Tips for managing your business’ IoT risk

The “Internet of Things” (IoT) is a revolution with the potential to improve industrial and business efficiency, customer satisfaction, and company profitability. But with new technologies come unfamiliar business risks — risks that must be managed and mitigated.

The IoT consists of a wide variety of data collecting and control sensors that are connected to the internet. These include thermometers, cameras, GPS devices, security devices, sensors and a host of other “smart” devices. The applications for IoT in business are rapidly expanding.

As valuable as IoT systems are, they are also vulnerable. When a device is hacked or fails, there’s usually a business — and sometimes a human — cost to pay. Just a few examples are:

• Cyber security breach — IoT systems may use sensitive data or control important functions — such as a computer network, an electrical grid or online retail shopping system. Hackers target and breach these with the intention of stealing data — often disrupting business for days and opening the company up for legal action.

• Product loss — Incorrect temperature data might mean that perishable goods are spoiled, which creates financial harm and possible injury to customer relationships.

• Manufacturing defects — An IoT error could lead to production glitches which often take some time to detect. If sub-standard products or parts end up in the marketplace, it can subject both the parts and the product manufacturers to financial and legal exposure.

• Property damages — An alarm or sprinkler system malfunction can result in damage to business facilities and content losses.

• Human cost — Bad data in the medical sector can have disastrous patient privacy or even mortality consequences. An IoT failure or hack can open a healthcare system to onerous liabilities as well as to long-lasting reputational damage. 

1. Treat IoT devices as you would any other network-attached piece of hardware. Conduct regular tests to verify the security of the equipment. And remember that IoT devices could be the weak entry point into your wider network.
2. Get risk advice from your broker, where available. An IoT project may present completely new and unfamiliar types of risks to your business. A qualified insurance representative may be familiar with the particulars of what threats to look for.
3. Update your business insurance to cover IoT risks. Consider all the risks an IoT project presents and establish what may not be covered by existing policies. For example, even if you already have cyber coverage, it may not be sufficient to mitigate some of the IoT risks you identify.