Assess current readiness

            Protecting power devices can not only boost enterprises’ cyber defenses, but also strengthen trust with
            their customers. Gartner predicts that by 2025,  60% of organizations will use cybersecurity risk as a
            primary determinant in conducting third-party transactions and business engagements. Having a well-
            rounded cybersecurity approach that includes power management can serve as example to customers
            or partners that an enterprise takes network threats seriously across the board.

            Global safety standards offer a strong benchmark for IT teams to work from when deploying power
            devices and solutions. Underwriters Laboratories (UL) and the International Electrotechnical Commission
            (IEC) provide important guidelines for the implementation of  appropriate cybersecurity safeguards in
            network-connected  devices,  including  those  in  the  power  management  space. Deploying  UPSs  with
            network management cards that carry UL 2900-1 and ISA/IEC 62443-4-2 certifications can give teams
            peace-of-mind that their devices were developed with cybersecurity in mind.



            Employ best practices

            In  addition  to  leveraging  power  management  solutions  with  baked-in  cybersecurity  capabilities,
            enterprises  should  use  best  practices  with  power  management  technologies  that  apply  across  an
            interconnected  network.  Examples  include  using  firewall  and  industrial  security  solutions  as  well  as
            encrypting information; conducting routine security assessments; regularly updating antivirus software
            and antispyware; using advanced email filtering; establishing powerful password policies and end point
            protection; and offering employees cybersecurity awareness training.

            Enterprises should also look to execute remote firmware updates to keep current with the latest features.
            Selecting power devices that require cryptographic signatures for all firmware updates can help IT teams
            avoid cybersecurity risks. Additionally, looking for vendors that offer 24/7 monitoring across converged
            IT/operational technology (OT) environments will add an extra layer of protection and visibility for critical
            infrastructure.

            Although primarily developed to monitor and manage power devices – as well as gracefully shut down
            critical loads during outages – power management software can also be used to provide an inexpensive,
            highly  viable  air  gap  solution.  This  measure  helps  keep  secure  networks  physically  isolated  from
            unsecured ones including the Internet. Organizations such as Grandeur Housing  use this method to
            safeguard against ransomware attacks while enhancing overall cybersecurity.




            Embrace the evolution

            By  leveraging  power  management  software,  enterprises  can  stay  on  top  of  emerging  cybersecurity
            threats like the Ripple20 vulnerabilities, which surfaced during the early days of the pandemic and put
            many internet-connected devices in jeopardy. Power management software allows IT teams to keep up
            with the latest patches and secure their power management components from Ripple20 and other new
            threats that develop.





            Cyber Defense eMagazine – December 2022 Edition                                                                                                                                                                                                         180
            Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.