Manufacturing facilities taken offline by malware.1 Children's toys spying on people in the safety of their own homes.2 Hospitals refusing patients because critical medical equipment is rendered useless.3 Thousands of homes left powerless after a cyber attack on a local utility.4
Hollywood action movie plots? No. These are real news stories from communities just like yours.
The underlying culprit of all of these alarming scenarios is the failure to govern and manage the risks of the Internet of Things (IoT), the billions5 of consumer and industrial devices that are now online—your cell phone, your refrigerator, your car, your heart monitor, the electrical grid that powers your neighborhood, and much more.
As companies seek competitive advantages through deeper data insights, consumers demand smart technology in everyday products, and organizations continue to increase reliance on interconnected technology, the IoT is poised for exponential growth in nearly every industry and marketplace. By 2020, Gartner expects to see 20 billion internet-connected things and predicts 65 percent of enterprises will have adopted IoT products.6
However, you cannot realize the business opportunities of the IoT without managing the risks inherent in such a complex and connected ecosystem. As such, the need to govern connected products, while incorporating risk management, is incredibly high. Failure to secure IoT devices while incorporating risk management could prevent you from delivering services, protecting sensitive data, or even keeping customers safe. A single exploit can tarnish your reputation and damage consumer trust. But although 32 percent of IT leaders surveyed by Gartner cited security as a top barrier to IoT success,7 KPMG research found that 46 percent of companies are adopting IoT technologies without even assessing the associated risk.8
How can an agile risk and governance drive program value, enabling companies to tap into the tremendous market opportunity for connected products?
In the following pages, our KPMG team of experienced technology risk specialists detail a leading practice IoT governance approach featuring specific, risk-focused measures around the strategy, delivery, and operations of a connected device program. We are confident this approach—which has been tested in major organizations around the world—can help your company design, develop and deploy connected products in a more efficient, cost-effective, responsible and sustainable manner.
"There simply isn't much guidance for organizations to follow about protecting the IoT. While certain trade and sector groups have published best practice guides or created security frameworks, most business leaders find these recommendations difficult to apply in their own companies—especially those in highly regulated industries like healthcare. Effective program governance can help fill this void and tailor to the specific needs of an organization. A strong and responsive governance foundation allows organizations to responsibly harness and unleash innovation, such IoT products, to create new paths to value."
U.S. Digital Risk Solution Leader,
Emerging Technology Risk Services
For more information, download the full report below.
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.