As the mining industry increasingly adjusts to a technology-driven future, the introduction of every new technology is triggering new vulnerabilities that it has previously not had to worry about.
The mining sector, which cannot allow itself to be technologically disconnected, needs to ensure that cybersecurity is ‘baked into’ any new solution brought into its operations.
“Organisations can choose between bad and worse: either stay unconnected and not participate in the Fourth Industrial Revolution or increase connectivity, which will dramatically increase security exposure and attack surface,” explains Claroty global sales VP Colin Blou.
Speaking at a Dimension Data-hosted mining roundtable, he reiterated the changing dynamics of the mining sector as it absorbed technologies such as the Internet of Things, artificial intelligence, cloud technology, Big Data and robotic process automations.
“[These] have the power to fundamentally change how business is done and introduce efficiencies that will only get better the more they are used, [owing] to machine learning,” he says, adding, however, that businesses in all sectors need to be adaptable and implement strategies to adopt the latest emerging technologies that will help them meet their business objectives.
“In an ideal world, there would be a complete segregation between information technology (IT) networks and operational technology (OT) systems,” he continues.
Lack of SymmetryHowever, there remains a lack of symmetry between IT and OT systems that weakens security during integration efforts.
“For example, as seen with the NotPetya malware attacks last year, an IT-centric ransomware affected global companies that neglected to properly segment IT and OT networks. The result was accumulated losses of over $10-million for global companies such as Maersk and Mondelez.”
Security needs to stay ‘top-of-mind’ when creating cohesive systems, with companies needing to be aware of unpatched devices.
“Over the last 30 to 40 years, very minimal efforts have been put in place to protect and consequently minimise the exposure in those [OT] networks,” he says.
He notes that, often, security tools deliver alerts to the security operation centre without any context surrounding its origin.
“End-users need visibility into the chain of events leading up to every single alert. This is particularly important for OT security alerts consumed by IT security professionals with limited to no knowledge of OT operations,” Blou adds.
Within the IT systems, stakeholders have been instrumental in designing and evolving products and solutions to close the security exposure gap.
“From intrusion detection and prevention systems, all the way to endpoint prevention and remediation systems, they all have the common goal of keeping things in check.
“The bottom line is the mining sector cannot allow itself to be disconnected, so each player needs to decide how to do it in a secure way,” he concludes.