Mining must bolster "patchy" cybersecurity strategies
New research from Inmarsat has found that the majority of mining organisations are struggling to meet the security challenges presented by IoT as they look for ways to harness the technology.
Despite a significant growth in IoT adoption across the sector in recent years, the continued lack of attention on cybersecurity means there is a heightened risk of projects failing before benefits can be realised.
If mining businesses are to truly manage and deliver IoT initiatives in a secure way, they will need to raise cybersecurity higher up the company agenda, while addressing skills shortages across different leadership and key stakeholder positions.
These findings are taken from the 2020 edition of Inmarsat’s research programme into IoT trends, The Rise of IoT in Mining. The research found that, unsurprisingly, respondents were very aware of the damage that a cyberattack could trigger and the range of threats they are now facing as they ramp up IoT adoption. In particular, the insecure storage of collected data (56%), employees misusing data (54%), insecure network links to external infrastructure (49%), and ransomware and malware (45%) were the most highly-ranked security risks.
Despite awareness of these challenges, the industry’s response has so far been minimal. In fact, 53% of mining organisations reported that cybersecurity has not been a priority for their IoT solutions and could be vastly improved. Although some are taking steps to protect their IoT solutions by partnering with cybersecurity specialists (50%) and implementing 24/7/365 network monitoring (41%), it was worrying to see that 11% of mining businesses have not taken any steps to strengthen their approach to IoT security.
Commenting on the findings, Nicholas Prevost, Director of Mining, Inmarsat, said: “The mining sector stands to make considerable gains by leveraging IoT. However, as IoT connects more parts of a mining company’s operations and infrastructure to the internet, this will inevitably create more access points for potential security breaches.
"Although most organisations are aware of these new dangers, the measures that have been introduced to address them have, so far, been insufficient. Considering the sector’s reliance on data for its operations and productivity, it is particularly worrying to see that some mining organisations have not taken any action to ensure they have an adequate cybersecurity strategy in place, as any security breach or compromise of data would likely grind an entire operation to a halt.”
The research also revealed a clear need to address a growing gap in security-related skills across the sector. Over half (64%) of respondents reported lacking the level of security skills required when it comes to successfully delivering IoT-based solutions.
Prevost concluded: “Our research clearly showed that mining businesses are not upskilling their staff to securely manage and deliver their IoT initiatives. If there is a shortage of skills in key stakeholder positions, there will almost certainly be an absence of awareness of the importance of cybersecurity.
"This goes some way to explain the lack of action when it comes to improving IoT security. For those organisations that are striving to become pioneers in digital transformation, upskilling current members of staff and getting the right talent in place, at all levels of seniority and stakeholder positions, simply has to be at the top of the agenda.”