sb-au logo
Story image

Fortune 500 firms weigh in on equipment failure risk

03 Dec 2019

Fortune 500 companies are increasingly concerned about the risks of critical equipment failure and cyber attacks on industrial control systems.

FM Global commissioned a survey of 200 business leaders in companies with more than US$1 billion revenue, who are responsible for overseeing equipment risks and operations.

“Failure of critical equipment can severely disrupt a business. The risk of such failure is rising, and internet connections are raising the spectre of cyber attack on industrial controls,” the report notes.

Forty-three percent of respondents noted that equipment failure risks have increased over the past five years, compared with only 29% who said those risks have decreased in that time.

They believe the reasons for rising risks include more equipment in use (53%), high demand due to a healthy economy (45%), aging equipment (42%), increased operator turnover (40%), high cost of suspending production lines (40%), lack of maintenance (39%), lack of experienced operators (39%), lack of training (37%), an aging workforce (34%), and repairs becoming too costly (33%).

Leaders also say that in 96% of cases, industrial control systems (ICS) are connected to the internet, compared with 3% that are not connected, and 1% who don’t know.

The majority (84%) of respondents say that hacking either a top or high concern, with 7% stating it was a low concern.

Furthermore, the stakes of equipment failure are high: 75% of respondents said they expect it would take months for their companies to recover financially from the failure of critical equipment.

Additionally, 14% of respondents said that recovery would take years, 16% said it would take weeks, and 9% said it would take days, while fewer than 1% said they didn’t know how long it would take.

“The possibility of equipment failure is weighing heavily on the minds of business leaders, and it should,” says FM Global executive vice president Malcolm Roberts.

“A robust economy, turnover in the technical workforce and an increasingly potent cyber criminal community means every company should be scrutinising its potential vulnerabilities now.”

Respondents expect a range of negative impacts in the event of a critical equipment failure:

  • 54% expect a decline in revenue/earnings
  • 51% expect increased scrutiny from the investment community
  • 50% expect the introduction of regulatory compliance problems
  • 48% expect the degradation of brand/reputation
  • 46% expect an inability to fulfill orders, leading to a decline in market share
  • 39% expect a decline in share price
  • 29% expect layoffs and/or loss of key employees.
Story image
UiPath and eSentire bring hyperautomation to Microsoft Security
UiPath and eSentire have announced a strategic partnership to deliver end-to-end security policy automation across multiple Microsoft Security services.More
Story image
How to secure your business against DDoS Attacks
With the upward trend of DDoS attacks this year, and an increased dependency on online channels across all industries, businesses need to be prepared, so they don’t suffer any disruption. More
Story image
Citrix Workspace given highest level IRAP assessment
After an intensive assessment from an Australian Signals Directorate auditor, Citrix Workspace has been assessed at the Protected level.More
Story image
CrowdStrike targets Zero Trust blind spot with new offering
CrowdStrike has officially launched CrowdStrike Falcon Zero Trust Assessment (ZTA), designed to aid in overall security posture by delivering continuous real-time assessments across all endpoints in an organisation regardless of the location, network or user. More
Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More
Story image
How cyber-attackers use Microsoft 365 tools to steal data
Vectra security research has recently identified how cyber-attackers use Microsoft Office 365 tools against organisations to steal data and take over accounts.More