Many exciting TV shows and movies include hacking as standard fare - overriding security systems, changing traffic lights, causing explosions, even committing untraceable murders. Hacking makes for interesting entertainment. The frightening part? It's all possible.
The digital connections in our world are multiplying faster than we realize. It is difficult to even think of anything that cannot be connected. Connected cars and connected homes are advancing by leaps and bounds. Livestock such as cattle and sheep are tracked electronically, and your dog or cat may have an embedded chip. Even bees are being outfitted with tiny RFID backpacks. Roads, buildings and transportation systems are beaming real-time information to servers in the cloud. The rapid rise of wearables, hearables, implantables and personal medical devices means that an increasingly large number of people are connected.
The increasingly connected world provides terrific opportunities to improve life on earth. But with opportunity often comes threat - in this case the threat of hacking. And the facts are scarier than the fiction.
The word "hacking" conjures up images of millions of credit cards being stolen from banks or retailers, or perhaps the stealing of corporate secrets or even cyber-espionage between countries. Insurers have been at the forefront of this battle, designing cyber risk coverages and policies to help individuals or businesses address the financial exposure of hacking. But the connected world increases the hacking potential in incalculable ways. Here are just a few examples of other existing vulnerabilities:
- Connected Cars: Wired magazine hired two hackers to demonstrate how a Jeep Cherokee could be hacked. The hackers showed that they could take over simple tasks like locking or unlocking doors, and could also take over the steering wheel and drive the car over an embankment.
- Toys: The new Hello Barbie Doll is connected to the Internet and can be hacked to listen in to the conversations in your home.
- Laptops and Smart TVs: Bad guys can remotely take over the camera and audio for these devices to spy on the laptop user or anyone viewing a Smart TV.
- Medical Devices: Insulin pumps and other medical devices can be hacked to alter their treatment. For example, the insulin dosage can be changed, resulting in insulin shock and even death.
- Wearables: Connected watches, shoes and health monitoring devices are notoriously exposed, especially because they often collect very private, personal information.
Fortunately many of these incidents were the work of white hat hackers hired to expose weaknesses. Unfortunately, most of the exposures still exist, and every new chip, sensor and connected device becomes a target. There are several key implications for insurers and individuals:
- Cyber risk insurance must greatly expand. The industry has done a yeoman's job thus far in helping to address financial exposures. But now, whole new classes of cyber threats must be evaluated and addressed.
- Loss control must increasingly consider cyber safety. Individuals and businesses need advice on how to protect their valuable digital information, related to both traditional and new sources.
- Insurers must consider their own growing cyber vulnerabilities. As companies employ drones, IoT devices and wearables for employees, they must understand and address the potential exposures from theft of the related information.
- The industry must actively participate in cyber initiatives. New technology defenses, law enforcement approaches and regulation will all play a role in thwarting hackers. Insurers should provide expertise, investment and support to advance important initiatives.
It's an exciting time to be alive. And it's an exciting time to be in the insurance industry. Technology, with all of its benefits, is advancing fast - but faster than we can regulate and manage it.
New risks and threats from connected devices definitely exist. But connected devices also provide great opportunities for the insurance industry to play to its strength - protecting valuable assets, promoting safety and providing peace of mind to individuals and businesses alike.
