Strong risk management is critical in the Industry 4.0 fight against cybercrime.
The ability to automate traditional manufacturing and industrial processes, supported by data sensors and powerful analytics, has seen the Industry 4.0 trend turbocharge the growth of many companies. By allowing for greater connectivity between machines and facilities, it has accelerated supply chains, driven significant efficiencies, improved the flexibility and agility of businesses, and facilitated a much better customer experience.
|Join over 250,000 customers worldwide who trust WorldFirst and go global today.|
|Open your account today for free.|
All of this has contributed to the explosion of the internet of things (IoT). Analyst firm Gartner predicts there are now approximately 30 billion devices in the world and, according to research by IndustryARC, the global Industry 4.0 market specifically is expected to reach $156.6 billion by 2024. This pace of change will continue to advance as companies seek to stay competitive and maximise the quality of their products and services.
“Industry 4.0 has transformed the way many businesses operate,” says Andrew Bryson, operations senior vice president at FM Global, one of the world’s largest commercial and industrial property insurers. “An obvious example is retail logistics, with huge investment going into really sophisticated fulfilment centres. An online portal interacts directly with the distribution centre which then delivers straight to the customer. It’s moving companies away from expensive retail space and changing how physical property is used.”
Growing cyber threats
Though a positive trend, Industry 4.0 and wider digitalisation also introduces new risks. A study by Accenture found that only 13 per cent of businesses fully realise the impact of their digital investments. Naturally, hackers see opportunity in the unprecedented connectivity and last year researchers from F-Secure recorded a three-fold increase in cyberattacks on IoT devices.
While embracing the changes that digitalisation and automation bring, companies need to also carefully manage a new generation of exposures. Constantly evolving cyberthreats and other malicious risks can disrupt interconnected distribution channels and possibly even cause physical damage or destruction of physical property. In this landscape, organisations must ensure the new ways they are transacting remain resilient.
“Threats are now coming from many different places,” says Tiago Dias, cyber security consultant at FM Global, which provides more than a third of Fortune 1000–size companies with risk management and property insurance solutions. “From a business perspective, we are seeing a lot of dynamic pricing and product customisation. The connectivity required to do this means technology must control the systems.
“The larger a company’s digital footprint, the more entry vectors an attacker might use. Emerging technology normally means less testing and less exposure to the market, which increases the likelihood of vulnerabilities. It’s a spiralling effect, and hackers know this and are ready to pounce.”
Rise of the Covid-19 hacker
The coronavirus pandemic has accelerated digitalisation further and also the cyberthreat landscape. Parts of the business that used to run with an on-site presence, and were not interconnected, suddenly were forced to operate remotely, exposing an urgent need to re-evaluate procedures and processes. As companies have adapted infrastructure to support exponential increases in remote users, something they weren’t previously built to cope with, this has opened up even more vulnerabilities for cybercriminals to exploit.
An interconnected business, with sites, suppliers and distribution centres that all have systems talking to each other, must be able to guard against a complex matrix of threats and exposures. In any exposure, whether it be fire, flood, earthquake or cyberthreats, FM Global supports organisations with a data-driven approach to risk management.
FM Global’s Cyber Risk Assessment is an overarching tool that allows their clients to dig deep into what their cyber-exposures are and provides practical solutions and advice around their key vulnerabilities in the digital age. FM Global also has a Business Risk Consulting function, which works with organisations to identify business-critical processes and ensure what they are doing is well managed and doesn’t expose them to too much risk.
“The more connectivity you have, the more complex your environments become, the harder it is to manage them efficiently and the greater your threat landscape,” says Dias. “Through the Cyber Risk Assessment, we know exactly what needs to be protected and the dependencies that exist across the different critical processes of an organisation, and then leverage this information by applying procedures and governance around cyber to the areas which need to be more resilient.”
Property-related risks have evolved significantly in recent years, but FM Global believes that what has stayed the same is that much of all loss is preventable. Companies therefore work with FM Global to understand better both traditional and more modern and complex hazards that can impact their business continuity. By combining property loss prevention with insurance protection, the company helps organisations make cost-effective risk management decisions and build resilience in every part of their business.
Assess every risk
In the sophisticated age of IoT, companies mustn’t view cyberthreats and physical damage as entirely separate risks. A large multi-tenanted office block, for example, is likely to have a complex, cloud-based building management system that can be remotely accessed by people for the purposes of their jobs. If this system has temperature control, a hacker could exploit a gateway into it and then switch off the heating.
“If they did that, say, during the Christmas holidays when the building is uninhabited and temperatures are below zero, the management team could find themselves in a big freeze loss situation where that large building is subject to significant water damage, making the building uninhabitable for an extended period,” says Bryson. “This is a clear example of where a cyber-threat can cross over and cause physical damage to property. It’s very easy to envisage.
“Supported by the Cyber Risk Assessment, our engineers will understand how resilient those nodes are where a hacker could get in and help the client put barriers in place to stop it happening. We’ve been in business for 185 years, but the nature of threats has evolved significantly this century with technologies like Industry 4.0 and digitalisation. Our products and services have evolved with these threats to ensure the exposures our clients face today are equally as well managed and informed by us as when we first started.”
Excerpt from Raconteur Business Growth & Recovery special report published in The TIMES.