IT Security in the Mining Sector

IT Security in the Mining Sector

Cyber hacking and breach of information has become one of the biggest concerns to the mining and metals sector.

The last few years has seen an influx in technological advances for the industry, and increasing numbers of key companies are leveraging innovative equipment such as autonomous vehicles and simulation technology to their advantage. However, these advancements have played a role in a noticeable increase in security risks within the industry.

Ernst & Young Global Limited conducted a Global Information Security Survey in 2013 that reported 41% of the mining and metals respondents have experienced a significant increase in external IT threats. 28% of these respondents also experienced an increase in internal security breaches.

It is interesting to note that the mining and metals industry, which boasts one of the largest cash flows, actually has the least developed understandings of managing IT security risks.

The increasing dependence that mining companies have on technology to perform daily operations has made them far more susceptible to security breaches and loss of valuable information. Criminals understand, and are actively looking for ways to threaten the industry by denying access to data, processes and equipment.

Some of the largest IT hacks in history have reportedly accessed a staggering 40 million credit card numbers, 70 million addresses, phone numbers, and other pieces of personal information.

If there’s a message to be learned here it’s that mining companies need to start paying special attention to their data and how it’s protected. Companies need to build their IT systems with a similar attention to detail that they approach their mining operations and infrastructures.

Companies need to understand the value of data, and how the loss of that data would negatively impact their company. The mining industry is renowned for engaging in multi-million dollar tenders. This highly sensitive information is critical during the negotiation stage and a security breach could be severely detrimental to all companies involved. A lot of the contractual information is extremely confidential, so it is imperative that companies heed caution and implement stringent security measures.

So what is cyber security and how do we implement it? The term cyber security refers to technologies, processes and practices designed to achieve regulatory compliance and protect networks, computers, programs, assets and data from unauthorised access, damage or theft.

For more information, we recommend reading Deloitte’s Cyber Security and Mining article. It provides a comprehensive overview of the problem and how to address the main areas of concern.