In the typical manufacturing plant, “maintenance” does not include attention to the electrical infrastructure. The focus of the typical maintenance department is on performing production equipment PMs and reacting to equipment failures. The assumption about the electrical infrastructure is once it works, it always works. The reality is different — and the consequences can be costly.

For example, a three-shift manufacturing plant in Alabama had an excellent equipment maintenance record. But this plant had a “time bomb” between one of its service entrances and the utility transformer. One of the cables had been spliced in a manner that wasn’t Code-compliant; the splice was improperly made and protected. The connection got hot, and the insulation around the spice melted, resulting in lots of acrid smoke. Despite heroic and costly efforts to repair the damage, this resulted in more than 24 hours of downtime for one-third of the plant.

Even correctly installed infrastructure will fail. Feeder cables subjected to repeated transient voltages, for example, begin to show evidence of insulation breakdown. That’s when they should be replaced, not when they fail unexpectedly. Their replacement should be planned and scheduled when this evidence of insulation breakdown is discovered; that’s how you keep costs down and uptime up. You discover this through one of many tests that should be performed regularly.

Among these are:

• Cable testing. This includes insulation resistance testing, low-resistance ohmmeter testing, and high-pot testing.
• Transformer testing. Oil-filled transformers allow for several tests to assess their condition. It’s a common misperception that you can’t run any tests on dry-type transformers, but a qualified thermographer will disagree.
• Bolted connection inspection and conductance testing. In a nod to infrastructure testing, some maintenance plans call for tightening bolted connections during a shutdown. This practice actually causes the connections to fail. Instead, you must assess the condition of the connection using a low-ohms meter. If it’s bad, disassemble it. Then clean the mating surfaces, replace the locking hardware, and torque to the recommended value. Retorquing does not work, because the initial torque is a measure of how much you permanently deform the connection hardware. You can torque a bolt only once; it’s a mechanical physics thing.
• Circuit breaker testing. The common misperception about breakers is if they are closed, they are fine. But the purpose of a breaker is to open the circuit when a certain current value is reached (and/or maintained for X time). A breaker that doesn’t open is merely a conductor. It’s no longer a circuit breaker and is no longer protecting the circuit or the premises.

Additional testing beyond the basics listed above may be indicated. But it takes expertise in infrastructure maintenance to identify what that testing would be.

The typical maintenance department is not set up for infrastructure maintenance. It lacks the qualified persons and the specific equipment. Odds are that a thorough search for the IEEE Red Book (the one that provides the standards for maintaining the power distribution system for an industrial plant) would turn up nothing. It is almost guaranteed that if you asked the plant electrical engineer what to do with insulation resistance test results, that person would not be able to deliver the correct answer (trend over time and look for the hockey stick). And that’s assuming there even is a plant electrical engineer.

A cost-effective solution that works for plants of all sizes is:

1. Obtain the IEEE Red Book.
2. Make a list of what tests should be run on what equipment and how often.
3. Contact a firm that specializes in electrical testing of infrastructure to go over your plan and provide a time and cost quote. Be sure at this stage to also ask about availability, because you will need to schedule this well in advance.
4.  Repeat the preceding step twice.
5. Compare the quotes. If one looks “too good to be true” compared to the other two, it probably is. Get a fourth quote.
6. Decide on a time for scheduling the shutdown, and get preliminary approval.
7. Decide on a firm. Agree on the shutdown time.
8. Schedule the shutdown.

That’s a simplification of the plan. You’ll also need to arrange for security, plant personnel to escort and assist the testing personnel, a staging area, a secure storage area, parking and access, lighting needs, temporary power needs, and a host of other things. An experienced testing firm already has a list of these needs. Take their list not as “nice to have” but as essential items to provide. Get this rolling well in advance.

