IoT gadgets are raising the threat of attacks and breaches to industrial and manufacturing businesses.
Internet of Things (IoT) devices are raising insurance industry cyber risk, according to a new Lloyd’s report published in conjunction with CyberCube cyber analytics specialist, and Guy Carpenter reinsurance broker.
As digital threats become increasingly complex, insurers are warned to better understand emerging risk.
The Lloyd’s report was titled “The Emerging Cyber Threat to Industrial Control Systems”. It outlined the need for insurers to better understand the evolution of threats and how this sophistication changes insurance industry cyber risk. It underscores the need for insurers to keep up an understanding of these threats in order to maintain pace with their clients’ data breach insurance exposures.
Though data breach and digital attack threats have previously been considered a low risk for the physical market, this trend has changed due to the IoT, said the report. Until now, non-physical losses have comprised the majority of cyber perils. However, according to the Lloyd’s report, physical risks are quickly evolving into an industrial business concern. A slew of recent high-profile breaches has only underscored that threat.
The rise in insurance industry cyber risk comes alongside the fusion of IT, OT, and automation.
Information technology (IT), operational technology (OT), and automation are increasingly combined to improve efficiency and accuracy in industrial and manufacturing businesses. That said, with the rising sophistication of cybercriminals, the report highlights the importance of having insurance and reinsurance companies carefully consider the nature and size of future losses.
The insurance industry cyber risk will be greatest in four key industries, according to the report. These are: manufacturing, energy, shipping, and transportation. It went into substantial detail, assessing precedent for attacks and breaches and their potential impact. The report took aim at three main possible scenarios where hackers could attack, in order to point out the areas of heightened and growing potential for insured losses. These were targeted supply-chain malware attacks through a breached device manufacturer (compromising the manufacturer’s products ahead of distribution), a targeted attack exploiting popular IoT device vulnerabilities in industrial settings, the infiltration of the “air gap” between industrial IT networks and the OT.