• rcr icon

    Accelerated Cybersecurity Training Program

    Catalyst Cyber Accelerator

    Corporate Training

    Cyber Talent Acquisition

    Mastercard Emerging Leaders Cyber Initiative

    Catalyst Fellowship Program​

    Explore All
    Explore All

Ideas

When digital threats become physical risks: Why cybersecurity is mining’s next safety standard

As mines undergo digital transformations, cybersecurity risks overlap significantly with safety.

In the mining sector, safety is the core culture. Yet, because it is more invisible than the physical risks of a mineshaft, cybersecurity has been left behind. Weighing physical safety as a higher priority than digital safety is a damaging downfall. 

The culture of safety in mining is long‑established, built upon tragedies like the November 20, 1968 Farmington No. 9 coal‑mine explosion, which killed 78 miners and triggered sweeping U.S. legislation including the 1969 Coal Mine Health and Safety Act and the creation of MSHA. 

Today, safety remains a core priority across the sector. Cybersecurity, on the other hand, trails far behind — but its risks are no less severe: recent Claroty survey data indicates that 26% of cyber incidents in mining resulted in production shutdowns, 30% led to loss of customer or partner relationships, and 28% implicated public safety.

When surveyed about the financial toll of cyberattacks, nearly 70% of respondents indicated their organizations had incurred losses exceeding $100,000 and more than 30% reported damages surpassing $1 million. The most frequently cited cost drivers behind these losses included legal expenses, lost revenue, and regulatory penalties. The data underscores the substantial financial burden that recurring cyber threats impose on the sector. And yet, cybersecurity lags behind.

A cyberattack that interrupts OT or automation systems can halt operations altogether, accumulating multi‑million‑dollar losses per day, exposing environmental compliance failures, and damaging reputation. And yet, cybersecurity still receives significantly less strategic and regulatory attention than physical-site safety.

A 2025 report by EY demonstrates this unfortunate trend. Researchers found that cybersecurity has dropped out of the top 10 risks of mining and metals companies. But the reason is more startling than the statistics. Cybersecurity didn’t make the list because it’s now considered business as usual. But, this story isn’t complete. The cyberattack trends paint a different picture, and it doesn’t add up. According to MM-ISAC’s (Metal and Mining Information Sharing Analysis Centre) 2024 report, there has been a 200% increase in cyber incidents impacting the mining and metals sector in Canada.

Those in cyber who are dedicated to securing mines have no interest in overturning the emphasis on physical safety. In fact, as safety-focused practitioners, they endorse it. But there’s no doubt, as mines leverage the latest technologies and radically digitalize operations to stay ahead, cybersecurity and safety are on the table. Not only that, but they’re a permanent fixture.

The importance of mining to Canada

Mining is critical to Canada’s economy. The mining industry contributes $24B to provincial GDP in Ontario and 694,000 jobs nationwide. Mining accounts for ~5% of Canada’s GDP and is one of the assets that will unleash Canada’s economic potential. Unbeknownst to most Canadians, Canada is home to 200 active mines, most spread between Ontario, Quebec, and British Columbia. The top five commodities gold, potash, coal, iron ore concentrates, and copper comprise over two-thirds of the sector’s total value.

Critical minerals, essential to modern technology, clean energy, and national security, have also been under the spotlight due to the recent geopolitical climate. Canada is recognized as having one of the world’s most important reserves of these critical minerals, and as emphasized by Canada’s Critical Minerals Strategy, they will play a significant role in the country’s future prosperity.

As the Canadian mining sector establishes its place on the global stage, it will entice cybercriminals and nation-state actors. Cybercriminals are profit-driven and will target organizations with the ability to pay a ransom. Additionally, nation-state actors are driven by political interests and will target industries of strategic importance. Mining is in the crossfire.

What are the key cyber threats?

What are the key cyber threats in mining?

  • Human-driven threats
    • Phishing and social engineering.
      Threat actors (including cybercriminals and nation-state actors) leverage publicly available information to exploit mining company employees.
    • Insider threats.
      Disgruntled employees or those who may be bribed may steal sensitive information or install malicious software on behalf of threat actors.
  • System & supply chain vulnerabilities
    • Supply chain risks.
      Mining companies deploy a wide array of technologies, and a cybersecurity incident affecting the service provider may impact the mining company.
    • Legacy OT systems.
      Operational technology deployed at mine sites was not designed with security considerations in mind and presents a considerable risk if connected to IT systems.
    • Remote access exploits.
      An increase in the number of monitoring and control systems that allow remote access opens up the attack surface for threat actors to exploit.
  • Attack types
    • Ransomware.
      The deployment of malicious software to disrupt an organization’s operations threatens the continuation of business and causes financial and reputational impacts.
    • Industrial espionage.
      The theft of geological exploration data and corporate strategic data may result in loss of potential earnings and investor confidence.
  • Gaps in design. training and awareness
    • Engineering oversights in security-by-design.
      Operational technologies focus on maintaining high levels of uptime, longevity, and efficiency. Security is often an afterthought.
    • Gaps in understanding among general managers at the site level.
      Cybersecurity is viewed as the responsibility of IT professionals and is often seen as a cost to the business.
Cyber risk in mining isn’t abstract, it’s operational and human. As mines continue to adopt smart systems, remote operations, and complex digital infrastructure, the attack surface grows — and so does the potential for real-world harm. Just as we wouldn’t send workers underground without ventilation checks or haul trucks without brake inspections, we can’t afford to treat cybersecurity as optional. It must be embedded into the same systems, protocols, and leadership culture governing physical safety. Because in modern mining, securing people’s safety means securing critical systems.

Cyber threats look a lot like safety hazards

In mining, the impacts of compromised safety are dire. Operational Technology (OT) cyberattacks can tamper with automated machinery, haul trucks, or drilling systems, leading to malfunctions that put workers at high risk. If ventilation systems are disabled in underground mines, it can lead to catastrophic incidents as gas builds up and the risk of an explosion increases. In mining, safety isn’t an annual repeat PowerPoint presentation at an all-staff meeting. It’s critical to daily operations and human lives. Safety is deeply embedded in the culture — in daily briefings, capital planning, and the leadership mindset. It’s non-negotiable. By contrast, cybersecurity is still often categorized as an ‘admin’ expense despite its far-reaching impact on operations and overall sustaining costs. Many security initiatives are underfunded as cyber risks are underreported, and teams struggle to justify the ROI. 
Cybersecurity is safety. And this is where the shift in thinking needs to happen. The parallels are striking:
Safety incident Cybersecurity incident
Can cause operational shutdown Can halt production systems
Impacts worker health & safety Can affect autonomous haulage, ventilation, etc.
Attracts regulatory scrutiny Can trigger privacy enforcement
Damages trust with workers and the public Damages trust with investors and partners
Often avoidable with training and protocols Often avoidable with awareness and governance
Safety is tangible in cybersecurity because it’s a human issue. Education is the first step, starting with employee training and awareness programs. Cybersecurity training must extend beyond IT — reaching all corners of the organization. Through remote field education, mining employees from industrial facilities to administrative offices must all have a strong and ongoing cyber education to reduce the chance or impact of a major incident. The cost of inaction is too high.

More from the Catalyst

Return to News and Media

Rogers Cybersecure Catalyst is Toronto Metropolitan University’s national centre for training, innovation and collaboration in cybersecurity.

Join the Catalyst community by subscribing to our newsletter

Stay connected and help shape the cybersecurity ecosystem.

© Rogers Cybersecure Catalyst

Accessibility

Terms Of Service

Notice of Collection