Our approach to managing cybersecurity risks

Certified labs dedicated to reducing cybersecurity risks

Connected devices and the data they generate continue to grow exponentially, with forecasts calling for more than 41.6 billion connected IoT devices by 2025.1 But a world of amped-up connectivity comes with an increased risk of cyberattacks.

Today's customers need cybersecurity addressed in order to minimise the threat of operational downtime, data loss, impacts on life-cycle costs and brand reputation. And because cybersecurity incidents can cripple an organisation in minutes, customers need suppliers to provide evidence that the products they sell comply with industry cybersecurity standards. That's why we are dedicated to establishing cyber-secure processes and innovating technologies that make trusted connections work.  

A connected world needs trusted environments. We are committed to advancing these new technologies and innovations, while building trust and ensuring the highest level of defence against emerging cybersecurity threats.


Michael Regelski, Senior Vice-President and Chief Technology Officer, Electrical Sector

How we help enable secure environments

In a hyper-connected world, trusted environments are a must. Eaton's commitment to defending those environments comes to life at our Product Cybersecurity Centre of Excellence, where our experts develop new ways to help protect products and systems against cyberattack, provide internal training and help customers deploy and maintain secure solutions.

In many companies, security is an afterthought, made evident by the number of updates deployed to account for process miscues. But at Eaton, cybersecurity is part of our DNA and an integral consideration, with strict protocols placed on the people, processes and technologies within our Secure Development LifeCycle process (SDLC), the programme that integrates security protocols at every phase of product creation. SDLC spans from inception through to deployment and maintenance, enforcing cybersecurity best practices via training, threat modelling, requirements analysis, implementation, verification and ongoing support.

Additionally, our cybersecurity best practices extend beyond our own labs to help keep our customers informed about potential vulnerabilities and provide industry insights well as tools and other educational content.

Learn more about our "secure-by-design" approach to cybersecurity

A series of industry firsts

For years, Eaton has maintained strict procedures at every stage of the product development process. This discipline has paved the way for collaboration with renowned standards leader, UL (Underwriters Laboratories), to establish measurable cybersecurity criteria for network-connected power management products and systems.

Eaton introduced the first research and testing facility approved to participate in UL's Cybersecurity Client Lab Validation programme in Pittsburgh, Pennsylvania. And in 2018, UL approved a second Eaton lab to join the programme – another industry first – in Pune, India. These accredited lab environments provide the global capability to test Eaton products with intelligence or embedded logic for key aspects of the UL 2900-1 1 standard. 

As Michael Regelski, Senior Vice-President and Chief Technology Officer for Eaton's Electrical Sector explains, "We know cybersecurity is a global threat and having the capability worldwide to ensure the highest standards are consistently applied to our technology is a key advantage for our customers."

There's no need to take chances with connected solutions. With products tested in our specialised labs, our customers can rest easier, knowing Eaton devices are compliant with the highest industry cybersecurity requirements before they're installed in critical systems.

In addition, the Eaton programme has most recently been expanded to include cybersecurity certifications under the IEC (International Electrotechnical Commission) 62443-4-2 standard as well as UL 2900-1 for Eaton's Gigabit Network Card and Industrial Gateway Card. This makes Eaton the first company in our industry to receive dual product certifications under IEC and UL standards. 

Dual product certification – an industry first

Cherrington facility - angled view
Eaton cybersecurity lab in Pittsburgh, Pennsylvania, USA
Eaton cybersecurity lab in Pune, India

Strengthening cybersecurity education and research 

Eaton’s emphasis on cybersecurity extends to partnerships with universities to attract and prepare the next generation of engineers to develop new security strategies for connected devices. For example, we’ve established the Eaton Cybersecurity SAFE (Security Assessment and Forensic Examination) Lab at the Rochester Institute of Technology (RIT) to provide students with hands-on experience in solving cybersecurity challenges. Together with RIT, we’re helping to equip the next generation of cybersecurity experts with the training and field experience needed to build secure products now and into the future. 

More security leads to less uncertainty

The general requirements for the UL 2900 Standard for Software Cybersecurity for Network-Connectable Products (UL 2900) include processes to test devices for security vulnerabilities, software weaknesses and malware. Backed by a testing methodology that aligns with UL requirements throughout the product development life-cycle, we're proud to announce a series of technologies that meet these UL cybersecurity standards.

Power Xpert Gateway 950

Enabling product and data security for downstream devices through 4G LTE, WiFi or wired Ethernet access, the Power Xpert Gateway 950 meets UL2900-1 cybersecurity standards. No other Eaton wireless connectivity device brings together data from such a wide variety of connected components to monitor electrical or industrial facilities.

Power Xpert dashboard

The Power Xpert Dashboard was the first power management product certified to the UL 2900-2-2 standard for cybersecurity in industrial control systems. This user portal to Eaton's switchgear enables customers to monitor, diagnose and control devices from outside the arc-flash boundary.

SMP IO-2230

The utility grid automation technology SMP IO-2230 is the first utility substation automation technology certified under UL 2900-2-2. The technology is designed to help global customers monitor and control intelligent electronic devices on the electric grid and in microgrid applications.

Gigabit Network Card

Eaton's Gigabit Network Card is the first UPS connectivity device to meet both the UL 2900-1 and IEC 62443-4-2 cybersecurity standards. This network card protects data centre uninterruptible power systems (UPSs) and power distribution units (PDUs) against cyberthreats. 

Industrial Gateway Card

Eaton’s Industrial Gateway Card also achieved industry-first certification under the UL 2900-1 standard as well as the IEC 62443-4-2 standard. This device facilitates remote monitoring of UPS systems through any building management system, enabling customised system maintenance actions and immediate notifications during power events, without having to be on site.

Continued innovation leads to new certification

These are the first of many Eaton power management devices that will attain UL 2900 and IEC 62443 certifications. Look to Eaton for a growing portfolio of technologies certified to these critical cybersecurity standards going forward.

The availability of these technologies differs by region and market. Please contact a local Eaton office to discover how we can help you.

  • Additional cybersecurity resources

    Discover insights that broaden your understanding of cybersecurity and help you build more secure networks.