Cyber Crime: Mining’s Biggest Threat?

6 min read

By Elliot  Lavallin

Consultant


Every 40 seconds, a business falls victim to a ransomware attack. By 2019 it will be every 14.

Cybercrime shall soon be, if not already, the biggest risk that businesses face. The number of cybersecurity incidents doubled last year according to the OTA’s (Online Trust Alliance) Cyber Incident & Breach Trends Report – from 82,000 incidents to an estimated 160,000 – and those only account for those breaches that were recorded; the same report noted that the actual number of attacks could be as high as 350,000. What’s even more shocking is that out of the 160,000 incidents reported, 93% could have been prevented had businesses followed basic security measures.

Of those organisations still playing catch up, the Mining industry boasts the worst offenders; 97% of Mining organisations admit that their current cyber security function does not fully meet their organisation’s needs.

With so much at stake, it’s time companies took cyber security more seriously.

The Expanse of Data and The Rise Of Cyber Crime

“The world’s most valuable resource is no longer oil, but data.” - The Economist, 2017

The current expanse of data is exponential; we have created more data in the last 2 years than in the entire history of the human race. Microsoft estimate that the volume of data online will be 50 times greater in 2020 than it was in 2016.

With so many businesses becoming digitalised, the number of cyber-attacks has sky-rocketed. The World Economic Forum has identified cyber-attacks as one of the top five risks that the world faces today. Yet over a quarter of businesses remain unaware of the number of cyber attacks they’ve actually had. Over a third don’t know how they happened.

Similarly, when it comes to preparation businesses are lagging behind. One in five say their organisation doesn’t prepare or drill for cyber attacks and less than half conduct penetration tests to check their defences. Less than half also have a cyber insurance policy in place.

But attacks come at a huge cost, in damage, loss and in company downtime. According to Ponemon Institute’s Cost of Data Breach study, the average global cost of a data breach last year was $3.62 million. By 2021, Cybersecurity Ventures predict that the annual cost will become $6 trillion. Cybercrime will be the greatest transfer of economic wealth in history and will be more profitable than the global trade of all major illegal drugs combined.

Why This Affects The Mining Industry

In the recent EY report, “Does Cyber Risk Only Become A Priority Once You’ve Been Attacked?”, Mining was outed as one of the worst industries for implementing cyber security measures. Mining is still advancing technologically, using data science to improve their business in all areas - production and analysis, maintenance, sales trends and marketing strategies, customer turnover and credit details – but, without the security to accompany it, a large portion of companies remain unprepared to handle the threat of cyber-attacks.

The same report revealed that 55% of mining operators experienced a significant cyber security incident last year, and 48% of those firms admitted that they wouldn’t be able to distinguish and identify a sophisticated attack. 97% of Mining organisations have admitted that their current cyber security function does not fully meet their organisation’s needs.

Whilst investment into cyber security initiatives has increased by 53% over the last 12 months, too many mining and metals companies are still taking an “ad hoc” approach to their cybersecurity. With the sector’s digital footprint growing, and with that their associated cyber threat profile, reviews need to be made on how they protect their data and operational technology.

High Demand For Cybersecurity Professionals

Palo Alto Networks Research Center predicts that, in the next year, the global demand for cybersecurity professionals will increase to 6 million, global spending on cybersecurity products and services will exceed $1 trillion cumulatively over the next five years according to Cybersecurity Ventures. All the while, cybersecurity unemployment rate is expected to remain at 0%.

Lowering cyber-risk starts with closing the cybersecurity maturity gap and hiring the necessary cybersecurity professionals. Boards need to understand the threat landscape and start applying risk-focused mindsets to their management.

CSG are experts in finding the qualified, niche talent that businesses need; I specialise in cyber security recruitment within the Mining industry. As companies continue to expand their digital footprints, cyber security becomes even more of a critical component to business growth and success, and to preventing those attack costs which affect organisations so detrimentally.

If your business is in the process of reviewing its cybersecurity – whether that be due to a recent attack or not – please don’t hesitate to get in touch. I can be reached on +44 (0) 1132 596 625 or at elliot.lavallin@csgtalent.com.

References

CSO, A Look Back At Cybersecurity In 2017, 30.11.17

Cybersecurity Ventures, Cybercrime Damages $6 Trillion By 2021, 16.10.17

SC Media, Number Of 2017 Cyber-Incidents Doubled, 93% Could Have Been Prevented, 29.01.18

Pit & Quarry, Date Science: The Future Of Your Business, 24.05.18

Mining Global, Mining And Metals Industry Needs To Prepare For Cyber Attacks, EY Report Finds, 27.05.18