“has contemplated offering home insurance as an offshoot of its development work on robots and other connected devices for the home...The idea is that robots and other smart devices can be used to monitor for threats.”
This is great news in that it would get real, unfiltered, unbiased data, from a large data set, that can be used to build actuarial tables to help quantify risk with more granularity and accuracy than is possible today.
Cybersecurity writ large desperately needs more accurate and comprehensive data upon which to inform strategies and develop courses of action. Several have suggested the insurance model as a way to get that information. It is important to remember that no matter what kind of devices are deployed in your enterprise, and what they were originally designed to do, the use cases for those devices are almost certainly going to expand in time.
Both the growth of IoT devices and the expansion of their utility are boons from an economic perspective. But as with commodity IT before it, the more dependent we become on the IoT the increased risk that malicious activity will result in significant negative impacts. This will be particularly true in industrial environments where cascading failures are a real possibility, or in the medical space where IoT devices play a significant role in patient well-being.
Understanding what devices you have and what they do is going to be an essential capability if you are going to both realize the full value proposition of the IoT, and avoid becoming a victim of someone exploiting the weaknesses of the IoT.