Mining and Natural Resources Q3 2024
Snapshot
- Ranked number five by the industry in the 2023 Aon Global Risk Management Survey and number one globally, cyber threats and ransomware attacks have become more frequent, sophisticated and severe in the past four years.
- A breakdown of mitigation actions that have been undertaken by the mining industry suggests more work needs to be done to ensure organisations can effectively protect themselves and respond to cyber events.
- There are several cyber risks facing mining companies, linked to factors such as highly sensitive and valuable exploration data sets and the risk of remote operations centres being compromised. The Aon Cyber Property Damage Facility product may provide both conventional cyber and cyber property damage cover to address key cyber exposures faced by mining organisations.
Welcome to our Q3, 2024 Mining Industry Risk Insights publication. We share this document to keep you apprised of industry-relevant risk & insurance information.
Each publication shares information in the following categories:
- Risk Management, including Current & Emerging Trends
- Mining Industry Risk News
- Insurance Industry News
As much as possible, we will share how information may be relevant to you as a risk owner, as well as providing an overview of products, services and solutions that are available to address these risk concerns.
This Quarter’s Theme is Cyber Risk
Whilst not our intention to run a theme each quarter, you’ll notice that this edition leans towards Cyber. Ranked as the #1 risk across the totality of Aon’s Global Risk Management Survey respondents in 2023, and ranked #5 by Natural Resources, cyber risk has evolved dramatically over recent years.
Cyber is still typically perceived to be a risk of unauthorised access to network or data. With ever growing reliance on technology and third-party vendors, we have started seeing a rise in exploits directed to Operational Technology environments causing Business Interruption and Property Damage events – both malicious and incidental.
Cyber threats, cyber-attacks and data breaches are distinct but closely related risks:
- A cyber threat is a possibility that a specific vector or vulnerability will result in un-authorised access to data and network.
- A cyber-attack (or cyber event) is an attempt to gain un-authorised access to data and network via a specific attack vector.
- An attack vector is the way or means used by a hacker to gain access to network or data. Common attack vectors include Social Engineering (Phishing), Credential theft, inside job, and exploitation of a vulnerability in a software or system, etc.
- A successful cyber-attack may impact the Confidentiality, Integrity, and Availability of critical data and systems, that may result in loss of revenue, investigation costs, ransom demands, breach of privacy laws, property damage, and costs to rebuilt systems, etc.
The Mining Industry is not immune to these risks and as the shift towards IoT, automation, and autonomous technology continues, losses from these events will continue to increase.
We trust that you will find this publication to be insightful and as always, please contact Stacey Lloyd at stacey.lloyd@aon.com if you want to discuss any of this content further.
Download our Mining and Natural Resources Industry Risk Insights, to read the full report.
