(Excerpt from my book “Stone Tablets to Satellites: The Continual Intimate but Awkward Relationship Between the Insurance Industry and Technology”, published June 2022 by Wells Media Group, Inc.)
The cloud provides the infrastructure for many of the new risks that have emerged on the landscape of risk. An increasing number of emerging risks that will eventually appear on the risk landscape in the years to come will exist only because of the cloud, its concomitant applications, and the amplification of those risks from wireless technologies and their applications. These cloud-and-wireless-enabled risks represent ‘chaos in the cloud.’
Here are three examples of ‘chaos in the cloud’ risks shown on the landscape above. P&C insurers need to consider whether to provide insurance coverage; the terms, restrictions, and conditions of providing insurance coverage; and how to provide and service insurance coverage in a manner that is customer-centric for each of them: cyber risk, deepfakes, and ‘smart’ homes.
Cyber Risk
There is a well-known saying “that there are only two things certain in life: death and taxes”. The statement should be amended to state “that there are only three things certain in life: “death, taxes, and cyber risk.”
As a society we arrived at this inflection point several years ago when we eventually created wireless networks several years ago that were deployed with other technologies.
More specifically, cyber risk is the culmination of several technologies and their applications being used together: digitization, computers (storage and compute capabilities), the Internet, the World Wide Web (aka the graphic user interface for the Internet), cloud deployment, and wireless networks.
Our society has reached a point-in-time where there are an ever-expanding number of mobile, web-accessible devices that permeate increasingly more aspects of our personal and corporate daily lives including but not limited to: mobile telephones, mobile tablets, mobile laptops, entertainment centers in personal and commercial vehicles, home appliances, corporate facilities, farms, sports and other entertainment venues, medical equipment, and drones or other robots.
Every web-accessible device – regardless of its location, being stationary or in-motion, or in use by people or businesses – is at risk of unknowingly being hacked to operate in a manner that the owner (or manufacturer of the device) does not want or intend, held for ransom, opened to expose the private information of the owner, or used as a component of a much larger hub of web-accessible devices to deny web-based services, or turned into a non-functioning device (i.e. turned into a brick).
Cyber risk is the set of risks of web-accessible devices or web-accessible services (i.e. mobile apps, tele-health, deepfakes, IMs) being used for nefarious purposes.
Deepfakes
This risk is a type of cyber risk but deserves its own place on the risk landscape. It is as dangerous as any other cyber risk. It wreaks havoc on a user’s visual and audio senses. It misleads a viewer to mistakenly believe that someone they know, whether alive or dead – a family member, friend, or celebrity of some type – is making a statement when in fact that person is not making the statement at all.
What is a deepfake? Wikipedia defines a deepfake: “Deepfakes (a portmanteau of “deep learning” and “fake”) are synthetic media in which a person in an existing image or video is replaced with someone else’s likeness. While the act of faking content is not new, deepfakes leverage powerful techniques from machine learning and artificial intelligence to manipulate or generate visual and audio content with a high potential to deceive.”(Deepfake, 2021)
Deepfakes are essentially a visual virtual assistant that has gone rogue. As the emerging metaverse becomes more populated with digital avatars and other digital assets, there will be a growing number of deepfakes committing fraud and thievery within that environment as well as ‘looking’ for cyber hooks to accomplish the same objectives in the metaverse participants’ real lives.
(I was wrong about the growth of the metaverse. Just like Second Life, it was less than a novelty. – Comment added October 17, 2023)
’Smart’ Homes
’Smart’ Homes are also a type of cyber risk. Consider the definition of ‘smart’ home from Investopedia: “A smart home refers to a convenient home setup where appliances and devices can be automatically controlled remotely from anywhere with an internet connection using a mobile or other networked device. Devices in a smart home are interconnected through the internet, allowing the user to control functions such as security access to the home, temperature, lighting, and a home theater remotely.” (Hayes, 2021)
The ‘control’ of the appliances and other devices in the home could very well be hacked or otherwise taken over by malicious actors to:
- Invade the homeowners’ privacy, including viewing or speaking to the homeowner’s baby through a web-accessible baby monitor
- Shut a device off when it should be off, or turn it on when it should be off, including locking the front door at a time the homeowner wants to enter their own home or unlocking the front door when the homeowner is sleeping to facilitate robbing or murdering the homeowner
- Transform any of the web-connected devices in the home into a unknowing participant within a larger hub of devices for larger cyber-attacks on other homes with web-accessible devices or on companies for theft or other illegal purposes.
A ’smart’ home, if not properly secured, can become an opportunistic ‘smart’ point of entry for malignant actors wanting to commit cyber-crimes against the homeowner, other people, or companies.
(In my first book, I also discussed IoT to some degree but will delve into them further in my forthcoming book about the insurance industry and technology.)
Rabkin's Opinions 