With technological advances and the rise of working from home, the mining industry is susceptible to new and advanced cyber threats and attacks that can cause incredible damage.

The GMG/MM-ISAC Cybersecurity Working Group aims to foster awareness, develop a culture of cybersecurity and provide guidance for the global industry.


As the mining industry acquires more sophisticated and efficient digital technologies, these technologies also create new risks for potential cyber threats and attacks. These include data breaches, system/equipment shutdown and hacking, phishing, infiltration through third-party access and cyber espionage.

Therefore, adopting prudent security measures and implementing an integrated cybersecurity management framework to prevent service disruption and react to threats is essential for any mining organization. 

Most of these attacks are targeted to corporations or mid-large size organizations, and can potentially be involved with cyberterrorism and crime-rings. They may result in revenue loss, reputational impact and misuse of classified information.

Therefore, it is critical to build reliable, secure and resilient mining operations, drive convergence between operational technology/information technology (OT/IT) against these threats and drive accountability across the entire value chain. 


The GMG/MM-ISAC Cybersecurity Working Group aims to drive OT/IT convergence for centralized, cost efficient, monitored and safe management in mines. A global network of SMEs, operators, leaders from inside and outside the mining industry and those interested in cybersecurity will collaborate to develop practical runbooks, guidelines and protocols to enable secure and resilient systems and networks. Fostering cybersecurity awareness at all-levels of the industry will be a key effort from this group as well. 

The group will work in partnership with the Mining and Metals Information Sharing Analysis Centre (MM-ISAC) to collaborate on and identify existing projects and prevent duplication.


  • Drive convergence between IT/OT by developing security guidelines, a governance framework, dealing with legacy and emerging technologies, and security standards 
  • Create a culture of cybersecurity, phishing awareness and preventive detection in the mining industry 
  • Develop playbooks, runbooks, guidelines and standards for IT/OT management, data discovery and protection, vendor security management, asset identification/inventory, incident response plan, and more. 


GMG Cybersecurity Working Group MMISAC


Vendor Security Management

The project serves as an actionable guideline for operators and vendors to apply when interacting with new and existing technology. It aims to understand what and how vendors connect to networks, their vulnerability spots and asset management practices to enable the enhancement of mine site cybersecurity. Learn more.

Cybersecurity White Paper Development Sub-Committee

The Sub-Committee identified the need for white papers on several topics related to cybersecurity in mining. The white papers with topics identified as being top priority are now being worked on by participants.

  • Cybersecurity and Remote Work – Cybersecurity risks associated with working remotely.
  • IT/OT Convergence – General information on cyber ownership of IT and OT operations under one team to enable centralized management, cost efficiency, holistic monitoring, and detection.
  • Data Protection – A basic framework for protecting important data and covers threats, vulnerabilities, protection plans, and data classification.
  • Cloud Partner Selection – When to bring on premises, appropriate security pieces from vendors, forming industry standards.

Click here to learn more about the sub-committee.


What Will Influence Your Next Cyber Strategy? (Video)

This presentation will consider some of the challenges that all organisations face and will need to keep front of mind when developing their next cyber security strategy. These challenges include “Killing the Noise”, “Preparing for the Horde”, and “Amazingly Clever New Malware?” Broadly speaking, there has been a lot of investment made to improve cyber security and we are doing a reasonable job at keeping up. However, rather than patting ourselves on the back and looking over the horizon as part of our next strategy, there is a strong case to be doubling down on getting the basics right. Click here to watch.

Know Who’s Talking in The Mine (Video)

Cybersecurity starts with visibility into what conversations are occurring between assets in the mine and whether they should be. With the increased digitization of mining assets the number of systems relying on the network has increased significantly. In addition to safety systems, control systems and push to talk communications there are also mobile fleet management systems, tele-remote systems and video communications that all need to be secured from each other and outsiders. The complexity of mine communication has increased significantly and Roland brings a simplified approach that integrates new OT security tools with security systems that most companies have already invested in. Click here to watch.

Lessons Learned: Implementing a cyber security training and awareness program (Video)

Successfully implementing an IT Security Awareness program can be challenging. When it is competing for people’s time against other training programs that focus on physical safety or are directly in line with employees regular duties it is even more challenging. In mining companies, and other similar manufacturing businesses, there is an incredible focus put on the physical safety of our employees, environment and equipment. This can have the effect that training courses on a less tangible topic like IT security can be seen as a waste of time or that the time could be better spent on something “real”. While ultimately the physical safety of our people is the most important, the safety of our data, systems and networks needs to be ensured as well. Click here to watch.

Cyber Security Process Hazard Analysis (Video)

The Cyber PHA methodology reconciles the process safety and cybersecurity approaches to prevent catastrophic incidents. Modeled on the process safety PHA/HAZOP methodology, a cyber PHA enables cyber risks to be identified and analyzed in the same manner as any other process risk, and, because it can be conducted as a separate follow-on activity to a traditional HAZOP or integrated to HAZOP. It can be used in both existing brownfield sites and newly constructed greenfield sites. Click here to watch.

MM-ISAC Industry Threat Report (Video)

The Mining and Metals ISAC (MM-ISAC) is a non-profit, industry-owned corporation established to improve the cyber security of metals and mining companies. Its goal is to protect members against incidents that could impact safety, environmental sustainability, or operational productivity. This mission will be achieved by sharing threat and vulnerability information, managing industry contingency planning, providing opportunities for training security staff and incident response teams. Click here to watch.