CYBERSECURITY

The brave, new world of hyper-connected utilities

and industrial applications

From the Smart Grid to industrial controls,machine-to-machine networks to the "Internet ofThings", networked
intelligence is gainingexciting, new ground. But the more connected the world of utilities and industrial applications
becomes, the more vulnerable it is to hackers, malware and security intrusionsand the more cybersecurity matters.

1 Million pieces of
malware per day

ICS & SCADA

vulnerabilities
In 2014, there were 35 disclosed
vulnerabilities associated with
Industrial Control Systems (ICS)
and Supervisory Control and Data
Acquisition (SCADA) systems.2

The prevalence of
malware increased 26% in
2014 with more than 317
million new pieces of malware
created that year.1

THE THREAT

Sandworm vs. HMI

Recently, Sandworm malware
used internet-connected human
machine interface (HMI) at
well-known vendors to exploit ICS
software vulnerabilities.3

59% of cyber
incidents
affect critical
manufacturing
and energy
In 2014, 27% of cybersecurity
incidents were reported by
companies in critical
manufacturing. The energy
industry accounted for 32%.4

THE CHALLENGE
The disappearing line between IT and ICS networks.
Traditional control systems use serial devices connected through dedicated modems
with industry proprietary protocols, which amounts to security by obscurity.
Today, ICS is increasingly connected to enterprise networksand utilities are integrating
field devices into enterprise-wide information systems. But IT and ICS networks are
architected for very different purposes.

ICS networks

IT networks
Main focus: ensure the
confidentiality and the
integrity of data using
rigorous access control and
data encryption

Main focus: safety, availability

and data integrity
Control system security
protects the facilitys ability
to operate safely and securely,
regardless of what may befall
the rest of the network

Enterprise security
protects server data
from attack

THE SOLUTION
Cybersecurity is now a fundamental business requirement that should be treated
with the same importance as quality and safety in meeting business objectives.
Defense in depth
Eaton is helping customers address cybersecurity
challenges by developing defense in depth strategies
that integrate technology, people and operational
capabilities to establish different types of cybersecurity
barriers across multiple layers of an organization.

Policies, procedures, standards and guidelines

For the defense in depth strategy to succeed, there must
be well-documented and continuously reviewed policies,
procedures, standards and guidelines.

Firewalls
Firewalls provide the capability to add
stringent and multifaceted rules for
communication between various network
segments and zones in an ICS network.
Demilitarized zones (DMZ)
Network segmentation helps establish secure
control networks, grouping critical
components and isolating them via firewalls
from the business IT network.

Log and event management

Put systems in place to monitor and identify
suspicious or malicious activities and raise
awareness of new and potentially unauthorized
devices that appear in the environment.
Security policies and procedures
Create practical and enforceable policies specifically
designed for ICS that address access-related issues
such as physical access, contractors and vendors.
ICS hardening
Reduce as many security risks as possible by
securely configuring ICS networks to eliminate
unnecessary services and applications that offer
possible points to intruders.

Evolving cyber threats. Evolving regulations and standards.

There are numerous regulations and standards to be aware of as cyber threats are
constantly evolving. Here are some resources that can help you to stay on top of them:
The North American
Electric Reliability Corporation

Network Information
Security & Technology News

Institute of Electrical
and Electronics Engineers

nerc.com

nist.org

ieee.org

International
Electrotechnical Commission

Department of
Homeland Security

iec.ch

dhs.gov

Because cybersecurity is key to reliability.

Eaton takes a proactive approach to help customers execute their business in a safe, secure and
reliable way. To learn more about our policies, products and ongoing cybersecurity efforts across all
of our productsvisit Eaton.com/cybersecurity.

Follow the Charge

1. Source: http://www.symantec.com/connect/blogs/2015-internet-security-threat-report-attackers-are-bigger-bolder-and-faster
2. Source: Symantec ISTR 20, April 2015, Pg 62 http://www.symantec.com/security_response/publications/threatreport.jsp
3. Source: Symantec ISTR 20, April 2015, Pg 63 http://www.symantec.com/security_response/publications/threatreport.jsp
4. Source: ICS CERT Monitor, September 2014 February 2015