With recent developments in connectivity, technologies have spurred the adoption of internetconnected "smart" devices for remote sensing, actuating, and intelligent monitoring using advanced analytics and real-time data processing, often referred to as the ‘Internet of Things’ (IoT). The Internet of Things has the power to streamline our jobs, our lives, and ultimately save our company's and society money, but it also brings with it new operational exposures ranging from privacy to property protection. Gartner, Inc. estimates that the IOT, which excludes PCs, tablets and smartphones, will grow to 26 billion units installed in 2020 representing an almost 30- fold increase from 0.9 billion in 2009.1
Stuxnet, a 500-kilobyte computer worm that infected at least 14 industrial sites in Iran, was the wakeup call for many on the potential vulnerabilities associated with connected technologies. However, recent incidents have demonstrated that vulnerabilities still exist, in a world that is more connected than it was in 2010. A German steel factory in 2014 experienced a cyber-attack initiated after system information was obtained as a result of spear phishing, resulting in numerous systems failures that led to the improper shutdown of a blast furnace, causing extensive property damage. Google's Sydney, Australia office building management system was successfully attacked by security firm Cylance, giving Cylance the ability to control all building systems. Consumer products, such as baby monitors, have frequently been the target of attacks, providing access to both voice and video to the cyber attacker.
Risk management is a core business activity of all enterprises, large and small. Safety professionals are often directly responsible for operational risk management or are consulted on operational issues by senior management. Therefore, the modern safety professional must be educated on emerging hazards, the ‘Internet of Things’ being foremost among them. The safety professional must be able to work with "the business" and IT to understand, assess, and manage the risks associated with the Internet of Things.