Powered in part by the growing use of Internet of Things (IoT) technologies, cybersecurity has surged to become one of the leading concerns for global manufacturers, according to a recently released study.

Cybersecurity has long been a hot-button issue for companies in the financial services, health care, retail, and energy sectors because these companies often host vast stores of sensitive consumer data. Historically, manufacturers have been less concerned. But with global manufacturers increasingly utilizing IoT technologies—which everyday technologies use to "speak" with one another by enabling network connectivity—concern over cybersecurity has dramatically risen.

While IoT innovations—such as Nest thermostats and mobile medical devices—increase efficiency and enable new product usages, they create a welter of cyber risks, including the potential for malicious cyber attacks, theft of personal data, and compromise of additional connected devices. In addition, companies' trade secrets and confidential business information may also become exposed, a vulnerability that extends to other entities in the supply chain. Beyond the threat of data theft, IoT devices face growing threats to operational integrity and availability. The study, released by BDO, suggests that many manufacturers are not confident in their ability to prevent information technology breaches.

Industry standards for monitoring and mitigating risk involving IoT technologies are being developed. At the same time, the litigation environment is evolving rapidly. The automotive industry, for example, has recently faced class actions alleging that cars equipped with Bluetooth and Wi-Fi are vulnerable to hacking while being driven. It is expected that the automotive industry's race to develop self-driving vehicles will only heighten concerns about cybersecurity.

Cybersecurity for manufacturers has historically not been as closely regulated as in other industries, but this has begun to change. The Food and Drug Administration, for example, has been increasingly involved in regulating medical devices, particularly mobile medical devices that can be hacked remotely. Numerous estimates—including a recent one from AT&T—predict that more than 50 billion devices will be connected to the Internet by 2020. As products such as motor vehicles and medical devices become connected, the cyber and legal risks flowing from these technologies are also expected to increase. BDO's findings reflect an uncertainty among manufacturers about how to mitigate the risks associated with IoT and other emerging technologies, while remaining competitive.

Ballard Spahr's Privacy and Data Security Group advises clients on all aspects of cybersecurity and digital privacy, ranging from product design and implementation to risk assessment and management. The Group’s attorneys represent clients during investigations and in response to cyber incidents and related regulatory matters, as well as in criminal and civil litigation. The firm’s Product Liability and Mass Tort Group defends manufacturers against product liability, consumer fraud, and related claims, and counsels manufacturers on how to avoid liability.

Copyright © 2016 by Ballard Spahr LLP.
(No claim to original U.S. government material.)

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.

This alert is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.