I wouldn't want to be among the people who now need to explain why there is a single-point-of-failure for critical infrastructure. It might have looked like an acceptable risk at the time. After the fact it looks like a foolish decision.
I'd expect that other subsystems will be scrutinized as well. This looks like a higher level problem.