Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices.
Check it out!
OT Security a Key Business Enabler for Mining Companies
October 29, 2020
According to a recent report from State of Play, 98% of the 800+ global mining executives surveyed say it would take a catalytic or catastrophic event to drive a sector-wide response to cybersecurity in the mining industry. However, we at Claroty are seeing evidence that the time for response has come.
For the first time in its dozen years of publication, Verizon’s 2020 Data Breach Investigations Report examined the involvement of IT assets versus operational technology (OT) assets in security incidents, in addition to including a section on Mining, Quarrying, and Oil & Gas Extraction. While rarer than their IT counterparts, the report characterizes breaches involving OT assets as a notable cause for concern for companies with robust OT environments. To that point, Norwegian aluminum giant Norsk Hydro was hit by a ransomware attack in 2019, costing the company tens of millions of dollars in damage and forcing it to resort to manual operations across 170 sites in 40 different countries. While OT networks were not the primary target, the spill-over from IT to OT networks disrupted operations.
IT and OT networks will continue to converge, driven by two of Deloitte’s ten key trends in mining for 2020 – intelligent mining and modernizing core technologies. Connecting people, equipment, and data across mines, plants, rail, and ports creates insights that enable faster, smarter decisions for better outcomes. Through digital transformation and IT-OT convergence, mining operators have the potential to create safer, more sustainable, and more profitable operations, and drive competitive advantage. However, a combination of a rapidly expanding attack surface, legacy devices and opportunistic adversaries is creating a perfect storm situation and putting mining organizations at greater risk of attack.
One large mining company we worked with was determined not to let the IT-OT security gap stand in the way of progress. With 50 production sites across three separate geographies, the company had struggled to achieve a comprehensive view of its entire operational security risk profile. The integration of multiple remote sites – coupled with a range of legacy equipment in widespread use, a common situation in the mining industry – compelled this company to find a solution to simplify its OT security profile.
Working in coordination with the company’s IT and OT teams, Claroty delivered a solution that secures its entire OT environment, is governed from a central security operations center (SOC), and addresses concerns related to operational complexity, legacy technology, and requirements for zero downtime. Within two weeks of deployment, The Claroty Platform discovered and profiled all OT assets, asset details, communication patterns, and baselines across the entire OT environment – without any interruption to production. And that was just the beginning.
Download Claroty’s mining industry case study to learn how this company is leveraging The Claroty Platform to strengthen its OT networks’ security and risk posture, while enabling remote users with secure access to monitor and service OT assets. And to learn how Claroty can help your team overcome its own unique OT security challenges, request a demo.