Skip to main content
Article

Lockdown in Industry 4.0 – Technological isolation

Risk & Analytics|Corporate Risk Tools and Technology|Reinsurance|Future of Work
COVID 19 Coronavirus

By Stuart Calam | June 3, 2020

As countries around the world deal with the impacts of a physical lockdown, it is important to think about how the world could react to technological isolation.

At a time when technology is being seen as a key component to mitigate the impact of COVID-19, and indeed companies with a strategic approach to technology investment should be better positioned to survive / thrive post pandemic, it is increasingly easy to imagine a scenario where a virus rips through our digital landscape, forcing an environment of self-isolated networks and broken connectivity.

How would your company react to a scenario of being technologically isolated for an extended period of time?

Heads or tails

Technology has been heralded as a key mitigation to the disruption and challenges we’re currently facing. Trends that we have already seen feel like they have been rapidly accelerated, with years’ worth of working practice changes compressed in to the past couple of months.

Heads

Talk of a new normal is now commonplace and questions are not just about how we return to work, but how we leverage the resilience and innovation shown during this extraordinarily testing time to make changes that support balanced growth and improved practices.

Whilst long term behavioural shifts are still difficult to know (and it’s easy to overlook that even in the current situation millions of jobs cannot be done remotely), on the whole the advantages to employers and employees alike of a new normal working regime, such as better individual well-being, increased productivity and reduced costs, are increasingly evident.

Tails

But with that comes potential shifts in exposure. A heavier use of technology places an increased reliance on areas where understanding, measuring and quantifying the risks is still relatively emergent.

By taking the corporate IT environment into people’s homes, business is being done over home internet service providers, with unmanaged routers and printers and a plethora of different device systems that are often shared between house members working for different organizations. Traditional forms of defence that underpin current thoughts on risk modelling can’t protect fully remote staff without adaptation, and highlight the importance of including cyber considerations into strategic decision making.

The cost of (dis)connectivity

Network lockdowns are bad even when there isn’t an ongoing global crisis. They are a massive impediment to communications within a region, with contact details often linked to network access that might make business continuity plans inaccessible if staff can only access them online.

For individuals, findings from a recent Pew Research Center survey in the US showed about nine-in-ten adults (93%) say that a major interruption to their internet or cell phone service during the current outbreak would be a problem in their daily life, including 77% who foresee an outage being a moderately big problem or very big problem.

For companies, the reliance on technology can be more acute, and more costly. When IT stops, business stops, and we’re still understanding how this might happen and the impacts to different sectors.

In June 2017, Maersk - one of the world’s leading transport and logistics company’s – faced NotPetya, a malware attack of such invasiveness and potency that it forced the company to shut down most its systems and applications . As well as preventing access to its systems, almost all of its data was lost, and the company had to adapt rapidly. The costs to Maersk were massive, yet business didn’t stop and Maersk managed to keep going with pen and paper.

While that was an extreme event, it is also important to consider the small aggregations of operational issues and how these can add up. In 2016 almost 149 million working hours were lost in the UK through simple internet downtime, costing over £12 billion in lost productivity, and with one in ten companies experiencing loss immediately. Lost revenue, lost productivity and recovery costs are all drivers of losses, but intangible costs like culture and confidence in your company can hurt just as much as a targeted attack.

And that is for isolated incidents that are relatively short-term and impact individual organisations. The effects of a longer-term lockdown across a wider network are not yet being widely discussed but costs could extend exponentially.

Not that this is limited to malign or hacking acts. Deliberate interruptions of internet access are increasing across nation states. A KeepItOn report on internet shutdowns showed that in 2019, 33 countries recorded a combined 213 national or regional internet shutdowns. The length of shutdowns also increased, from 11 shutdowns lasting longer than seven days in 2018 to 35 in 2019. Whilst the objectives are often political, with governments citing the control of hate speech and promoting public safety, the economic impact is substantial with direct estimated costs of over $8billion. Notably, Russia recently announced successful tests to create a country-wide alternative to the internet provides both resilience to wider global network issues and greater autonomy in controlling what access is available to Russian companies.

Beating the blackout

Maersk was not the only company to suffer at the hands of NotPetya: thousands of multinational companies faced varying degrees of damage and disruption. That Maersk was able to repel and recover from the virus is testament to a company elevating the issue from a technology risk to one of business risks that can go to the heart of its corporate function.

To help beat the blackout, there are several areas companies can look at to support resilience and lessen impact.

  • It’s important to expect downtime and work on resilience, both in responding to the issue and mitigating the impact. Studies show that over half of companies said improving network resilience was the top priority of their IT department, and that more than three quarters of organisations globally have set aside a specific budget to ensure its network resilience. However, sometimes your risk is people driven, and 23% of network downtime across manufacturing is thought to be accountable to human error. Ensuring your workforce is continually trained and there are well considered IT policies is key.
  • Positioning technology at the right level in your organisation is critical to having a strategic approach to these scenarios, and ensuring that they contribute to systems resilience rather than solving discrete problems or creating new ones. Investing in the right areas of technology enhancement and cyber security can define the success of a company, not only when systems are running but also when disruption occurs.
  • The ability to balance long-term thinking with tactical realisation of value can be vital for successful technology strategy. Too many projects in the IT world sit on the development shelf for far too long and miss the opportunity that conceived them. Conversely, new vulnerability and poor practice are far too easily introduced by rushed, ill-thought out systems that are badly built in trying to seize a quick advantage.

I recall a quote believed to be from Stewart Brand, an American author -“fast learns, slow remembers; fast gets all our attention, slow has all the power”. Predicting the future is easier than people think: there are only really three things we need to concern ourselves with:

  • Present trends that extend in to the future
  • Past trends that reappear; and
  • Novelties that appear rapidly and almost unannounced.

Most people always try and come up with the novelties when predicting future states; it’s a naturally more interesting area to look at, but the first two are much more common and we already know a lot about them.

For technological isolation, past and present trends suggest that best practice is something that many organizations can look at to help build strategic resilience in to their ways of working.

Author

Programme Director of the WRN

Contact Us

Related Content