By Iain Davidson, head of product marketing, Wireless Logic
It seems not a day goes by without news of an outage, cyber incident or infrastructure disruption. The prevalence of cyberattacks, network issues and even extreme weather is forcing businesses to shift their mindsets away from ‘if’ disruption will happen to ‘when’ it will. This matters, because it broadens the sphere of interest in resilience beyond IT. Resilience isn’t just about IT performance, it affects regulatory exposure, operational continuity and accountability.
The assumption that availability is constant no longer holds. Last year, a fire at a National Grid substation triggered a power outage that shutdown Heathrow Airport. It caused widespread disruption, amounting to “tens of millions“ of pounds in losses.
Only a month later, Spain and Portugal experienced a widespread blackout attributed to insufficient voltage capacity. It had the knock-on impact of surging electricity prices in Portugal.
Neither incident related to the IoT, but both illustrate how disruptive, and costly, power outages are. As the IoT becomes ever more integral to infrastructure and supply chains, it must be resilient and designed to react swiftly and recover rapidly during unforeseen events.
Low tolerance of downtime
In this digital age we expect things to just work, to be efficient and dependable. We have a low tolerance of power cuts, water shortages, offline digital services and the like. We are used to instant access, 24/7 availability and consistent experiences. We notice when that’s not the case.
Digitalisation enables access to services 24/7, but it also makes us more dependent on connectivity. And as industries, such as the energy and healthcare sectors, further digitalise, critical services become at risk of going offline.
Regulation steps in to protect our access to power and healthcare. Connected monitoring systems are expected to operate through grid disruption and severe weather—failure quickly attracts regulatory attention. Downtime that impacts health providers raises immediate patient safety, and therefore compliance, concerns.
All of which means resilience decisions and responsibility should not be the sole purview of technical teams. IoT outages are a shared risk, that must command the attention of senior leadership and involve risk and compliance, as well as engineering.
Threats to IoT uptime
The IoT is under threat, and not just from cyberattacks. A range of things can cause outages including electro/mechanical failure or damage, inadequate maintenance, the inevitable cybercrime and network or power failures.
We’ve seen the impact that physical damage to infrastructure and power failures can have on consumers and businesses with the Heathrow and Spain/Portugal examples. Unfortunately, there is no shortage of incidents that illustrate the prevalence and impact of cyberattacks.
One analysis tells us there were 820,000 attacks per day on IoT devices 2024-25, while Forrester revealed in 2024 that 34% of enterprises that experienced a breach targeting IoT devices were more likely to report costs between $5-and-$10 million.
Inadequate maintenance can result in unplanned downtime and that comes at a significant cost to businesses. Siemens estimated the world’s 500 biggest companies lose almost $1.4 trillion annually through unplanned downtime. An hour’s downtime alone costs over $2 million an hour for a large automotive plant.
Reducing the threat and impact of downtime
Despite all the redundancy, resilience and failover measures that connectivity and Cloud providers have in place, a connected service can never fully guarantee 100% uptime. The IoT is at particular risk because solutions comprise many parts—a device, network, software, Cloud services and more. Risk occurs at every stage.
Having said that, there is a lot that can be done to reduce the risk of an outage and to minimise the downtime if, or when, it occurs.
Much of this comes down to planning and design. Cellular towers are equipped with backup systems to maintain connectivity during emergencies when other options may fail. If a catastrophic event takes out grid infrastructure, mains-connected IoT devices would be impacted so it’s worth considering backup battery power and maybe even satellite comms for critical applications.
Cybersecurity, meanwhile, goes to the very heart of risk mitigation. There are many measures to take to reduce the risk of breaches and to identify and recover from them.
These measures include technology, through tools such as multi-factor authentication, role-based access control and anomaly and threat detection, but extend beyond that to also encompass people and processes. A robust IoT Security Framework provides a guide to defending, detecting and reacting to cyberthreats.
Of course, all suppliers and partners involved in the design and operation of an IoT solution play a part in that solution’s resilience. Therefore, it is just as important to minimise the risk the supply chain represents—a point that demonstrates procurement and contracting’s stake in service continuity, alongside compliance, risk management, operations and, of course, IT.
Smart IoT design
IoT solutions should optimise resilience and fail safely and recover rapidly in the event of an incident. Enterprises and OEMs must design smarter and pick resilient partners to optimise IoT uptime. Resilience impacts regulatory exposure, operational continuity and accountability and that makes it a clear business risk decision. Companies cannot afford to ‘connect and forget’ their IoT, they must consider the full impact of failures across their organisations and engage the appropriate skills sets to adopt a resilient mindset and strategy.
Author Biography:
Iain Davidson has worked in a range of technology roles from design, system development. Sales to marketing. Currently he is Head of Product Marketing at Wireless Logic and working to help drive good technology choices for successful IoT projects and deployments.
