Cybersecurity in the Spotlight: Global Initiatives, Evolving Threats, and the Safety Net of Insurance

The Growing Importance of Cybersecurity

Cyber threats are on the rise.

Elderly fraud is increasing due to new scam methods. At the same time, there are growing fears of complex cybersecurity attacks from adversaries like China or Russia. With the evolving sophistication of things like AI deepfakes, there are more avenues for bad actors to take advantage of cyber vulnerabilities. With more cyber threats, we need more cybersecurity. Walt Zerby said in a recent podcast: 

"We're going to talk about a little topic called cybersecurity. this, my gosh, this, this thing seems to be completely coming full speed now. We've been talking about cybersecurity for years, but I think, I think it's really a focus now in the world, and a focus in our community and something that we need to be really abreast with"

In this article, we’ll outline the global state of cybersecurity, different regions’ initiatives and the importance of insurance. To learn more, listen to the CEDIA podcast episode, Cybersecurity Exposure, Global Gov't Programs, Insurance & More.

Cybersecurity Threats: A Global Overview

UK cybercrime statistics reveal that over 560,000 new cyber threats are discovered daily. In 2023, UK businesses faced approximately 7.78 million cyberattacks - with 50% of UK businesses reporting cyberattacks or security breaches in the past year. 

The problem isn’t limited to the UK. It’s a global issue. Statistics show that nearly 1 billion emails were exposed in a single year, affecting 1 in 5 internet users. In the US, half of all internet users had their accounts breached in 2021. Yet, most US organisations have no insurance against cyberattacks.

Despite the volume of cybersecurity challenges, you can mitigate against most risks. Almost all (97%) of the UK cyberattacks and data breaches could have been prevented if the businesses had modern comprehensive cyber services in place.

The growing number of Internet of Things (IoT) devices makes networks vulnerable. However, Smart Home Professionals can protect against this by ensuring devices are secure. It’s also important to educate people about phishing. If a homeowner opens a false link in an email, they could put their connected smart home at risk. Increasing consumer awareness about cybersecurity challenges is vital.

“The largest majority of attacks remain simple phishing or spear-phishing attacks, exposing individuals and their networks."

US Cybersecurity Programs

The Federal Communications Commission (FCC) has a U.S. Cyber Trust Mark program for wireless consumer IoT things. This is a voluntary labelling program for IoT products. If manufacturers sign up and meet the qualifying cybersecurity standards, they’ll carry the U.S. Cyber Trust Mark. This label helps consumers make informed purchase decisions.

As soon as the FCC approves a product, companies can include the program logo on their products, along with a QR code that consumers can scan for further details about the item’s security. Consumers want to know that the devices they bring into their homes are safe. Joining this scheme is a great way for manufacturers to show customers that they can trust them.

"The Trust Mark is a tool consumers can use to ensure they are buying devices designed with security from the outset."

Cybersecurity in the EU and UK

In the EU and UK, cybersecurity standards are compulsory. If a product doesn’t meet the security protocol, it can’t be sold. There isn’t an equivalent of a voluntary scheme like the US’s Trust Mark.

The UK Product Security and Telecommunications Infrastructure regime (also known as the PSTI Act) came into effect in April 2024. All businesses anywhere in the supply chain of these products must be compliant with this legislation.

“In the UK, products must disclose how long they will receive security updates, enabling consumers to make informed decisions."

In the EU, any device with connectivity must comply with the Radio Equipment Directive (RED). Among other things, this directive covers the technical features required for the protection of privacy, personal data and against fraud.

The Role of Insurance in Cybersecurity

With threats increasing, cybersecurity insurance becomes even more important. 

Cyber liability insurance is vital for businesses so that they’re financially protected if an attack occurs. It’s also something that integrators should invest in. The right insurance will protect integrators against losses caused by a hack on a smart home system.

Data breaches can occur because of weaknesses in IoT devices you’ll find in smart homes, such as smart thermostats. Insurance will cover forensic investigations and legal reviews after breaches like this. So, if a faulty installation leads to a compromised IoT smart home appliance that gives hackers access to a wider network and then causes a data breach, integrators will have a policy that will protect them. However, despite the importance of cybersecurity insurance, few businesses have it.

"Only 17% of businesses in the US have cyber insurance, and 48% only purchase it after their first attack."

The Future of Cybersecurity: Collaboration and Education

Although the US, UK and the EU have different policies, cross-border collaboration is essential to create uniform standards across the smart home industry. When manufacturers comply with every legislation, they open themselves up to the global market and maximise security.

Beyond the product manufacturers, it’s also on smart home integrators to install systems securely. Plus, consumers need to take on security advice and best practices. A system will always be vulnerable if the password is 123456. Good cybersecurity requires everyone in the supply chain and every user to be committed to making things safe.

 "Cybersecurity must be seen as a team sport, with integrators, manufacturers, and consumers playing a role."