precious ore, precious data

Download Precious ore, precious data

Post on 22-Mar-2017




0 download

Embed Size (px)


  • Get Rolling Today:+1.504.300.1347

    Launching a 550 ton dredge into a tailings pond using our Patented Stability Control System.

    Specializing in moving marine assets using


    CENTER-LIFT.COMalternative to other heavy launch methodsalternative to other heavy launch methodsalternative to other heavy launch methodsalternative to other heavy launch methodsFLEXIBLE, EFFICIENT, SAFE & ECONOMICAL

    and our patented Stability Control System


    Precious ore, precious dataA digital future exposes mining to new threats


    N o one knows exactly what the mine of the future will look like, but we can be sure of one thing: it will be a target for hackers.

    Mining may not seem an obvious place for cyber-security risks, but the industry is transforming fast. Com-modity prices have fallen 52% since 2011 and mining productivity is down 3.5% per year over the past 10 years, according to a 2015 McKinsey

    report. In response, the industry has turned to digital and technological innovation to help preserve cash in the short term, and capture value over the long term.

    Mining operations are often in remote locations, with variations in geology, metallurgy and weather extremes. New technology is help-ing mitigate such variability by low-ering risk and cost while increasing safety and productivity.

    We believe this to be the future of mining, says Pedro Fuenzalida, innovation manager at Antofagasta Minerals. Analytics can deliver a step change in productivity, he says.

    Digital tools already move equip-ment fleets and driverless trains, schedule maintenance and manage the global supply chain. Drones and scanning equipment create 3-D maps of underground areas, and


    A bank of servers at a data

    centre: mining companies information

    could be less secure than

    managers realise

    Mining may not seem an obvious

    place for cyber-

    security risks, but

    the industry is trans-forming


  • September 2016www. .com


    underestimate the longer-term con-sequences on reputation.

    In 2012, Saudi Aramco revealed a cyber assault on its systems, to stop the flow of oil and gas to local and international markets, Abdallah al-Saadan, Aramcos senior vice-presi-dent of finance, strategy and devel-opment, said at the time. While it didnt succeed, damage was done.

    In 2015, Canadian company Detour Gold was hacked, putting at risk credit-card numbers and employees personal data. And in 2016, Canadas Goldcorp had 14.8 gigabytes of sensitive data accessed and posted on a public website by hacktivists, with a message railing against corporate racism, sexism and greed.

    One of the most prolific hacktivists, Anonymous, this year relaunched a campaign under the guise of #OpCanary focusing primar-ily on the military and mining indus-tries. It defaced BCGold Corps web-page and two days later did the same to Kenyan Petroleum Refiner-ies. While databases were not breached and data wasnt stolen, the incident was embarrassing and ulti-mately has an impact on reputation.

    TOTALLY TRANSPARENT?Meanwhile, the industry has been poor at disclosure and communica-tion of how it assesses, manages and mitigates cyber risk.

    Of the top 20 global mining com-panies, just 12 mention cybersecu-rity as a risk in their 2015 annual reports. Among them, disclosure varies widely: from a minimal state-ment saying the topic was discussed by the Audit and Risk Committee, to a vague outline of the potential impact of attacks. Only one classi-fied a potential breach as a reputa-tional risk.

    While there is little debate about the value of the data produced and held, there is a difference of opinion about how transparent to be with that data. As we move from the information age to the digital age and most recently to the transpar-ency age, mining companies need to address the issue of how transparent they want to be with their data, given it is often commercially and politically sensitive.

    The balance between secrecy and transparency may be shifting in the quest for a transparent world, and good communication holds the key

    robots are being developed to mine hard-to-reach resources.

    For example: Rio Tintos fleet of autonomous trucks has driven the equivalent of 98 times around the earth to deliver loads 24 hours a day, and BHP Billiton intends to develop apps for mobile devices to improve communications and productivity across the company.

    The team working in Shanghai will develop a range of mobile appli-cations that could include the capa-bility for operators to re-plan crew work in the field, check equipment maintenance requirements and loca-tion, immediately report potential safety problems or even check where and when people are travel-ling, says Diane Jurgens, BHPs chief technology officer.

    As mining companies increasingly become digitised to lower costs, and improve productivity, safety and flex-ibility, the risk to cyber security is heightened as the data is increased and becomes more valuable to the business.

    Our operations are increasingly digitised, says Richard Williams, chief operating officer of Barrick Gold Corp. Data flows from one point to another, which makes it open to attack, he adds.

    The fallout from a cyber attack can have negative short-term finan-cial impact, but companies often


    MinCa> For real tough conditions underground

    > Payload 4t

    > Extremely versatile

    All you ever wanted

    while moving in a mine.

    Visit us: Noth hall, booth 1568

    Our operations are increasingly digitised. Data flows from one point to another, which makes it open to attack

    The industry has been poor at disclosure and communi-cation of how it assesses, manages and mitigates cyber risk


    to foster stakeholder trust and understanding of the companys approach to managing valuable data and mitigating risk.

    According to Krolls review of 2015 cyber-security breaches among financial services, health care, retail and education sector, 60% of the reported cases were from human error. While the review does not include mining data, the statistics are likely to be similar. Using effec-

    tive internal communication to edu-cate and empower employees to protect the companys valuable information is as important as having IT adding more padlocks. It is sur-prising how many companies do not consider communication in their cyber-protection strategy.

    Stakeholders want to know that you are using data in a way to cre-ate value and that you are doing everything you can to ensure it

    doesnt fall into the wrong hands. Every company should have a

    chief information security officer sit-ting on the board and a written information security plan ready, says Ingrid Hobbs, Insurance Group partner at Mayer Brown.

    The threat environment is becom-ing increasingly complex as the list of attackers include nation states, criminal groups and activists, and as increased public awareness puts pressure on companies and boards.

    As the mining industry depends more on digital technology, stake-holders will look for a balance between transparency and secrecy, creating value and protecting it. This is not an IT issue; everyone in the company must take responsibility.

    People see risk as a separate subject managed by specialists, Williams adds. But cyber risk being managed by IT is the same as lead-ership being managed by HR it feels like a function and is not owned at the highest level of the organisation.

    Booth 25331

    LED LightsFor ConditionsFor ConditionsExtreme

    Superior Vibration And Shock HandlingSuperior Vibration And Shock HandlingTeaming With


    Carole Cable is a partner in Brunswicks London office and co-leads the Global Energy and Resources practice. A version of this article was featured in the Brunswick Review Spotlight on Cybersecurity

    Hacktivists could target

    mining companies

    Every company

    should have a chief

    information security

    officer sitting on the board

    and a written

    information security

    plan ready