Connected devices and the data they generate continue to grow exponentially, with forecasts calling for more than 41.6 billion connected IoT devices by 2025.1 But in a world of amped-up connectivity comes an increased risk of cyberattacks.
Today's customers need cybersecurity addressed in order to minimize the threat of operational downtime, data loss, impacts on lifecycle costs and brand reputation. And because cybersecurity incidents can cripple an organization in minutes, customers need suppliers to provide evidence that the products they sell comply with industry cybersecurity standards. That's why we are dedicated to establishing cyber-secure processes and innovating technologies that make trusted connections work.
A connected world needs trusted environments. We are commited to advancing these new technologies and innovations, while building trust and ensuring the highest level of defense against emerging cybersecurity threats.
In a hyper-connected world, trusted environments are a must. Eaton's commitment to defending those environments comes to life at our Product Cybersecurity Center of Excellence, where our experts discover new ways to help protect products and systems against cyberattack, provide internal training and help customers deploy and maintain secure solutions.
In many companies, security is an afterthought, made evident by the number of updates deployed to account for process miscues. But at Eaton, cybersecurity is part of our DNA and an integral consideration, with strict protocols placed on the people, processes and technologies within our Secure Development LifeCycle process (SDLC), the program that integrates security protocols at every phase of product creation. SDLC spans from inception through to deployment and maintenance, enforcing cybersecurity best practices via training, threat modelling, requirements analysis, implementation, verification and ongoing support.
Additionally, our cybersecurity best practices extend beyond our own labs to help keep our customers informed about potential vulnerabilities and provide industry insights as well as tools and other educational content.
For years, Eaton has maintained strict procedures at every stage of the product development process. This discipline has paved the way for collaboration with renowned standards leader, UL (Underwriters Laboratories), to establish measurable cybersecurity criteria for network-connected power management products and systems.
Eaton introduced the first research and testing facility approved to participate in UL's Data Acceptance Program for cybersecurity in Pittsburgh, Pennsylvania. And in 2018, UL approved a second Eaton lab to join the program — another industry first — in Pune, India. These accredited lab environments provide the global capability to test Eaton products with intelligence or embedded logic to key aspects of the UL 2900-1 1 Standard.
Michael Regelski, senior vice president and chief technology officer for Eaton's Electrical Sector explains, "We know cybersecurity is a global threat and having the capability worldwide to ensure the highest standards are consistently applied to our technology is a key advantage for our customers."
There's no need to take chances with connected solutions. With products tested in our specialized labs, our customers can rest easier, knowing Eaton devices are compliant with the highest industry cybersecurity requirements before they're installed in critical systems.
Dual product certificaton -- an industry first
Eaton’s emphasis on cybersecurity extends to partnerships with universities to attract and prepare the next generation of engineers to develop new security strategies for connected devices. For example, we’ve established the Eaton Cybersecurity SAFE (Security Assessment and Forensic Examination) Lab at Rochester Institute of Technology (RIT) to provide students with hands-on experience in solving cybersecurity challenges. Together with RIT, we’re helping to equip the next generation of cybersecurity experts with the training and field experience needed to build secure products now and into the future.
The general requirements for the UL 2900 Standard for Software Cybersecurity for Network-Connectable Products (UL 2900) include processes to test devices for security vulnerabilities, software weaknesses and malware. Backed by testing methodology that aligns with UL requirements throughout the product development lifecycle, we're proud to announce a series of technologies that meet these UL cybersecurity standards.
The Power Xpert Dashboard was the first power management product certified to the UL 2900-2-2 Standard for cybersecurity in industrial control systems. This user portal to Eaton's switchgear enables customers to monitor, diagnose and control devices from outside the arc flash boundary.
The utility grid automation technology SMP IO-2330 is the first utility substation automation technology certified under UL 2900-2-2. The technology is designed to help global customers monitor and control intelligent electronic devices on the electric grid and in microgrid applications.
Eaton’s Gigabit Network Card is the first UPS connectivity device to meet both UL 2900-1 and IEC 62443-4-2 cybersecurity standards. This network card protects data center uninterruptible power systems (UPSs) and power distribution units (PDUs) against cyberthreats.
Eaton’s Industrial Gateway Card also achieved industry-first certification under the UL 2900-1 standard as well as the IEC 62443-4-2 standard. This device facilitates remote monitoring of UPS systems through any building management system, enabling customized system maintenance actions and immediate notifications during power events, without having to be onsite.
These are the first of many Eaton power management devices that will attain UL 2900 and IEC 62443 certifications. Look to Eaton for a growing portfolio of technologies certified to these critical cybersecurity standards going forward.