My brother can’t function in the morning until he has a cup of coffee. So I use his daily routine as an example.
Picture my brother stumbling down to the kitchen one morning only to find his internet-enabled coffee maker won’t work. There’s a message on his iPhone: “We have taken control of your coffee pot and unless you pay $5, you won’t have your coffee.” This actually hasn’t happened. At least, not yet.
I have been talking about the security threats to common household items connected to the internet – that is, the Internet of Things (IoT) – for several years now, and unfortunately, every other dire warning has come true so far. Upper management has to take greater notice of risks exposed both in the products they produce and the products that they use and take action to mitigate those risks. Recent events underscore this need.
Two years ago an internet-enabled refrigerator was commandeered and began sending pornographic spam while making ice cubes. Baby monitors have been turned into eavesdropping devices and there are concerns about the security of medical devices, such as computerized insulin pumps. In October, thousands of security cameras were hacked to create a massive Distributed Denial of Service (DDoS) against Dyn, a provider of critical Domain Name System (DNS) services to companies like Twitter, AirBnB, etc. Then there is the recent disclosure of CIA tools for hacking IoT devices, such as Samsung SmartTVs, to turn them into listening devices. These are only a few examples highlighting the threats.
Doug Criscitello, Executive Director of MIT’s Center for Finance and Policy
From The Hill
As we move beyond the widespread acceptance and use of online banking and trading platforms and push further into an increasingly digital financial marketplace, consumers face new forms of risk—namely, cyber risk—that would have been unfathomable previously. When confronted with risks that could be financially devastating, consumers are driven to mitigate and insure against such perils. Has the time come to purchase insurance for financial cyber risks?
Rational consumers seek to prevent, minimize or avoid adverse financial outcomes by purchasing insurance to protect against actual and perceived risks they can’t easily afford. Insurance essentially serves as a risk management and wealth preservation tool. However, consumers realize that it doesn’t make sense to purchase insurance when the cost of coverage is so high that they will pay substantially more in premiums than expected losses. In other words, they decide that self-insuring is the more cost-effective alternative.
Individuals today are increasingly concerned about their online security but don’t have a clear understanding of the amorphous yet perilous risks they face. In response, new consumer-directed insurance products are being offered to guard against cyber attacks.
A few years ago I was working with a small consulting firm, and one of our up and coming salespeople left for a competitor. No big deal. It happens. But several months later, the management team noticed a disturbing trend. The company kept losing bids for new business to this very same competitor. It had happened four times in a row when finally we realized that we’d forgotten to turn off the former employee’s network access. He had been logging into our network, stealing our information, and then undercutting us. Read More »