Addictive apps can blind users to the risks of downloading and leave sensitive company information exposed, according to
Marsh cyber practice leader Thomas Reagan.
The Pokemon Go craze which currently has the world in its grip has opened up a wealth of new risks, says Reagan, who serves as the senior cyber advisor to some of Marsh’s largest clients.
As well the games becoming instant targets for malware through fake and cracked versions in app stores, which could allow hackers to gain control over a phone and thus a wealth of data about its user, sensitive information could also be exposed through employees’ social media postings and other activities, he said.
“For companies with bring your own device (BYOD) programs, enterprise email accounts and other data could be exposed.”
There were also potential privacy issues at stake.
“Augmented reality (AR) technology combines elements of the digital and physical worlds into a single view, allowing data, text, or images to be superimposed on a live video feed,” he wrote in article entitled
Pokemon Go: Pop culture innovation highlights disruptive technology.
“In Pokemon Go, AR allows for the game map to align with a real-world map and players to find and even photograph their monsters in their physical locations.
“What if a Pokemon is located inside your company’s office? If a user shares a photo or screenshot of such a location, it poses a risk of inadvertent loss of sensitive company or customer information.
“And there are issues around invasion of privacy for people/places that don’t want to be involved in the game.”
Reagan said as AR technology developed and evolved, so would the new risks it brought with it.
“Businesses may try to block or limit employees’ access to AR and similar technology, but that may only provide temporary relief before the next threat emerges.”
Reagan said it was important to educate employees about the risks and conduct regular cyber risk assessments and audits to identify threats and assets at risk.
Businesses could also develop and test disaster recovery, business continuity, and incident response plans in conjunction with law enforcement, regulators, and others.
It was also another avenue to encourage cyber insurance coverage ‘to deal with the inevitable risks that slip through the cracks’, he said.
“AR and other disruptive technologies are here to stay, and promise to benefit companies and consumers.
“Risks professionals will need to be nimble as they manage the accompanying risks.”
Related stories:
Virtual Pokemon Go craze opens up a real world of liability
Humans, a weak link in cybersecurity