Following the testing, there’s a findings review that must be conducted. Let the testing firm take the lead there, as well. Part of it will involve their recommendations for a follow-up testing session. Part of it will involve their identification of “fix this as soon as you can” recommendations. If this list is long or the needs are beyond in-house expertise, then you will need to contract with an electrical services firm to do that work. There may be long lead times involved, so begin the discussion right away. For example, if you have an oil-filled transformer going bad you will likely have to order one to be built for you and the building process can take months.

Pro tip: You can get a jump start on failure prevention by obtaining the lifespan numbers from the manufacturer. For example, if you have feeder breakers that are 30 years old, it is probably time to replace them. So, what you’d want to do is replace them during the testing shutdown and have the testing firm take baseline data. Doing this is expensive and a hard sell to management, which is why you need something from the manufacturer.

Another way you can get ahead of failure is with oil-filled transformers. You can use a combination of age and oil demo testing to assess whether a transformer is at risk for failure. Schedule the replacement such that baseline testing can be performed by a qualified firm.

There is no better time to test equipment than when it is new. A common misperception is that you should wait a year before testing. But if you do that, you have no way to establish what is normal for that equipment in new condition and thus you have no baseline from which to assess deterioration. You have to wait a full year just to get a pseudo baseline and a total of two years to assess deterioration from the time of installation. A lot can happen in two years.

Internet of Things (IoT) and operational technology (OT) devices represent a rapidly expanding, often unchecked, risk surface that is largely driven by the technology's pervasiveness, vulnerability, and cloud connectivity. This has left a wider array of industries and organizations vulnerable and opened the door for damaging infrastructure attacks. 

Microsoft recently identified unpatched, high-severity vulnerabilities in 75% of the most common industrial controllers in customer OT networks. Keep memorizing to learn more about these cyber-risks to critical infrastructure and what you can do to mitigate them.

IoT's Growth Has Outstripped Device Security

Over the past year, Microsoft has observed threats exploiting devices in almost every monitored and visible part of an organization. This includes traditional IT equipment, OT controllers, and IoT devices like sensors and cameras. Many organizations have adopted a converged, interconnected model of OT and IoT in latest years. This trend has caused attackers' presences in these environments and networks to grow exponentially.

IDC estimates there will be 41.6 billion connected IoT devices by 2025, a growth rate higher than traditional IT equipment. And although the security of IT equipment has strengthened in latest years, IoT and OT device security has not kept pace. Threat actors are exploiting these devices accordingly by compromising newly networked devices to gain access to sensitive critical infrastructure networks.

Take the latest Boa Web server vulnerabilities, for example. Microsoft discovered these vulnerabilities during an investigation of continued attacks on Indian power grid assets by Chinese state-sponsored groups. Despite being discontinued in 2005, the Boa Web server is still used by different vendors across a variety of IoT devices and popular software development kits. Data from the Microsoft Defender Threat Intelligence platform identified more than 1 million Internet-exposed Boa server components around the world over the span of a week. Without developers managing the Boa Web server, its known vulnerabilities create an opening for attackers to silently gain access to networks by collecting information from files.

Nation-States Targeting Critical Infrastructure

It is important to remember that attackers can have varied motives. Russia's cyberattacks against Ukraine, as well as other state-sponsored cybercriminal activity, demonstrate that some nation-states will target critical infrastructure in order to achieve military and economic objectives.

Threat actors have more varied ways of mounting large-scale attacks as the cybercriminal economy expands and malicious software targeting OT systems becomes more prevalent and easier to use. 

Ransomware attacks, previously perceived as an IT-focused attack vector, are today affecting OT environments. This can be seen in instances like the Colonial Pipeline attack, where OT systems and pipeline operations were temporarily shut down while incident responders worked to identify and contain the spread of ransomware on the company's IT network. Adversaries realize that the financial impact and extortion leverage of shutting down energy and other critical infrastructures is far greater than other industries.

Microsoft has observed Chinese-linked threat actors targeting vulnerable home and small-office routers in order to compromise these devices as footholds. This provides new address space that is less associated with their previous campaigns — giving them a new foothold from which to launch future attacks.

