Op-Ed: Strengthening cyber defence – 5 measurable strategies for implementing advanced threat detection in mining organisations

As mining companies increasingly embrace technological advancements such as wide-scale automation and AI-driven processes to optimise their operations, they also become more vulnerable to sophisticated cyber attacks. Ernst & Young’s Global Information Security Survey revealed in 2022 that 71 per cent of companies experienced an increase in attacks in the previous year, leaving 55 per cent of mining executives concerned about their ability to effectively manage these cyber threats.

Cyber criminals have identified mining and metals companies as lucrative targets, leading to a surge in cyber incidents within the industry. Notable cases, like the attacks on Norsk Hydro and BlueScope Steel, have highlighted the urgent need for mining organisations to address common weaknesses in their network architecture, legacy industrial technologies, access controls, security configurations, maintenance processes, remote staff, and third-party access. Failing to close these gaps in cyber defences can have severe consequences, ranging from environmental harm and production loss to revenue decline, regulatory fines, reputation damage, and even operational shutdown.

To mitigate these risks and fortify their cyber security strategies, mining companies must adopt five measurable strategies:

Identify and patch vulnerabilities: Proactively identifying and addressing vulnerabilities within the IT and operational technology infrastructure is a crucial step in strengthening cyber defences. Regular vulnerability assessments and penetration testing can help identify weaknesses and potential entry points for cyber attacks. By conducting thorough audits of the network architecture, legacy systems, access controls, security configurations, and maintenance processes, mining companies can gain insights into the areas that require immediate attention.

Once vulnerabilities are identified, patches and updates can be implemented to address these weaknesses. Regular patch management is critical to ensure that systems and software are up to date with the latest security patches provided by vendors. This practice helps minimise the risk of exploitation by known vulnerabilities, which are often targeted by cyber criminals. Although implementing patches may require brief periods of system downtime and investment in resources, the cost is minimal compared to the potential damage inflicted by successful cyber attacks.

Control and manage system and network access: Controlling and managing system and network access is a fundamental practice in mitigating cyber threats. Mining organisations should adopt a selective access approach, granting privileged access only to individuals who genuinely require it to perform their roles effectively. This principle applies to both internal employees and third-party vendors or contractors who have access to critical systems and networks.

Implementing strong access controls involves employing robust authentication mechanisms, such as strong passwords, multifactor authentication (MFA), and user-access levels based on job responsibilities. By limiting the number of individuals with high-level privileges, mining companies can minimise the potential attack surface for cyber criminals. Additionally, implementing strict user access controls can help track and monitor user activity, enabling organisations to promptly identify any suspicious behaviour or unauthorised access attempts.

Undertake penetration testing: Engaging professionals to conduct penetration testing is an essential step in assessing vulnerabilities and evaluating an organisation’s readiness to respond to cyber threats. Penetration testing involves simulating realistic cyber attack scenarios to identify weaknesses in defences and determine the effectiveness of existing security measures.

VIEW ALL

Skilled ethical hackers attempt to exploit vulnerabilities, just as real attackers would, providing valuable insights into potential points of failure and areas that require improvement. Penetration testing helps mining organisations understand their cyber security posture and identify areas that need immediate attention. The results of these tests inform the development of effective countermeasures and assist in prioritising security investments based on risk exposure. Regularly scheduled penetration testing, complemented by continuous monitoring and threat intelligence, ensures that mining companies stay one step ahead of evolving cyber threats.

Enable multifactor authentication (MFA): As remote work becomes increasingly prevalent in the mining industry, implementing multifactor authentication (MFA) is crucial to enhancing security for remote workers accessing critical systems and networks. MFA adds an extra layer of protection by requiring users to provide multiple forms of authentication before gaining access. This typically includes a combination of something the user knows (such as a password), something the user possesses (such as a physical token or mobile device), or something the user is (such as biometric data).

Implementing MFA can significantly reduce the risk of unauthorised access, even if passwords are compromised. The additional layer of authentication acts as a strong deterrent against cyber criminals attempting to exploit remote access privileges. It is essential to educate employees on the importance of MFA and enforce its use across all remote access points to ensure consistent and effective security.

Use reputable, enterprise-grade cyber security solutions to uncover threats: These advanced solutions, such as extended detection and response (XDR), provide enhanced threat visibility and system monitoring capabilities. By implementing these robust cyber security tools, mining organisations can effectively detect and respond to incidents, conduct in-depth root cause analysis, and fortify their defences against evolving cyber threats.

In addition to these strategies, mining companies must recognise that cyber security is as much about behaviour as it is about technology. From upper executives to the workers on the ground, fostering a culture of cyber safety is paramount. This entails comprehensive training programs, the development of robust policies, and clear communication of guidelines throughout the organisation. Just as leaving the front door open negates the effectiveness of an alarm system, neglecting to cultivate a security-conscious culture can render even the most advanced cyber security measures ineffective.

By implementing these strategies and fostering a culture of cyber safety, mining organisations can enhance their cyber defences, mitigate the risks posed by the escalating cyber threat landscape, and maintain the trust of stakeholders in an increasingly interconnected world. Strengthening cyber security practices across the entire supply chain is also a critical step toward safeguarding sensitive data, protecting intellectual property, and ensuring the long-term success and sustainability of the mining industry in the face of evolving cyber threats. As the mining industry continues to evolve and embrace technological advancements, the time to act is now.

Parvinder Walia is APJ president at ESET.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.