Building owners/operators and business owners are tapping into the power of smart building systems at a rapidly accelerating pace to improve their buildings’ operations and occupants experience. These smart building systems require OT (Operational Technology) devices to share their data, which is achieved by connecting those devices to IT networks. This leads to the integration of IT infrastructures residing in OT environments, which in turn introduces novel security threats across IT and OT. Business leaders have tasked their security and risk management leaders to develop strategies and policies that address the security ramifications of IT/OT convergence.
To help their customers, OT manufacturers have started to build cybersecurity into their connected products. At Cooper Lighting, thanks to our secure by design philosophy, cybersecurity is embedded in every connected product and platform we bring to market. Our secure development approach helps us manage cybersecurity risk throughout the product life cycle, from threat modeling and requirements analysis to verification and ongoing maintenance.
In 2018, we became the first lighting manufacturer to offer UL 2900-1 certified products. In 2020, we adopted the IEC (International Electrotechnical Commission) 62443 standards as an end-to-end framework for developing secure products and systems. With this transition, we become the first and only one in our industry to achieve dual certifications for the rigorous IEC and UL product certifications. While others might be satisfied just to meet these demanding global cybersecurity standards, at Cooper Lighting we see it as a stepping stone to exceeding customer expectations.
This white paper provides an overview of the different cybersecurity standards, the reasoning behind our adoption of the IEC 62443 series of standard, and our approach to applying it.