SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Fortune 500 firms weigh in on equipment failure risk
Tue, 3rd Dec 2019
FYI, this story is more than a year old

Fortune 500 companies are increasingly concerned about the risks of critical equipment failure and cyber attacks on industrial control systems.

FM Global commissioned a survey of 200 business leaders in companies with more than US$1 billion revenue, who are responsible for overseeing equipment risks and operations.

“Failure of critical equipment can severely disrupt a business. The risk of such failure is rising, and internet connections are raising the spectre of cyber attack on industrial controls,” the report notes.

Forty-three percent of respondents noted that equipment failure risks have increased over the past five years, compared with only 29% who said those risks have decreased in that time.

They believe the reasons for rising risks include more equipment in use (53%), high demand due to a healthy economy (45%), aging equipment (42%), increased operator turnover (40%), high cost of suspending production lines (40%), lack of maintenance (39%), lack of experienced operators (39%), lack of training (37%), an aging workforce (34%), and repairs becoming too costly (33%).

Leaders also say that in 96% of cases, industrial control systems (ICS) are connected to the internet, compared with 3% that are not connected, and 1% who don't know.

The majority (84%) of respondents say that hacking either a top or high concern, with 7% stating it was a low concern.

Furthermore, the stakes of equipment failure are high: 75% of respondents said they expect it would take months for their companies to recover financially from the failure of critical equipment.

Additionally, 14% of respondents said that recovery would take years, 16% said it would take weeks, and 9% said it would take days, while fewer than 1% said they didn't know how long it would take.

“The possibility of equipment failure is weighing heavily on the minds of business leaders, and it should,” says FM Global executive vice president Malcolm Roberts.

“A robust economy, turnover in the technical workforce and an increasingly potent cyber criminal community means every company should be scrutinising its potential vulnerabilities now.

Respondents expect a range of negative impacts in the event of a critical equipment failure:

  • 54% expect a decline in revenue/earnings
  • 51% expect increased scrutiny from the investment community
  • 50% expect the introduction of regulatory compliance problems
  • 48% expect the degradation of brand/reputation
  • 46% expect an inability to fulfill orders, leading to a decline in market share
  • 39% expect a decline in share price
  • 29% expect layoffs and/or loss of key employees.