Interview

Proactive approach to cybersecurity key for mines

Naman Taldar, regional leader for OT cybersecurity at Rockwell Automation, discusses evolving threats facing mines as they embrace digitalisation with Caroline Peachey.

Naman Taldar, regional leader for OT cybersecurity at Rockwell Automation.

Mining – along with other critical infrastructure sectors – is facing an increasing array of cybersecurity threats that range from operational disruption to cyber espionage and ransomware attacks. 

As mining companies embrace digital transformation they increase their attack surfaces, making them more attractive targets for cybercriminals, explains Naman Taldar, regional leader for OT cybersecurity at Rockwell Automation. Alongside an upsurge in the number of attacks targeting mines, this means operators need to take a "proactive approach" and to manage cybersecurity risks "efficiently and effectively", he says. 

Taldar also speaks to Mining Technology about the types of cybersecurity threats facing mines, how the sector measures up against other industries and the measures mining companies can take to enhance cybersecurity.

Caroline Peachey: What are the most common cybersecurity threats currently facing the mining industry?

Naman Taldar: Customers in the mining industry face similar challenges to other critical infrastructure clients. Embracing digital transformation is important but can lead to large attack surfaces. Threat actors do not differentiate between industries when choosing a victim.  

A mining company can be just as attractive as any other potential target: it owns proprietary data and customer information and must ensure business continuity. Attackers aim to exploit all these points for financial gain.  

The major threats faced by the mining industry include operational disruption, cyber espionage, phishing attacks, unauthorised third-party access, insider threats and ransomware.

Caroline Peachey: How have cybersecurity threats evolved over the last 3–5 years?

Naman Taldar: Cyber threats are growing at an exponential rate globally; the convergence of information technology (IT) and operational technology (OT) makes companies more vulnerable and increases their attack surface.

Understanding the current cyber risk landscape and the threats that new technologies bring is critical for planning reliable and resilient operations.

The convergence of information technology (IT) and operational technology (OT) makes companies more vulnerable and increases their attack surface.

Over the past 3–5 years, mines that had never been connected to IT enterprise networks are now connected, providing an open landscape to attackers. These threat actors are aware of legacy and unpatched systems and can leverage those vulnerabilities to attack the mining industry by using the same strategies they use to attack other IT enterprise networks.

Caroline Peachey: How do the cybersecurity challenges and capabilities in the mining industry differ from those in other sectors?

Naman Taldar: While risk appetite and maturity levels vary, there are a few pillars for cyber risk transformation in an industrial control system (ICS) environment that nearly every mining company should have in place. 
 
Mining operations often occur in remote and harsh environments, which can complicate network connectivity and physical security. Heavy machinery and equipment may not have been designed with cybersecurity in mind. Like other industrial sectors, mining operations often rely on legacy systems that are difficult to secure.

Mining operations often occur in remote and harsh environments, which can complicate network connectivity and physical security.

The mining industry may face less stringent cybersecurity regulations compared with, for example, the energy sector, but cyberattacks in mining can lead to operational disruptions, equipment damage and safety hazards. 

Theft of proprietary data such as geological surveys and mining techniques can be a concern. Like other industries, mining operations are vulnerable to ransomware attacks that can disrupt production.

Caroline Peachey: What are your main recommendations for companies looking to enhance cybersecurity?

Naman Taldar:​​​​​​​ Every environment is different and every mine has different requirements for cybersecurity controls. 

If I had to sum up my main recommendations for mining companies looking to enhance cybersecurity, I would suggest starting with the basics: access control, hardening of critical assets, incident planning and response, intrusion detection, network segmentation and patch management.

A security operations centre. Credit: Rockwell Automation

Caroline Peachey: What role do regulatory frameworks and industry standards play in shaping cybersecurity strategies within the mining sector?

Naman Taldar:​​​​​​​ Cybersecurity frameworks are structured guidelines that include best practices organisations can follow to mitigate the risk of cyber threats and to reduce the threat landscape.  

Frameworks provide a systematic approach to managing cybersecurity risks, ensuring that security measures are comprehensive and well-coordinated.  

However, adapting the right framework to an organisation is a big undertaking because there is no one-size-fits-all for all sectors/industries.

Caroline Peachey: How can mines balance the need for robust cybersecurity measures with operational efficiency and cost-effectiveness?

Naman Taldar:​​​​​​​ Considering the increase in cyberattacks towards the mining industry, asset owners need to take a proactive approach.  

Facing evolving threats and obligations, the mining sector needs to manage cybersecurity risks efficiently and effectively.

Facing evolving threats and obligations, the mining sector needs to manage cybersecurity risks efficiently and effectively.

Basic measures include assessing and planning, followed by deploying controls based on frameworks/regulations, which differ from country to country. You can’t blindly follow the framework; it has to be validated through the right partners. In addition, a risk quantification needs to be done before deploying new technologies because this should not affect running operations.

Caroline Peachey: Finally, what are your top cybersecurity recommendations for the mining industry?

Naman Taldar:​​​​​​​ I would recommend focusing on the following five areas: 

  1. Risk identification. 
  2. Developing cybersecurity strategies to mitigate significant risks (framework adoption). 
  3. Selecting cybersecurity metrics and measures. 
  4. Implementing and testing cybersecurity controls and policies. 
  5. Continuous monitoring and re-evaluation.

About the interviewee: Naman Taldar is the regional leader for OT cybersecurity at Rockwell Automation. He looks after OT cybersecurity consulting and business development for the Middle-East, Turkey and Africa markets. He has been in the IT industry since 2010, with significant experience in delivering multiple critical infrastructure and defence projects.