https://www.engineeringnews.co.za

Mines urged to develop a roadmap to mitigate cybersecurity

2nd March 2018

By: Schalk Burger

Creamer Media Senior Deputy Editor

     

Font size: - +

A risk-based approach to mitigating cyberthreats is the best practice for mining companies seeking to prevent and address vulnerabilities, and can fit seamlessly into routine operating and maintenance processes of mines. It does, however, require the right skills and the support of mine leaders, says infrastructure engineering and development multinational Black & Veatch Mining Senior VP Jim Spenceley.

Across the global mining sector, there is a gradient of maturity and cybersecurity preparedness from junior miners to majors, but the first step in an effective approach to cybersecurity defences is to develop a roadmap, says Black & Veatch MD Nathan Ives.

A roadmap requires developing an accurate inventory of operational and information technology (IT) assets, as well as how they integrate and how the various cyberassets impact on functional assets, he explains.

A graded, risk-based approach is then adopted, based on the company’s risk tolerance. A clear understanding is necessary to determine not only the operational impacts of cyberassets, but also the exposure of systems to cyberthreats and attacks.

“Based on this assessment, companies will want to put in place physical and cyberprotocols that provide defence and mitigate the risk to an acceptable level. The level of physical and cyberprotection and digital or physical access control is commensurate with the risk identified,” says Ives.

Similarly, remote and on-site access to systems, networks or equipment should be based on the risk and sensitivity of the operation or equipment. This approach forms part of routine mining security best practices, which involve background checks, where appropriate, and assessing the need to access equipment or systems by an employee or contractor.

“However, the appropriate governance policies must be in place to support the physical and digital security. Effective mining cybersecurity is a combination of people, processes and technology,” says Ives.

“Effective operational technology and IT cybersecurity are about not only technical solutions but also the necessary human resources, with support from top-level management,” concurs Spenceley.

Black & Veatch also provides expert advice on protocols, physical security, network segmentation, operational technology and IT interfaces and air-gap breaks to protect sensitive or critical network portions or systems.

“The risks are more significant for major-scale operations, as they face more threats, more attacks and have more interconnected networks; these operations are moving to newer technologies, such as autonomous mining programmes and remote operations,” adds Ives.

Mines’ detailed asset management supports the constant work required to ensure an effective cybersecurity posture, as do the high-level skills their decision-makers have. The links between IT and operational technology is where the cybersecurity gaps will mostly be found and closing vulnerabilities must be done piece by piece, based on risk profiles of the assets or processes, says Spenceley.

The main change in thinking is recognising operational technology and information technology assets as fully fledged assets in the organisation

.

Edited by Martin Zhuwakinyu
Creamer Media Senior Deputy Editor

Comments

Showroom

Actom image
Actom

Your one-stop global energy-solution partner

VISIT SHOWROOM 
Showroom image
Alcohol Breathalysers

Supplier & Distributor of the Widest Range of Accurate & Easy-to-Use Alcohol Breathalysers

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.099 0.157s - 137pq - 2rq
Subscribe Now