Technology advances in digital, mobile, analytics and other technologies has transformed the global mining industry. Heavy dependence on technology makes mining companies vulnerable to cyber-security breaches that can cause significant financial, operational and reputational damage. Cyber breach in mining is no longer just an information technology issue and possesses serious business risk. Mining companies are struggling to prevent breaches from happening and they should reconsider their approach on cyber-security.
In today’s world, cyber breach can not only access the company’s data and employees’ personal information but also access the various mining systems. In today’s world, many complex mine systems are managed through computers and all this information is often transmitted or even controlled over internet. In this way, some of the mine’s systems that can be affected due to breaches are are: water and power management, autonomous vehicles, milling process, ventilation systems etc. Security breach in any one of the mine’s system could be potentially prove catastrophic and can quickly bring an operation to halt.
Companies should prepare in advance by employing robust monitoring and breach response plans to quickly enable and detect breaches to mitigate their impact. In the breach response plan, the companies need to clearly define roles and responsibilities and develop an internal and external communication plan to quickly mitigate the effects. These breach response plans should be practiced on a regular basis and updated as the technology evolves. Lastly, companies could employ external breach specialist that can immediately provide assistance.
The biggest challenge in developing a cyber-security strategy is deciding what to protect. It is very difficult to secure every part of the business from an attack. It is advised to safeguard the key and most important parts of the business and rely on a response plan to mitigate effects of the breach on rest of the business unit. Companies need to identify what is the most important matter to the company and use this to allocate their resources accordingly in order to minimize the impact of breaches and keep their cyber-security spending under control.