Canadian Shipper

News

Cyber risks increase for utilities, networks and smart factories: Allianz Global Risk Dialogue


NEW YORK, N.Y.–As energy, transportation, telecommunication and manufacturing companies become more reliant on automation, robotics and connected networks, they are also increasingly vulnerable to cyberattacks. Rather than stealing data, cyberattacks on critical infrastructure and manufacturers are more likely to target industrial control systems (ICS) to manipulate or shut-down operations. The current issue of Global Risk Dialogue, the Allianz Global Corporate & Specialty (AGCS) magazine covering corporate risks and insurance, focuses on how the fast growing cyber threat to utilities, networks and smart factories can be mitigated.

Specifically, there is heightened concern pertaining to the vulnerability of ICS, which are used to monitor or control processes in industrial and manufacturing sectors. A cyberattack against an ICS could result in physical damage, such as a fire or explosion, as well as business interruption (BI), says Emy Donavan, regional head of cyber at AGCS.

“A number of ICS still used by manufacturing and utilities companies today were designed at a time before cyber security became a priority issue.”

Smart factory opportunities and risks

While ICS are a particular issue for the utilities sector, similar cyber-related physical damage and BI risks are also a key concern for manufacturers. So-called smart factories of the Industry 4.0 era heavily rely on automation, robots and connected supply chains. From an insurer’s perspective, this brings new risks as well as opportunities.

“Continuous monitoring and predictive maintenance of automated production lines will reduce small scale frequency losses and increase equipment lifetime,” explains Michael Bruch, head of emerging trends, AGCS.

“Supply chains will be better monitored, more predictable and visible with improved tracking options and losses reduced from spoilage or expiration.”

However, interconnectivity of supply chains and production processes will increase cyber vulnerability, especially as security flaws built into embedded software code are difficult to detect.

“Overall loss potential is rising significantly, creating high accumulation potential with larger and more complex claims,” Bruch explains. Should a robot be hacked or suffer a technical fault, a production line could be interrupted for hours or days, at a potential cost of tens of millions of dollars per day.

“While there is no such thing as 100 percent security, a comprehensive cyber and IT risk governance strategy involving various corporate functions is necessary to successfully combat cyber risks,” adds Donavan.

Refining existing risk services

In the future, digitalization will also shift the nature of corporate assets from mostly physical to increasingly intangible. Brand value and reputation, as well as intellectual property, technological know-how and supply chain networks, will become more important assets. Bruch adds: “Coverage for a company’s factory will increasingly demand cyber, reputational and specific non-physical damage BI covers to adequately protect intangible assets. Refining existing and developing new risk services beyond the traditional is key for both insurers and businesses to prepare jointly for the next industrial revolution.”