Against the backdrop of a slowed economy and an increasingly volatile market, digital transformation in mining companies has become a business imperative to drive efficiencies, optimise competitiveness and reduce risks associated with human error.This shift, which brings the convergence of operational technologies (OT) and information technologies (IT), creates new cyber security challenges for mining enterprises and calls for proactive strategies to manage these risks. According to Charl Ueckermann, CEO of AVeS Cyber Security a combination of market volatility, rising costs, and changing global demand are driving a shift in the mining industry. “As with most industries, mining companies are increasingly looking for ways to leverage technology to improve the efficiency of their operations and reduce their operational risks.” He added that the most of the mining clients collapsed their IT and OT under one management structure. “While mining companies must ensure that their OT and IT systems are effectively aligned to create value, they must have stringent measures in place to manage the cyber security-related risks associated with this convergence.” Ueckermann explained that mining was among the highest cyber-attacked industries in 2019, therefore making it crucial to make sure the convergence of systems eliminated room for these kinds of threats and that access control was well-managed. Citing the World Economic Forum’s Digital Transformation Initiative whitepaper, Ueckermann says that digital mining is set to become a significant driver for the global mining sector. The whitepaper states that digitisation could create more than $320 billion in value for the industry by the end of 2025.
Although South African mining companies lag behind their Australian mining counterparts, technology, digitalisation, and data planning are becoming more advanced. Ueckermann says that leading mining companies in Southern Africa are actively implementing massive digital transformation projects that are connecting more systems. For example, one such mine is based in the Northern Cape, South Africa. They have one of the biggest undeveloped zinc orebodies globally and are building their entire strategy around being a fully digital mine soon.Mines are also adopting industrial internet-of-things (IIoT) and intelligent automation processes across pit-to-port chains, from autonomous vehicles to robotic drilling. IoT systems are implemented for multiple reasons, such as gathering and displaying production data to monitor key performance areas, tracking environmental data to monitor health and safety issues, and gaining overall visibility in areas that were not visible or accessible before. “Connected systems, including the mining operations’ programmable logic controllers (PLCs), are now all operating on common Ethernet protocols and not propriety protocols as they used to in the past, which requires the implementation of secure operating systems and networks,” Ueckermann added. Mining companies should first have a comprehensive understanding of their OT and IT environments and how the different parts of the organisation are connected before they implement OT security solutions. Translating their understanding into governance policies before they call on technology to protect their systems and data will result in more cost-effective and long-term solutions. An OT security vulnerability assessment should be performed on interconnected systems to understand how they are exposed to other engineering workstations or SCADA systems and the Internet. This includes all internet-connected devices, such as smartphones, which employees might be plugging into their computers. This is a vital building block to determine where are the high-risk security areas of the operations, and where to prioritise security efforts. Knowing what to tackle first is crucial, and will be important when security alerts are set up to notify OT Security experts of anomalies or possible security incidents.