“Cybersecurity touches everything, it is like breathing”
Mining plays an interesting role in the global economy; it is central to the development of all advanced economies but relatively few people have actually visited a mine site. Most governments consider mining assets to be critical infrastructure, yet over half of the industry believes its approach to cybersecurity is immature or non-existent. In an environment of rapidly increasing digitisation, global interconnectivity and heightened cybersecurity risk and awareness, this perceived immaturity is likely to be short-lived.
State of Play will be releasing our State of Play: Cybersecurity report in a serialised format over the coming months, of which this is the first instalment. The full report is also available for download from stateofplay.org
Globally, industries are rapidly adopting new digital technologies in the pursuit of transformational productivity and competitive advantage. In itself, this transformation is a large undertaking requiring new investment, new styles of leadership and new skills. Digital architectures are moving from legacy, layered internal designs to flatter, integrated cloud systems – the implications of which are a host of new value opportunities for both businesses and their adversaries. Crucially, as digital systems become more powerful and integrated so does the potential value loss from successful cyber-attacks.
Key research statistics:
- Executive interviews: 11;
- Continents: 6;
- Responses: 100+, including 5 Board members, 11 CEOs, 1 CSO, 3 COOs, 14 CTOs, 8 CISOs and 12 Business unit heads
- Resources companies: ~50%
- Service companies: ~40%
- Government and academia: ~10%
Mining adds the complexities of remoteness, potentially hazardous sites, global supply chains and increasing physical automation. So, while other industries and governments focus on the privacy and direct financial risks of cybersecurity, mining and natural resource industries must also focus on the immediate health, safety and environmental risks of cybersecurity. First and foremost, building cyber resilience is an added cost for miners. With this cost, however, comes a significant opportunity to use cybersecurity resilience to drive digital transformation and productivity in much the same way that the industry has benefited from automation and productivity in its quest to improve safety outcomes.
The overriding theme from our interviews with executives responsible for cybersecurity across the industry is that there is no silver bullet – managing cybersecurity can only be done at a strategic risk level. It is a multi-faceted challenge across people, process and technology. Across the following chapters, we will outline the major considerations and drivers for cybersecurity in mining and discuss emerging pathways forward.
Enjoy,
The State of Play team
Note: State of Play: Cybersecurity represents a specific drill-down report independent from the major strategy and innovation research. In this it continues the path set by the State of Play: India and State of Play: South Africa reports and the upcoming State of Play: Electrification and State of Play: Venture capital reports.