When Steel Pipes Lead on IT Drills: A Lesson for Mine Sites

TMK’s stated objective went beyond competency development: the company explicitly frames IT stability and security as directly affecting financial results and operational efficiency

Decision Lens

The operational technology environment at a modern mine site — autonomous haulage systems, SCADA-controlled processing plants, remote monitoring infrastructure — carries cybersecurity exposure that is structurally similar to the integrated industrial IT environments that TMK, a major Russian pipe metallurgical company, has started stress-testing through formal cross-functional exercises. TMK’s model is not a mining story. But the gap it exposes is: most mine sites treat IT and OT security as separate functions, and few run structured exercises that force infrastructure, security, and operational teams to solve problems together under simulated failure conditions.

90-Second Brief

In recent days, tMK publicly disclosed its internal IT exercise program at the VI Smart Mining & Metals International Forum, signaling readiness to open the model to external partners. The program, called the Horizons IT track, combined infrastructure, cybersecurity, and development teams with business units in applied scenario exercises. In 2025, 48 specialists worked through a simulated company merger to design unified IT infrastructure. TMK is now inviting peer organizations to participate in joint exercises.

What’s Actually Happening

TMK structured its Horizons IT track around three combined disciplines — infrastructure, security, and development — running teams through applied business scenarios rather than siloed technical drills. In the 2025 iteration, the IT track was integrated with the Marketing and Sales department for the first time, and the exercise scenario — designing a unified IT infrastructure following a simulated company merger — forced participants to understand how individual specialist decisions cascade across functions.

The exercise format included team competitions on prototyping, cyber scenario work, and pitching-format presentations. TMK’s stated objective went beyond competency development: the company explicitly frames IT stability and security as directly affecting financial results and operational efficiency. TMK has extended an open invitation to peer industrial organizations to participate in joint versions of these exercises, having presented the model at a forum drawing more than a thousand participants and roughly a hundred experts from across the metallurgical sector. Whether mining companies are actively engaging with that invitation is not confirmed in available evidence.

Why It Matters for Mining Operations Directors?

Mine sites run some of the most complex integrated operational technology environments in any industry — autonomous truck fleets, remote blast control systems, plant SCADA networks, and real-time grade monitoring infrastructure. These systems are increasingly networked, and many operations have expanded remote monitoring and control capability since 2020. The cybersecurity exposure that comes with that connectivity is real, but the organizational response at most sites remains fragmented: IT teams handle network security, OT teams manage control systems, and operational managers remain largely outside both conversations.

What TMK’s model demonstrates — in a heavy industrial context, if not a mining one — is that cross-functional exercises can shift how specialists understand their interdependencies. If a processing plant control system fails during a ransomware event, the constraint is not purely technical; it involves maintenance decision-making, plant shutdown sequencing, and communication with corporate. Mine operations directors who do not have a practiced cross-functional response to that scenario carry unquantified operational risk. The TMK model does not resolve that risk, but it names the gap.

The Forward View

The metallurgical and mining sectors are converging on a common operational technology exposure as both digitize production infrastructure. Regulatory attention to critical infrastructure cybersecurity is increasing across multiple mining jurisdictions, and insurers are tightening underwriting conditions for industrial cyber risk. That trajectory puts pressure on mine operations directors to demonstrate that their sites have tested, not just documented, their incident response capability.

TMK’s decision to open its exercise model to external partners creates a near-term option for industrial peers, though uptake from mining companies specifically has not been confirmed. More broadly, the direction of travel points toward formalized cross-functional cyber exercises becoming a baseline expectation rather than a differentiator. Operations directors who wait for corporate IT to lead this process may find themselves behind the curve when a regulator or insurer asks for evidence of operational resilience testing.

What We’re Uncertain About?

• Whether mining companies are engaging with TMK’s invitation. The offer to participate in joint exercises is confirmed, but there is no evidence of uptake from mining-sector peers. What would resolve this: public disclosures from mining companies referencing participation, or follow-up reporting from the Smart Mining & Metals Forum.

• How transferable the TMK model is to mine site OT environments. TMK’s exercises focused on IT infrastructure in a manufacturing context. The operational technology stack at a mine site — including safety-critical systems — may require different exercise design. What would resolve this: documented examples of OT-integrated cyber exercises at operating mine sites.

• Whether regulatory pressure will accelerate adoption timelines. Cybersecurity mandates for critical industrial infrastructure are evolving unevenly across mining jurisdictions. The pace of regulatory change will materially affect how urgently mine operators need to formalize this capability. What would resolve this: jurisdiction-specific regulatory developments in Australia, Chile, Canada, or other major mining jurisdictions.

• Depth of the TMK model beyond the press release. The available evidence is a company disclosure at an industry forum, not an independent evaluation of exercise design or outcomes. Operational effectiveness of the format is not externally verified.

One Question to Bring to Your Team

If your processing plant control network went offline for 48 hours due to a security event, does your operations team — not just your IT team — have a practiced response, and when did you last test it together?

Sources

• Metallurgprom — TMK invited colleagues to participate in industrial IT exercises ” Metallurgprom (Link)