Secure Your OT and IoT

While the prevalence of IoT and OT vulnerabilities presents a challenge for all organizations, critical infrastructure is at increased risk. Disabling critical services, not even necessarily destroying them, is a powerful lever.

If organizations are to secure their IoT and OT systems, there are a number of recommendations that should be put in place.

• Identify your vulnerabilities: It's important to map out business-critical assets in IT and OT environments so you can fully understand your landscape and its innate weaknesses.
• Evaluate device visibility: Next, you should identify which IoT and OT devices are critical assets by themselves and which are associated with other critical assets.
• Perform a risk analysis on critical assets: Focus on the business impact of different attack scenarios as suggested by MITRE. This publicly available knowledge base outlines common tactics, techniques, and procedures deployed by cybercriminals, and offers specific guidance for a variety of control systems.
• Define a strategy: Finally, define your protection strategy by addressing the risks that you previously identified. Rank risk by business impact priority.

Looking for more tips on how to secure your IoT and OT systems? Explore the full breadth of our cybersecurity research and recommendations with Microsoft's Security Insider.

Read more Partner Perspectives from Microsoft.

Executive Mosaic has included Rick Wagner, president of Microsoft’s federal business, in its 2023 Wash100 Award list for helping lead company efforts focused on delivering cloud capabilities to the government in support of national security missions.

The recognition marks the sixth consecutive time that Wagner was presented with Executive Mosaic’s most prestigious award in all of government contracting industry. Visit Wash100.com to cast a vote for him as one of your favorite leaders of consequence in the GovCon sector.

“As technology increases parabolically, this is a good time to be Microsoft and an even better time to be Rick Wagner. Rick’s ability to infuse his knowledge of government contracting into one of the most essential platform providers in the world promises a prodigious capability for Microsoft-based solutions for the U.S. government. Rick’s preparation and Microsoft’s opportunity mean we all win,” said Jim Garrettson, CEO of Executive Mosaic and founder of the esteemed Wash100 Award.

Wagner’s induction into the 2023 class further reflects his commitment to ensuring continued delivery of latest technology innovations meant to fit specific customer needs. In the previous award year, Executive Mosaic highlighted his mission cloud and security leadership as evidenced in his efforts to drive speedy integration of cloud platforms for public sector clients.

2022 saw Microsoft being named as one of the awardees of the Joint Warfighting Cloud Capability contract. The potential $9 billion program of the Department of Defense is aimed at delivering secure cloud services to mission owners. The company, along with three other contractors, will provide advanced data analytics, centralized management and distributed control, computing, storage and network infrastructure, tactical edge devices and other capabilities over a period of five and a half years.

Commenting on Microsoft’s selection to be among DOD’s cloud service providers, Wagner said, “Our work on JWCC will build on the success of our industry-leading cloud capabilities to support national security missions that we have developed and deployed across the department and service branches.”

He also sees the department’s multi-cloud approach for JWCC as “the right one” considering the defense enterprise infrastructure. “Multi-cloud is already an established best practice in the commercial industry because it enables organizations to maximize flexibility, enhance resiliency and access the best technologies across providers,” he added.

Aside from DOD, the National Oceanic and Atmospheric Administration also tapped Microsoft to provide the agency with cloud computing capabilities under a cooperative research and development agreement.

The company will support NOAA in advancing climate, weather and ocean prediction initiatives through cloud applications.

“Microsoft Azure Artificial Intelligence and high performance computing capabilities can help NOAA accelerate critical research and foster innovative approaches to mitigate the risk of climate change,” noted Wagner.

Microsoft is also in partnership with industry players working on cloud projects. In December 2022, it collaborated with Leidos to demonstrate the pairing of the latter’s Edge to Cloud platform with the Azure Cloud Infrastructure.

“By partnering with Leidos, we are demonstrating how commercial capabilities in a classified cloud can enable improved situational awareness and decision dominance for the DOD through global connectivity, data aggregation and advanced analytics that support decision making,” said Wagner.

