Eaton, a global leader with expertise in power distribution, circuit protection, energy storage and automation, has released a new whitepaper titled "The importance of life cycle cybersecurity in mission critical power infrastructure". 

 

It puts the spotlight on cyber attacks on the built environment and facilities management (FM) facilities and IT firms.

 

The whitepaper explains how components such as switchgear, automatic transfer switches (ATS), uninterruptible power supplies (UPS), transformers, breakers, and protective devices - together with the programmable logic controllers (PLC) and commercial off-the-shelf (COTS) switches, routers, and firewalls used to integrate them into an operational technology (OT) control and monitoring network - can form an attack surface from which cybercriminals can gain access to a business and interact illicitly with its systems. 

 

It also explores what can be done to prevent this happening by plugging security gaps and introducing regular monitoring and upgrade routines with signed software to guarantee authenticity. It includes a useful supply chain cybersecurity checklist.

 

Eaton said both FM and IT (information technology) professionals are now working more closely than ever before to defend the built environment from cyberattack. 

 

Cybercriminals can access IT systems through a building’s power supply. It means that Facilities Management is now in the frontline against cyberattack, it stated.

 

In the worlds of OT and IT, the new buzzword is ‘electrification’ and that’s because power supply is critical to digitalization. 

 

As more aspects of our economy - including our vehicles - are electrified, every physical and digital link throughout our built environment must be secured. 

 

Systems that traditionally were standalone such as heating, ventilation and air conditioning (HVAC), indoor and outdoor lighting, and power supplies to car parks are increasingly sophisticated and necessarily interlinked, so they must be protected ‘as one’, stated Eaton. 

 

The global power distribution leader pointed out that cybercriminals can enter a business IT system and attack all parts of it through a single weak link such as an office printer, ceiling lights or an electric vehicle charging point. 

 

The only way to prevent this is by auditing every component and introducing new routines to ensure that the cybersecurity measures protecting them, and the links between them, remain up to the task. Signed software to guarantee the authenticity of upgrades is crucial, said a top official.

 

"We have noticed how buildings owners and managers, and the FM and IT professionals who work for them, assume all entry points into their systems are covered when they may be open to attack," stated Ashraf Yehia, Managing Director of Eaton Middle East.

 

"Our intense focus on cybersecurity means we are aware of those entry points and can offer solutions and advice. Defending the building in a unified way, and keeping up a continuous guard, is vital," he added.-TradeArabia News Service