With technological advances, the mining industry is susceptible to cyber threats and attacks that can cause incredible damage. The GMG/MM-ISAC Cybersecurity Working Group aims to foster awareness, develop a culture of cybersecurity and provide guidance for the global industry.
WHY IT IS IMPORTANT FOR THE MINING INDUSTRY
As the mining industry acquires more sophisticated and efficient digital technologies, these technologies also create new risks for potential cyber threats and attacks. These include data breaches, system/equipment shutdown and hacking, phishing, infiltration through third-party access and cyber espionage.
Therefore, adopting prudent security measures and implementing an integrated cybersecurity management framework to prevent service disruption and react to threats is essential for any mining organization.
Most of these attacks are targeted to corporations or mid-large size organizations, and can potentially be involved with cyberterrorism and crime-rings. They may result in revenue loss, reputational impact and misuse of classified information.
Therefore, it is critical to build reliable, secure and resilient mining operations, drive convergence between operational technology/information technology (OT/IT) against these threats and drive accountability across the entire value chain.
ABOUT THE WORKING GROUP
The GMG/MM-ISAC Cybersecurity Working Group aims to drive OT/IT convergence for centralized, cost efficient, monitored and safe management in mines. A global network of SMEs, operators, leaders from inside and outside the mining industry and those interested in cybersecurity will collaborate to develop practical runbooks, guidelines and protocols to enable secure and resilient systems and networks. Fostering cybersecurity awareness at all-levels of the industry will be a key effort from this group as well.
Drive convergence between IT/OT by developing security guidelines, a governance framework, dealing with legacy and emerging technologies, and security standards
Create a culture of cybersecurity, phishing awareness and preventive detection in the mining industry
Develop playbooks, runbooks, guidelines and standards for IT/OT management, data discovery and protection, vendor security management, asset identification/inventory, incident response plan, and more.
Vendor Security Management
The project will serve as an actionable guideline for operators and vendors to apply when interacting with technology. It aims to understand what and how vendors connect to networks, their vulnerability spots and asset management practices. Learn more.
VIRTUAL MEETING. On March 23, GMG/MM-ISAC Cybersecurity Working Group gathered and shared details about upcoming projects, shared best practices and set the tone for 2020.