The technological collaboration was during the U.S. Army’s Project Convergence 22 experimentation exercises and marked a milestone in the Joint All-Domain Command and Control program of the DOD.

As cloud continues to become relevant in advancing DOD’s missions, Wagner underscores Microsoft’s commitment as a key partner helping the department navigate the multi-cloud environment and ensuring seamless interoperability of systems and services.

Executive Mosaic congratulates Rick Wagner and Microsoft Federal for their selection to receive the 2023 Wash100 Award. Visit Wash100.com to cast a vote for him as one of your favorite leaders of consequence in the GovCon sector.

© 2023 CNBC LLC. All Rights Reserved. A Division of NBCUniversal

Data is a real-time snapshot *Data is delayed at least 15 minutes. Global Business and Financial News, Stock Quotes, and Market Data and Analysis.

Data also provided by

It was a rough quarter for the cloud infrastructure market as companies looked for ways to cut back on spending in an uncertain economy. When you combine that with the strong dollar and a weak Chinese market, the market slowed to 21% growth, a precipitous drop from the 36% growth we had seen the year prior.

While we aren’t seeing the gaudy growth of years past, Synergy Research still found the market exceeded $61 billion for the quarter with the 12 month trailing revenues of over $212 billion, a hefty sum by any measure, even with the slowdown.

Also of note was that while each of The Big Three saw growth slow in Q4 2022 from the previous quarter, Microsoft still managed to gain market share ground on Amazon. Microsoft increased its share from 23%, up from 21% the prior quarter, while Amazon fell from 34% to 33% and Google remained steady at 11%. The Big Three cloud providers accounted for 66% of worldwide cloud revenue.

That comes out to approximately $20 billion for Amazon, $14 billion for Microsoft and $7 billion for Google. Per usual, this is looking at IaaS, PaaS and hosted private cloud services. It doesn’t include SaaS, which is measured separately.

Image Credits: Synergy Research

Amazon cloud revenue grew a modest 20% over the prior year, and the company acknowledged in the earnings call that growth dropped even further to the mid-teens in the first month of the year. Meanwhile Microsoft reported cloud growth of 22%, down from 24% the prior quarter and Google Cloud revenue grew 32%, down from the 38% growth the previous quarter.

Amazon was first to market and has had a long head start, but it seems as the market slows after years of steady growth, it’s giving its chief competitor, Microsoft, a bit of an opening to gain on them. It could be partly due at least to the fact that Amazon’s market maturity is finally catching up to it, and Microsoft is able to gain some advantage in spite of spending slowing overall.

John Dinsdale, chief analyst at Synergy says there were three key reasons for this quarter’s drop-off, which he believes are short-term issues, and he remains optimistic for the future. “There are three main factors. The strengthened US dollar diminishes the apparent growth rate of many non-US markets; the large Chinese market remains constrained by pandemic issues and local policies; and the worsened economy has caused some enterprises to more closely review spending on cloud services. These factors should be primarily short term in nature and Synergy forecasts that growth rates will remain strong over the next few years,” he said in a statement.

It will be interesting to watch the market in 2023 and see how the macro economic environment affects revenue, and if the slower growth we’ve been seeing continues to work in favor of Amazon’s competitors by enabling them to gain more ground.

Microsoft has increased its global market share in global cloud infrastructure services for the fourth quarter of 2022. 

According to analyst firm Synergy, the worldwide cloud infrastructure services exceeded US$61 billion worldwide in Q4, with Microsoft Azure claiming 23 per cent of the pie.  

Although Synergy noted that the global rise was US$10 billion from the fourth quarter of last year, it reflected a reduction in the market growth rate.  

In its report, Synergy stated that cloud infrastructure services grew by 21 per cent compared to Q4 of 2021. 

This, however, was “substantially hampered” by the historically strong US dollar and a severely restricted Chinese market, the analyst firm said.