Cyber Attack Space Elements (Selective)

Posted on by Barry

This blog post is just a “thinking out loud and writing it down” blog post about cyber attack space(s).

Here are some of the elements of the cyber attack space:

  • Enterprise IT-created / enabled business / system processes (or certain activities of those processes) are connected to the web;
  • Mobile devices become “smart” and, as an attribute of existence, are connected to the web;
  • Mobile apps explode in number (and, through the “smart” mobile device they are installed on, are connected to the web);
  • Physical devices are embedded with telco capabilities (e.g., IoT devices) and are connected to the web; [Physical Devices = Medical Equipment; Industrial Equipment; AVs; EVs; ADAS (Advanced Driver-Assistance Systems); Home “Smart Appliances”; Drones; Robots; AR Goggles; ?]
  • Enterprise IT-created /enabled processes (or certain activities of those processes) are deployed in the cloud and so, are connected to the web;
  • Enterprise OT- created / enabled industrial processes (or certain activities of those processes) are connected to the web;
  • Enterprise OT-created / enabled processes (of industrial equipment) (or certain activities of those processes) are deployed in the cloud, and so are connected to the web;
  • Animals with IP-sensors attached to them, or embedded in them, and as an attribute of existence, are connected to the web;
  • Insects with IP-sensors attached to them, or embedded in them, and as an attribute of existence, are connected to the web; and
  • People with IP-sensors attached to them, or embedded in them, are connected to the web; and
  • Medicine (swallowed by people) with IP-sensors in them are connected to the web.

I believe there will continue to be a growing number of each of the above connected to the web – new versions of some of them connected every minute or quicker. And, as the number of instances of the above increase, the cyber attack space will also expand in multiple dimensions and multiple directions.

I think insurers and enterprise risk managers (inclusive of CISOs, CSO, and the risk managers) need to keep in mind not just the specific, individual components above but the reality of the never-ending, always-expanding interconnections and interdependencies among and between the various components above.

Cyber risks are not anything like the risks that the insurance industry has faced through the thousands of years of its existence.

1 thought on “Cyber Attack Space Elements (Selective)”

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.