It will take a catastrophic event for cybersecurity to be taken seriously in the mining and resources industry according to Australian researchers at State of Play.
A report has revealed that 98 per cent of top-level executives expect a catastrophic event is required to drive an industry response to cybersecurity in mining, following deep analysis of Australia's largest mining and service companies including: BHP, Rio Tinto, South32 and Anglo American.
State of Play Chairman and Co-founder, Graeme Stanway, said the risk of cybersecurity failures in mining could be severe.
“In an increasingly automated and interconnected world, the risk of rogue systems and equipment is growing rapidly,” said Stanway. “If someone hacks into a mining system, they can potentially take remote control of operational equipment. That’s the level of risk that we are facing.”
Global Head of Cybersecurity at BHP, Thomas Leen, said the mining industry is up against archaic processes when it comes to evolving on the cybersecurity front.
“Mining as an industry has a low level of cybersecurity maturity, mainly due to legacy environments that lack basic capabilities,” he said.
State of Play said the the second most likely driver to instigate change, after a catastrophic event, according to report findings, will be government-led initiatives and responses.
AustCyber CEO, Michelle Price, said public-private partnership is the key to driving change in the way the mining industry approaches cybersecurity.
“AustCyber has collaborated with METS Ignited and State of Play to conduct this survey as we see the potential to improve cybersecurity across the mining environment,” said Price.
“There are several challenges specific to the mining sector as documented in the Australian Cyber Security Industry Roadmap developed in conjunction with CSIRO – such as operational technology, connected equipment and sensors, availability of data, anomaly detection and the volatility of markets.
“There are plenty of growth opportunities – especially when the sector collaborates with organisations like AustCyber to have a coordinated voice on the kind of support it needs to push forward cyber resilience,” she said.
South32 head of cybersecurity, Clayton Brazil, sees this collaboration as a strength of cybersecurity in the mining industry.
“Cybersecurity is incredibly collaborative in mining, we know it’s a critical industry for our nation and we all want to be safer,” he said.
Brazil sees a strong cybersecurity capability as a strategic opportunity for South32.
“Done properly, cybersecurity can be a competitive advantage for us,” he said.
METS Ignited CEO, Adrian Beer, said industry growth and sustainability will come from collaboration and the implementation of standards.
“Mining operations are still made up of legacy closed systems that have customised integrations between them,” he said. “However, the modern technology vendor community is trying to overcome these systems with new models, building collaboration and trust between mining and the technology sector will create a secure sustainable future.”
Beer added that standards have a two-prong role to play.
“There is clearly a need for both a strong set of standards to define what good looks like in terms of cybersecurity more broadly,” he said. “And a set of industry standards to ensure that the specific needs are met to deliver those secure outcomes.”
Last month, a roadmap developed for the Australian Government in consultation with industry, government and academia outlined the importance of action for Australia to capture the benefits of Artificial Intelligence (AI), estimated to be worth $22.17 trillion to the global economy by 2030.
(Image: Linfox's Lin-double tri-axle tipper coupled with a six-axle dog trailer for a coal run in Illawarra.)