Is a Cyber Breach on Your Holiday Wish List? | The Internet of Things (IoT)

iot-image

The holiday season usually means new tech gadgets for everyone to tap, swipe, click, and download.  Most people who unwrap a new iPhone, MacBook, Smartwatch, Fitbit, or game console probably aren’t considering the ramifications of connecting those devices to the Internet and setting up new user accounts filled with their personal information.  Unfortunately, we live in a time where have to, or at the very least, should.

The Internet of Things (IoT), which is essentially comprised of any device that can connect to the Internet, exposes consumers and companies alike to cyber risks that are both difficult to identify and challenging to mitigate.  Many of these devices become part of a person’s everyday life – and rightfully so – as they could offer convenience, comfort and safety.  However, people are not only using them at home.  They are also bringing them into the office, connecting them to the company network and never thinking about the potential vulnerability to the organization and its customers.

Gartner Inc. forecasted that “6.4 billion connected things will be used worldwide in 2016.” They expect that number to grow to 20.8 billion by 2020. With these numbers in mind, companies must be extremely proactive in their approach to defending their networks against “rogue” devices.  Any hole in security potentially opens millions of records up to a cyber breach, can cause business interruption, supply chain issues, revenue loss, reputation damage and even property damage or bodily injury.  Imagine particularly malicious hackers who decide to tamper with medical equipment, power grids, GPS-controlled automobiles or aircraft, etc.  With all of the devices connected to the Web, they are all accessible.

While it may seem almost impossible to defend against the exposures presented by the IoT, it is critical that organizations identify them when assessing cyber risk. As with all cyber risk, the burden of risk mitigation does not fall onto IT alone.  In addition to an expert review of your organization’s insurance policies, the C-Suite should consider an Enterprise Risk Management (ERM) approach to identifying, qualifying and quantifying cyber risk, and determine mitigation strategies to thwart exposures such as ones presented by the IoT.  Enterprise Risk Management is there to reduce surprises, increase certainty and awareness, and document steps taken to mitigate exposures.

The Internet of Things shows enormous potential for better connecting people and monitoring/controlling machines, but the risks cannot be ignored.

For more on Enterprise Risk Management, please visit the ERM section of our blog or see an article I co-authored with our Managing Principal, Albert Sica, “Cyber Strategy and Enterprise Risk Management (ERM).”

Click here to request more information about The ALS Group or if you have questions regarding cyber risk mitigation strategies.

Our areas of expertise include:

  • Enterprise Risk Management (ERM)
  • Cyber Security & Cyber Liability Insurance
  • Construction Management
  • Customized Risk Management Assessments (RMAs)

Subscribe to our articles

blog posts form
Form Submission Response

Dear [field id="name"],

Thank you for subscribing to The ALS Group articles! We are so excited to have you on board and look forward to providing you with valuable insights, risk management advice, and industry news.

As a subscriber, you will be the first to receive our latest blog posts straight to your inbox. In addition to the blog content, we have a wealth of resources on our website that we believe will be useful to you.

If you have any questions or require any risk management advice, please contact Albert Sica, Managing Principal, at [email protected] or at 732-395-4251.

Thank you,

The ALS Group

Skip to content