A fast-growing slate of reporting obligations, coupled with increasingly sophisticated cyber criminals like hackers, hacktivists, and nation-state threat actors, underscores natural resource companies’ urgent need for robust cyber defenses. A breach can be devastating for a business, the infrastructure it supports, and the consumers who rely on them.
A proactive approach to cybersecurity can help significantly reduce the chances of a breach, protect against both internal and external threats, and mitigate financial and operational impacts if an event does occur. Here are some proactive measures natural resources companies can take to bolster their cyber defenses.
Recognizing the Threats
Cyberattacks can negatively affect revenues, share price, cash-on-hand, day-to-day operations, and stakeholder trust. In the case of natural resources companies, ransomware attacks are increasingly common. In 2024, the average ransom was $2.73 million — up from $1 million in 2023 — and the average downtime following a ransomware attack is 24 days, further compounding the costs of the ransom itself.
But ransomware is not the only threat that natural resources companies will face. Companies should conduct a thorough risk assessment to identify potential vulnerabilities unique to their operations. Performing regular security audits and staying informed regarding threat actors’ evolving tactics are also crucial to developing a strong cyber defense. No business can afford to ignore the risks or delay implementing a cybersecurity strategy.
Gain a comprehensive understanding of your attack surface, identify weaknesses in your security controls, and leverage deep analytics to uncover areas for optimization.
Building a Foundation
A resilient data infrastructure is the bedrock of any cyber defense plan.
Companies should start by conducting a cyber risk assessment to help them evaluate the current state of their programs, identify gaps, and develop a strategy to close them. At the same time, a strong data foundation will make it easier to track and store data, monitor for irregularities, and improve daily operations — reducing the risk of errors that could create or worsen vulnerabilities.
Companies should also refer to established benchmarks, such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework, for additional guidance.
Combating Insider Risk
Insider risk describes the possibility that individuals within a company — whether intentionally or unintentionally — could expose or threaten its data or systems. One-quarter (25%) of all data breaches are due to insider activity. The consequences can be substantial, with an estimated average of $15 million in total costs due to an exposure.
To mitigate the chances of an insider-driven breach, companies need insight into all sources of insider risk, such as personal cloud accounts, source code repositories, or customer relations management (CRM) systems. Newer tools like generative artificial intelligence (AI) can also be sources of insider risks. Because AI requires data to function and respond to user prompts, 89% of organizations worry that employees might accidentally expose data through AI inputs.
But organizations can take concrete steps to mitigate insider risk, including:
Employee Training and Awareness
Most cyber events that stem from insider actions are accidental, due to mistakes or misunderstandings around new technology and tools. To mitigate these threats, companies should invest in change management to provide employees with training modules for newly adopted technologies and raise awareness of threats like phishing, malware, and social engineering. Training should include multiple sessions, and employees should be encouraged to revisit them periodically. Quality training and awareness efforts can reduce the risk of human error, empower employees to recognize and respond to anomalous activity, and contribute to an organizational culture of cyber defense.
Data Loss Prevention (DLP) Tools
Companies can implement DLP tools across their systems to track data for security policy violations. They can be especially impactful for companies with distributed or hybrid workforces, where employees often access sensitive data from remote or potentially unsecured connections. DLP tools extend the cybersecurity net beyond the physical office, covering employee laptops or other portable technology as needed.
Beyond these specific approaches, natural resources companies should also have an incident response plan that is specific to insider risks, which they can quickly call upon should a breach occur. An established plan will allow the company to trace the source of the event and implement any necessary mitigation or prevention measures more efficiently.
Maintaining Healthy Cyber Hygiene
Practicing healthy cyber hygiene can enhance responses to and reduce the overall risks of cyberattacks. Robust cyber hygiene includes comprehensive cybersecurity plans and associated reporting policies, as well as continuous monitoring across all teams and systems. At baseline, companies should adopt a zero-trust approach, meaning they should routinely check and verify the integrity of all information and operational technology (IT & OT). They should also place a special focus on consistent identification and authentication, especially for employees logging into or using software from remote locations.
Healthy cyber hygiene also includes vulnerability management and planning. IT teams should regularly probe internal systems for weaknesses, modeling different breach scenarios and issuing patches when necessary. Companies that rely on external providers for software or hardware should also coordinate closely with those providers to ensure they have the latest security patches. Delays in patching internal and third-party software are one of the most common and preventable sources of attacks.
Validate your cyber defenses with a free attack simulation. Test your current security setup against real-world cyber threats and identify vulnerabilities before attackers do.
How BDO Can Help
The challenge of addressing, building, and maintaining strong and up-to-date cyber defenses can seem overwhelming. Even when companies recognize the urgency, they may not know where to start or what to prioritize. In these cases, leveraging external knowledge and experience could prove helpful.
BDO’s cybersecurity professionals draw from deep natural resources industry and data security experience to help companies design a cyber defense strategy that works for them. Our teams can help assess risk profiles, model attack scenarios, and develop approaches that meet the unique needs of each organization.