Inmarsat report finds that mining companies are struggling to secure IoT deployments.
Almost all mining companies are worried that their cybersecurity needs urgent improvement as the industry looks to implement IoT projects, according to a new report.
As part of satellite communications firm Inmarsat’s The Future of IoT in Enterprise report, market research specialist Vanson Bourne interviewed respondents from 100 large mining companies across the world.
The survey found that 94 percent of these operations admitted that their approach to cybersecurity could be significantly improved, while 67 percent said that their data security measures would need a “complete overhaul” to be fit for IoT deployments.
A lack of relevant skills has emerged as a key area of concern, with 64 percent of respondents saying that they needed additional cybersecurity skills in order to safely deploy IoT technologies.
However, despite recognising the increased security risks associated with the IoT, just 44 percent are investing in new security technologies. Only 17 per cent reported that they are taking steps to plug the security skills gap by hiring new staff.
But why are these issues of critical importance to the mining sector?
Increased cybersecurity risks
Joe Carr, director of Mining at Inmarsat Enterprise, said that mining companies stand to make considerable gains by exploiting digital technologies and applications, such as the IoT, but as the industry becomes more digital-oriented, the risks for these businesses increase.
“A more connected mine is a more vulnerable one, and as the IoT connects ever more parts of a mining company’s operations to the internet, it opens up new avenues for attack, whether that’s from environmentalist groups seeking to disrupt operations, or from state-sponsored actors conducting cyber espionage,” he said.
Carr added that the sector’s increased dependency on data for its operations and profitability means that the risks of not having adequate security in place grow exponentially.
“Whereas a decade ago a data breach or intrusion would have been an inconvenience, today a mine might grind to a complete halt, so it is worrying that so many mining companies are struggling in this area,” he said.
He added that for businesses to thrive in this climate, IoT and digital security needs to be at the top of the agenda, and it is essential for boards to increase their understanding of the risks.
“This involves ensuring that the fundamental network infrastructure underpinning device connectivity aligns with the highest security and reliability standards, and that the endpoints are configured correctly,” he added.
This echoes a similar 2017 report by EY, which found that 55 percent of mining operators had experienced a significant cybersecurity incident.
That report also found that 97 percent of organisations admitted that their current cybersecurity function did not fully meet their organisation’s needs. Despite all this, only 53 percent of respondents had increased investment in cybersecurity.
Internet of Business says
A raft of recent reports have identified IoT security as a blind spot for many organisations. And as IoT systems are layered on top of legacy networks and critical systems, this introduces a much broader attack surface, where responsibility for security becomes less and less clear.
This is why organisations need to take responsibility themselves, stress test systems, and consider in advance the possible impacts of a cyber attack.
However, several Internet of Business reports reveal that many organisations simply aren’t taking responsibility, and are doing little to secure the IoT, despite strong awareness of the risks.
To plug this gap ourselves, we have recently published a number of reports that suggest some solutions to this fast-growing problem:-
Read more: Gartner: IoT security spend hitting $1.5 billion – but strategy poor
5G networks will also demand an entirely new approach to security, warned a panel of experts in another recent report: