Unplanned downtime costs businesses between $926/minute (low-end estimate) to $17,244/minute (high-end estimate) according to a study by PhoenixNAP. If you’re tempted to dismiss this statistic as one that only big companies need to worry about, consider that between 2014 and 2019 more than 50% of businesses experienced a downtime event that lasted longer than a full workday. That doesn’t include unplanned downtime during 2020, when COVID-19 shuttered non-essential businesses.
What’s the leading cause of unplanned downtime aside from the pandemic? According to PhoenixNAP, 45% of the time it’s hardware failure. Power outages (35%), software failure (34%), data corruption (24%), external security breaches (23%), and accidental user error (20%) are also to blame. Barring a cyberattack on the power grid, the connection between power outages and cybersecurity is tenuous. However, let’s consider all of the other causes of unplanned downtime and their relationship to cybersecurity.
Hardware like industrial machinery can fail for a variety of reasons, but factory equipment stops if programmable logic controllers (PLCs) and programmable automation controllers (PAC) are hacked. As Control Engineering warns, a cyberattacker can exploit remote network access to “gain deeper access to an organization from outside of it,” with consequences that include “unplanned shutdowns”. Not convinced? A recent cyberattack at America’s second-largest brewer, Molson-Coors, halted production.
Phishing and malware can also result in unplanned downtime that’s caused by software failures and data corruption. External security breaches that result in the theft of payment information or part schematics may also halt a company’s normal operations so that cyber forensics teams can investigate. Phishing, the fraudulent attempt to obtain sensitive information through impersonation, can trick even experienced employees into making costly but accidental errors, as Cincinnati Crane & Hoist can attest.
Cybersecurity failures happen for a host of reasons, but unplanned downtime carries costs whether hardware, software, system failure or human error are to blame. For manufacturers that are more like Cincinnati Crane & Hoist than Molson-Coors, the stakes are high. In fact, 60% of small companies go out of business within six months of falling victim to a data breach or cyberattack. For those businesses that survive, the costs are higher and timeframes are longer if recovery plans aren’t already in place.
The New York Manufacturing Extension Partnership (NYMEP) wants to help NYS manufacturers avoid unplanned downtime from a cyberattack. FuzeHub encourages you to learn about New York State Cybersecurity Assessment Program and the steps your business can take with help from NYMEP. If your business is at any level of the supply chain for the U.S. Department of Defense, you can get started right away. The first step is to join the cybersecurity cohort so that you can get the training that you need.