Top 10 mining companies adopting cybersecurity measures

The world's top mining companies leading the way in cybersecurity, by competitive position

As the mining industry becomes increasingly interconnected through the use of IoT sensors, AR devices, autonomous vehicles, and drones, the need for strong cybersecurity measures is becoming more crucial. These technologies can greatly enhance mining operations, but can also cause major disruptions if they fall victim to cyberattacks.

We take a look at the top 10 companies adopting cybersecurity measures.

1. BHP

BHP considers cyber threats a top priority, closely monitoring its IT and OT systems. To enhance its cybersecurity, the company is growing its team of specialists, including security architects, incident response personnel, and forensic investigators. The company's employees are dedicated to identifying and responding to threats, as well as analysing past incidents to identify and address vulnerabilities in both its IT and OT systems.

2. Antofagasta 

Antofagasta's approach to cybersecurity with the new cyber risks introduced by remote working. The company used this time to focus on the digital literacy of its employees. Around 2,200 employees took digital literacy courses with cybersecurity learning as a key focus. Around 10% of these employees even went onto more advanced courses addressing the overall cybersecurity skill shortage. In 2022, Antofagasta has also deployed private 5G networks to some of their Chilean copper mine sites in partnership with Nokia. The private 5G networks enable secure operations with high capacity and low latency.

3. Anglo American

Anglo American recognises the increased and almost daily threat from cyberattacks. The company has a global security team across Australia, the UK, Botswana, Brazil, Chile, Singapore, South Africa, and Spain. Fundamental to Anglo American's approach to cybersecurity is the focus on training current employees and future cybersecurity experts. This is most notably done through the company’s pioneering two-year cybersecurity apprenticeship to introduce new talent and address the overall cybersecurity skills shortage.

4. Fortescue Metals Group

Fortescue Metals Group is a leading iron ore producer, has implemented several cybersecurity measures to protect its operations. Some of these measures include, network segmentation to limit the spread of any potential breach; regular security audits and assessments to identify and remediate vulnerabilities; use of firewalls, intrusion detection systems, and other security technologies to detect and prevent cyber attacks; employee training programs to raise awareness about cybersecurity and minimise the risk of human error; and, partnerships with cybersecurity firms to access the latest technologies and expertise in the field.

5. Teck Resources

Trellix's solution has helped Teck Resources save a lot of time and money by helping to improve security operations and ease the workload of its security analysts. The XDR platform components provided by Trellix allowed Teck to respond to attacks more quickly, reducing the time needed to contain and clean up an attack from hours to seconds. This resulted in better protection against fast-moving attacks. Trellix also analysed outside intelligence and provided Teck with useful information to make informed decisions quickly. This helped Teck mount effective defenses against machine-speed attacks. Trellix's solution helped Teck "catch up" with attacks and prevented widespread damage.

6. Nornickel

Nornickel views digital transformation as a critical aspect of its growth strategy, with a focus on both improving production and benefiting communities. However, the company recognises the importance of securing its IT infrastructure against cyber threats, as these could disrupt industry and social infrastructure across entire regions. This requires a collaborative approach between the public and private sectors. The company tracks its cyber security performance through its information security management system and assessment reporting. Corporate level evaluations of the performance of the cyber security systems are conducted, and the results are shared with governance bodies and employees through established procedures and initiatives.

7. Kinross Gold

For Kinross, a dedicated team of IT cybersecurity professionals manages the IT security risk processes and IT security operations. Kinross manages its IT security risk globally using a centralised, risk-based approach. This approach is based on the principles of ISO 27001 and NIS. Kinross' Vice President of Information Technology oversees the company's IT and cybersecurity program and is accountable to the Executive Vice President and Chief Financial Officer, who is part of the Senior Leadership Team and has executive responsibility for IT and cybersecurity. The Audit and Risk Committee of the Board of Directors regularly reviews IT security risks, and receives updates from management on a quarterly basis. The ARC conducts an annual in-depth review of the company's privacy and data security risks, as well as the measures in place to safeguard the confidentiality, integrity, and availability of its information systems and data.

8. South32

South32 consolidates its innovation, improvement, and technology initiatives into a single system to keep track of ongoing projects, prioritise effectively, and enhance safety and productivity. The company emphasises user experience, productivity, and service delivery, while investing in network connectivity and core platforms. 

9. Nippon Steel

The company offers e-learning opportunities on security, and training sessions on targeted attack e-mails, to promote employees’ enhanced IT literacy and resultant sensitivity to cybersecurity. Moreover, in addition to the conventional centralised cybersecurity, Nippon Steel is implementing the latest security measures that incorporate the Zero Trust concept to always verify security before being connected. The Nippon Steel Group - Computer Security Incident Response Team (NSG-CSIRT) has steadily increased the number of member companies to 17.  

10. TATA Steel

TCS' Cyber Security services prioritize data privacy, regulatory compliance, and protection against harmful attacks. These services have become increasingly important during the lockdown, specifically in areas such as GDPR compliance and security clearance for associates providing services. To stay ahead in the security technology game, TCS is establishing Threat Management Centers globally.

Santha Subramoni, global head – TCS Cyber Security, says, “These centres will focus on providing cyber security solutions and services, including managed detection and response services, incident management and breach support, on-demand cyber vigilance services, digital forensics and regulatory compliance.”


Featured Lists

Top 10: Mining Trends

Mining Digital takes a look at 10 trends shaping the future of mining, including AI & ML, automation, 5G, cloud computing & sustainability innovations

Top 10: Mining Technology Companies

Mining technology is becoming more advanced and powerful, and a mix of manufacturers like Caterpillar & mining firms like BHP & Glencore lead the way

Top 10: Australian mining companies

Australia is a global mining powerhouse. Here we take a look at the 10 biggest Australian mining companies, from BHP to Whitehaven Coal

Top 10: Canadian Mining Companies

Supply Chain & Operations

Top 10: Silver Mining Companies

Supply Chain & Operations

Top 10: Copper Mining Companies in Chile