requirements.
Companies that design, develop, manufacture or service IoT devices or products should consider a variety of potential cyber exposures. These include liability due to alleged design or manufacturing defect, liability due to a connectivity failure and liability due to security failure, among others.
Related: Huge fines await companies unaware of GDPR’s broad scope
Limit your exposures
Companies that deploy or use IoT devices may be subject to cyber risks as well, such as data breaches and extortion. With regulatory changes on the horizon, companies should consider consultant insurance advisors to assess their IoT cyber exposures and review their cyber and errors and omissions policies.
When reviewing your insurance policies and cyber-event response plans, consider the following questions:
- Has your organization quantified the potential losses from (or costs of) an IoT-related cyber event?
- Do your insurance policies provide sufficient coverage for a failure in the maintenance or servicing of your IoT product, such as software updates, service packs, patches and other maintenance releases?
- Does your cyber extortion coverage include ransom demands made of customers stemming from your security or service failure?
- Do your cyber, property and general liability policies and plans adequately protect your company from any increased cyber exposures from IoT devices?
As the cyber landscape continues to evolve, companies must be constantly vigilant for the ever-changing risks and exposures that will arise as a result. There will always be those looking to exploit data, but companies must make sure they’re doing everything they can to not help their cause.
Related: Here’s what the latest New York cyber regulations mean for P&C insurers