Skip to main content

Cybersecurity and artificial intelligence

We are focused on keeping our systems secure, protecting people’s privacy and using AI responsibly to help make our business safer and more productive.

As our sector becomes increasingly reliant on interconnected systems, automation and data-driven operations, robust cyber and digital security controls are essential to protect our people, assets and information.

Our focus areas

chip

Cyber resilience

Cyber security breaches are a material risk to our business. Our proactive approach includes identifying and assessing risks, and taking steps to reduce the likelihood and impacts of an incident

network

Privacy

We respect and work to protect the privacy and personal information of individuals

connection

Artificial intelligence

We recognise the potential for safe, well-governed AI to enhance the safety and productivity of our business

Our approach

The key elements of our approach to keeping our systems secure, protecting people’s privacy and using AI responsibly are outlined below.

Our cybersecurity programExpandCollapse

Our Group-wide cyber security program is designed to uplift capability and reduce exposure to cyber threats through effective controls. 

The controls we implement are designed and operated in alignment with the National Institute of Standards and Technology Cybersecurity Framework, an international best practice standard for information security controls.

Material security breaches are managed under our internal cyber incident response plan. No significant cybersecurity breaches, either withinour technology environment or via third parties, have occurred in the past three financial years.

Managing cybersecurity riskExpandCollapse

Our proactive approach includes identifying and assessing risks and taking steps to reduce the likelihood and impacts of an incident.

Key elements of our approach include:

  • Monitoring of critical cybersecurity controls by risk and control owners and through a dedicated stewardship program;
  • Annual reviews by external auditors of our cybersecurity risk management system and information security controls;
  • Reporting cybersecurity risk to the Risk and Audit Committee biannually, with monthly updates to our Lead Team and Board;
  • Mandatory cybersecurity awareness training for employees and select contractors; and
  • Management of third-party cyber risk through a dedicated reporting platform and contractual agreements that include cybersecurity and privacy clauses.
PrivacyExpandCollapse

We understand the importance of the personal information entrusted to us.

Protecting people’s personal information and being transparent about how we use it are essential aspects of the way we do business.

Learn more about how we collect, manage, and use personal information in accordance with applicable privacy laws here.

Artificial intelligenceExpandCollapse

We take a risk-based approach to AI, supported by governance and internal controls to enable its responsible development and deployment.

Our approach is guided by four strategic pillars:

  • Safety: Supporting safety risk management through learning from past events and investigations;
  • Value generation: Improving production throughput, yields, and blending, and delivering sustainability co-benefits such as reduced energy and water use;
  • Exploration: Delivering exploration and orebody insights more quickly and efficiently; and
  • Productivity enablers: Using generative AI to boost efficiency through quicker, easier access to information and insights.

In FY25, we assessed our alignment with several national and international responsible AI frameworks, including the European Union's AI Act, the Australian Government’s Voluntary AI Safety Standard, the Australian Institute of Company Directors' governance principles, and frameworks developed by Alphinity Investment Management and the Commonwealth Scientific and Industrial Research Organisation (CSIRO).

We continue to strengthen our approach to align with these and other emerging standards.

Related information

Human rights

Our commitment to respecting human rights is at the core of our approach to sustainability.

Learn more
a glove hand holding nickel

Modern slavery

We recognise the important role South32 can play in addressing modern slavery within our sphere of influence.

Learn more

Operating ethically

Our focus is on building strong, mutually beneficial and trusting relationships with our stakeholders.

Learn more