Cyber resilience key as ‘internet of things’ spreadsPosted On: Apr. 25, 2018 2:52 PM CST
“Internet of things” devices are increasing companies’ cyber risks, says Marsh L.L.C. in a report issued Wednesday.
“Many security experts believe that smart devices are creating a wave of vulnerabilities because they often lack strong — or, in some cases, even basic — security features,” says the report, The Internet of Everything: Building Cyber Resilience in a Connected World.
Regulators are also beginning to take note in the United States and elsewhere, says the report.
Companies involved with internet of things devices should consider potential cyber exposures including liability due to alleged design or manufacturing defect; connectivity failures; security failure; and providing internet of things product services. They should also consider extortion demands against customers or the company and regulatory investigations, fines and penalties, the report says.
Other risks for companies that deploy or use internet of things devices may include data breaches, business interruption and extra expense, data restoration, extortion, property damage and bodily injury from an alleged security vulnerability or privacy breach, the report says.
The report says when reviewing insurance policies and cyber event response plans, companies should consider whether the organization has quantified potential losses from an internet of things-related cyber event; whether their insurance policies provide sufficient coverage for an internet of things product’s maintenance or servicing failure; whether the coverage includes ransom demands stemming from the company’s security or service failure; and whether the insurance coverage adequately protects the company from any increased cyber exposures from internet of things devices.