Cyber-hacking threat increasing for mining and metals companies

  • Share

Thursday 21 November 2013 — Cyber-hacking is becoming increasingly pervasive in the mining and metals sector, with the potential to soon be a top 10 strategic risk, according to EY Oceania Mining & Metals Advisory Leader Nathan Roost.

Commenting today after the release of the EY paper, Cyber hacking and information security: mining and metals,  Elliott says the increased importance of the sector in global supply chains makes it a target and the increasing reliance of companies on technology makes it more exposed.

“Cyber hacking targets are no longer just the big names, many more companies across the sector are now vulnerable,” says Roost.

“Mining companies are becoming far more reliant on integrated IT systems in their drive to improve productivity and bring down costs, and this makes them more exposed and vulnerable to cyber-attacks.”

“At the same time, the relative importance these commodities play in global, regional and local supply chains means the companies have become priority targets and this is exacerbated by the extreme price volatility we expect to continue for the next 2-3 years.”

Forty-one per cent of mining and metals sector respondents* to EY’s recent Global Information Security Survey 2013-2014 reported an increase in external cyber threats in the past 12 months.

EY identifies three types of groups likely to target mining and metals companies – criminals, national governments and hacktivists.

“This means many companies who previously thought they would not be targets are now vulnerable,” he says.

Roost says the danger for mining and metals companies is that cyber-hacking and information security have often been narrowly viewed as an IT issue in the past.

“The risk is heightened by the centralized nature of many business functions across supply chains now and the dependence of operations on sophisticated IT systems. A top down approach from the Board and Executive is needed to ensure the issues and threats are understood and addressed,” he says.

Only 18% of mining and metals respondents to the Global Information Security Survey 2013 believe their information security fully meets their organization’s needs.

“The increasing prevalence of cyber-hacking means companies need to identify and assess the likely threat to their organization and mitigate accordingly,” says Roost.

* The Global Information Security Survey 2013-2014 included 39 mining and metals respondents.

About EY

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit

This news release has been issued by Ernst & Young Australia, a member firm of Ernst & Young Global Limited.

Liability limited by a scheme approved under Professional Standards Legislation.

Contact details:

Megan Ball
EY Media Relations
+61 2 8295 6427