The digitisation of systems has brought huge innovation over the years, with benefits including increased efficiency, better data management, and improved communication. However, alongside these innovations, new risks have developed – digital systems are vulnerable to cyberattacks, outages, and system failures. With the potential for significant business disruption, mitigating the risks of reliance on digital systems, while still benefiting from the innovation they bring, is vital.
In many industries, digital transformation is relatively recent, leading to a lack of IT investment and industry IT expertise. When infrastructure is not fully supported, this increases the risk of an incident causing disastrous business disruption. Luckily, there are measures you can take with the support of a managed service provider (MSP) to mitigate these risks. In this insight, we will examine examples of industries which are particularly at risk when relying on digital systems, and explore the solutions which can be applied across sectors.
The shipping industry
Global shipping is a prime example of an industry which has undergone significant digital transformation within a relatively short time period, and is currently heavily reliant on digital infrastructure. Ships themselves have become increasingly digital, and the use of internet of things (IOT) devices has increased, with use cases including navigation, monitoring of conditions at sea, and tracing of shipments. The industry is integral to our global ecosystem, and any disruption can have wide-reaching consequences on essential supply chains.
In line with this digitisation, cyber attacks on the maritime industry have been increasing. A database recording maritime cyber attacks, built as part of a research project by the Netherlands’ NHL Stenden University of Applied Sciences, traced 64 cyber incidents in the industry in 2023 alone, up from only 3 incidents in 2013, and 0 two decades earlier in 2003.
An example of the potential costs of a cyberattack was the 2017 attack on Maersk, a shipping and logistics company. The company was compromised by the malware NotPetya, described as a ‘cyberweapon’ due to the widespread destruction it was responsible for, shutting down its global port facilities, booking system, and container loading systems. Hundreds of Maersk employees had to work round the clock to restore systems, and the estimated cost of the attack was between USD 250-300 million.
What lessons can be learned?
Two contributing factors in this increase in attacks are a lack of IT and cybersecurity investment, and a cybersecurity skills gap in organisations. Speaking to the Financial Times, Stephen McCombie, a maritime IT security professor at NHL Stenden, said “IT spend in the maritime sector is pretty low. [Shipowners] are looking for people with maritime knowledge and cyber security knowledge [but] that is a very small group.”
While organisations may be hesitant to increase IT spending, they should consider the potential loss of income any supply chain disruption may have. As shown by the Maersk attack, recovery and lost income can lead to costs to the company in the millions, with potentially billions of dollars of costs further down the supply chain. Increasing spending on security helps protect organisations against these spiralling costs.
An effective method of combating the cybersecurity skills gap is working with an expert managed service provider (MSP). When working with an MSP, every element of your IT infrastructure is managed by their skilled employees, and much of the responsibility for security lies with the provider, rather than the in-house IT team. For companies in the shipping industry, an experienced provider can guide you on the optimum methods to deploy, manage, and secure your infrastructure, providing the best protection against cyber attacks.
A comprehensive disaster recovery plan is also essential for all businesses in the shipping industry. While increasing cybersecurity spending and working with an MSP builds your resilience to cyberattacks, no amount of protection can block 100% of incidents. To minimise the impact of any attack, a disaster recovery solution combined with regular back-ups means you can resume business operations as quickly as possible, with minimal data loss.
The manufacturing industry
Advances in technologies such as Artificial Intelligence (AI), Internet of Things (IoT), robotics and automation have led to what is known as the fourth industrial revolution (4IR) in manufacturing. 4IR transformation builds on the systems formed during previous industrial revolutions, incorporating modern developing technologies.
Ongoing digital transformation provides organisations with enhanced visibility over their supply chain through real-time tracking of materials and products, greater traceability through technologies such as blockchain, and faster assembly line processes through automation. Systems are increasingly interconnected, allowing for data to be exchanged and analysed across the whole organisation, leading to improved insights and optimisations.
Similarly to the shipping industry, with increasing reliance on digital systems and interconnectivity comes an increasing risk of disruption if the organisation is not sufficiently protected.
The manufacturing industry is heavily targeted by malicious actors, accounting for 25.7% of all cyberattacks in 2023 (IBM). One cause is the cost and business impact of pausing operations for system and security upgrades, leading to cybersecurity not being prioritised. This lack of up-to-date measures leads to vulnerabilities which can be exploited. Many manufacturing organisations additionally still use unsupported legacy IT systems alongside newer technologies, causing further vulnerabilities.
Another potential risk is new technologies not bringing the desired benefits, or ending up costing the organisation money. Research from Gartner in December 2023 showed that, while 54% of manufacturers planned to increase their tech spend in 2024, demonstrating the appetite for digital transformation, 48% had buyers’ regret from a recent tech purchase. These regrets included unexpectedly high costs, poor functionality, or issues implementing the new technology. With spending on IT increasing, ineffective and expensive infrastructure can have a significant impact on an organisation’s bottom line.
What lessons can be learned?
Cyberattacks are the primary risk of overreliance on digital infrastructure within manufacturing organisations. An MSP can continuously monitor your systems for vulnerabilities and block attacks (for example through implementing IDS and/or IPS systems), taking this responsibility off your hands. They will also implement a patch management process and ensure all software has the latest security updates. For businesses who are worried about pausing operations while updates are made, technologies can be implemented to ensure business continuity. One example is clustering, where multiple server instances are connected with shared memory, meaning workloads can be directed to one instance while another is updated, without interruption.
While manufacturing businesses are understandably keen to implement new technologies as quickly as possible, it is important to be strategic. A comprehensive assessment of all IT infrastructure across the organisation can highlight any legacy systems that need upgrading, as well as any incorrectly configured or poorly functioning elements. Focusing on these weak areas can bring the benefits of new technology to the areas where it is most needed, and ensure no elements are left behind and unprotected, reducing risks to your business.
The statistics on buyers’ regret highlight the need for informed planning, decision making and implementation strategies when undertaking a digital transformation. Off-the-shelf infrastructure may not fit your specific needs, having a higher likelihood of poor functionality and implementation issues. Working with a provider specialising in bespoke infrastructure, who will consult with you on your exact needs, means that the technology can be seamlessly deployed.
Similarly to shipping businesses, manufacturing businesses should also implement a disaster recovery and backup strategy to minimise any data loss or business disruption in the case of a cyberattack or other disruptive incident.
What next?
While this insight has focused on two specific industries, the lessons learned can be applied to any organisation undertaking a digital transformation.
While innovations in digital systems bring significant benefits, saving costs and time, and improving visibility and data analysis, dependence on these systems can also bring about increased risks, unless you take protective measures. These risks include a greater chance of cyberattacks, further reaching consequences of disruption in an interconnected system, and buyers’ regret if new technology does not bring the desired improvements.
These risks, however, should not discourage businesses from utilising digital systems. Instead, a strategic digital transformation approach with the support of a managed service provider allows you to optimise the benefits of new technology, while ensuring your systems are protected and working efficiently. Security measures including monitoring, patching and regular software updates will reduce and detect any vulnerabilities, while disaster recovery and backups will minimise data loss and downtime in the event of an incident.
If you are concerned about any of these risks with your current digital systems, or are looking to undertake a digital transformation to incorporate new technologies, our experts can consult with you on how to best protect your business.
Speak to our cloud experts today – fill out our contact form and we will be in touch.