Lloyd’s publishes report on the cyber risk of IoT devices

By William Girling
Share
In collaboration with CyberCube and reinsurer Guy Carpenter, Lloyd’s has summarised the cyber risk inherent to IoT devices within modern industry...

The report, The Emerging Cyber Threat to Industrial Control Systems, is a 34-page document exploring the real-world dangers and damages that cyber attacks on enterprise digital technology could result in.

Cyber risk, Lloyd’s highlights, is a continually moving target and the importance of insurers both understanding it and keeping pace with clients’ evolving exposure profiles is paramount.

The risks of digital transformation

Lloyd’s is particularly cautious of the closer integration of IT and OT (operational technology), which could have dire consequences in the industrial and manufacturing sectors if attacked, particularly as processes are automated.

CyberCube and Guy Carpenter assisted by conducting analyses of attack scenarios from the perspective on four industries: manufacturing, shipping, energy and transportation. Among the trio’s key findings were the following:

  • The overall risk of cyber-physical of ICS (industrial control systems) is increasing 
  • Despite this, the perpetrator/s of such an attack would likely require nation-state-level resources
  • In addition to property damage and potential loss of life, a cyber attack on ICS could also incur significant remediation costs to diagnose the incident and prevent further instances
  • The widespread adoption of cloud technology and “smart manufacturing” techniques will only serve to exaggerate cyber risk going forward

A push to improve insurance coverage

The report’s findings give a clear insight both into the dangers of digital technology and the avenues that insurers can explore to protect them.

“The Lloyd’s market is advanced when it comes to insuring cyber risks and it is therefore vital Lloyd’s syndicates underwriting this class of business have the ability to analyse their portfolios against the most sophisticated and technologically advanced risk scenarios,” said Kirsten Mitchell-Wallace, Lloyd’s Head of Portfolio Risk Management.

Pascal Millaire, CyberCube’s CEO, added, “The potential for a major ICS attack is all too real today given several real-world examples of such attacks. As we roll out hundreds of billions of additional IoT devices, it will become even more important in the future and could eventually become a systemic risk for the global economy.”

Finally, Jamie Pocock, Head of GC Cyber Analytics – International at Guy Carpenter, stated, “A major ICS attack could impact a broad range of industrial businesses and classes of insurance. As these attacks cross the divide between information technology and operational technology, they could conceivably involve significant property damage and loss of human life. 

“The key is continued research, surveillance, and risk selection to help improve underwriting standards and portfolio management.”

Share

Featured Articles

US Bank and One Inc Unite to Reshape Insurance Payments

Move aims to streamline claims processing through digital network, as insurers seek to modernise transaction systems amid rising digital payment adoption

Insurance Software Provider Fadata Expands Global Presence

Fadata opens offices in Malaysia and Peru as part of global growth strategy to deliver 24/7 support for insurance clients using its INSIS core platform

Top 10: Sustainability Leaders in InsurTech

This week's top 10 shines a spotlight on some of the insurance world's most sustainable practitioners, including execs from Convex, Previsico and Allianz

Allianz: Insurers Focus on Growth Despite Compliance Hurdles

Digital Strategy

Insurers Face Legacy System Exodus as Climate Risk Grows

Technology & AI

Study: Cyber Breach Recovery Times Exceed Insurance Coverage

Technology & AI