Understanding the impact of EM disruption

 

Electromagnetic (EM) disruption denies the availability or disrupts the functional performance of the complex digital infrastructures that organisations depend upon to function. Many of these needs are now highly time critical and the tolerance to disruption is small.

 

The impact of EM disruption should therefore be viewed as business critical and is amplified to those of a cyber or physical attack by the fact it cannot be detected by traditional security measures.

 

Business impact can be measured at a number of critical levels: 

 

Regulatory: Inability to detect, identify and report on EM disruption carries regulatory risk

EU Network Information Security Directive 2018
US Executive Order on Coordinating National Resilience to Electromagnetic Pulses

      

Operational: Loss of operational capability or inability restore operations effectively

Critical danger or life threatening bottlenecks
Breach of service contracts
 

Commercial: Significant impact to commercial performance and internal investment strategy

Negative impact on Inability to transact or fulfil orders
Poorly directed mitigation strategy and security investments
 

Reputational: Uncontrollable negative impact to brand reputation and consumer trust

Brand is a quantifiable business asset  - huge financial impact
Loss of trust and impact to market share – costly retention strategies

 

To mitigate impact, its critical that a business understands its resilience and recovery strategy and includes EM disruption within its overall cyber-physical resilience approach.

 

Doing so will ensure it is best placed  to proactively manage against threats rather than reactively manage crisis.