The recently released study by PWC has identified Cybercrime as 2016’s second most reported economic crime. Organizations believing they may have minimal exposure or immunity to cyber risk is unfortunately wishful thinking thanks to the “Internet of Things” (“IoT”). Firewalls, security rules, and best practices may protect you against conventional security vulnerabilities, but the periphery devices that make up the internet of things open up a new set of cyber risks.
Everything from mobile and wearable devices (i.e. Apple Watch) to our cars and TVs are internet or Bluetooth ready. Essentially any internet enabled device able to collect or transmit data is included in the definition of “Internet of Things”. All of these periphery devices present unique risks due to their many exploitable vulnerabilities and apparent lack of any real security.
Most companies have or are developing detailed disaster recovery and incident response plans to mitigate their cyber risk. Not only are these plans a necessity but they are often required by insurers and investors. However, not many of them account for “The Internet of Things” and may overlook the associated risks.
New technology is useful for increased productivity and communications and make work/life more convenient, by no means are we suggesting that companies should limit their use of new tools, but rather consider security measures from all angles and employees should be made aware of the risks their devices introduce.
What should an organization do to limit their IoT exposure?
While there is no bulletproof solution to IoT risks, as they say the first step in solving a problem is realizing that you have one. Identifying the risks IoT presents to your organization is critical to the success of your risk mitigation plan. Part of our Risk Management Assessment is to surface the risks our clients face and provide strategy to mitigate those risks.
A combination of best practices and insurance coverage is the foundation to a successful mitigation plan for all risks, including cyber related ones.
Click here to request more information about The ALS Group or if you’d like to us to perform a Risk Management Assessment.
