Increasing connectivity of technology across the mining and metals sector is making it more difficult than ever for companies to keep pace and secure their digital environment, finds a report.

According to the EY report, ‘Does cyber risk only become a priority once you’ve been attacked?’, 55 per cent of energy and resources companies have experienced a significant cybersecurity incident in the last year, yet 48 per cent of respondents believe it is unlikely that they would be able to detect a sophisticated cyber-attack.

Burgess Cooper, Partner – Cyber Security, EY says, “As mining and metals companies continue to move into the digital age, cyber security needs to be viewed as a key business priority in order to manage risk, particularly in light of the growing threats that exist in today’s digital landscape. It is critical for businesses to ensure that the responsibility of limiting the exposure to cyber risks is not one that can be delegated to one or two individuals. Cyber security is a shared responsibility therefore, to ensure a robust security framework, organisations need to involve all areas of the business, including media relations, investor and government relations, legal, operations, business, executive risk and any material third parties.”

For asset-intensive industries such as mining and metals, the threat is escalating particularly rapidly due to increasing investment in digital, reliance on automation and heightened connectivity between information technology and less mature operational technology. As a result, the report highlights that the entire supply chain is now at risk.