October marks Cybersecurity Awareness Month, a global initiative that raises awareness about online safety and encourages organizations to strengthen their defenses against cybercrime.

Launched in 2004 by the U.S. Department of Homeland Security and the National Cybersecurity Alliance, this campaign reminds us that security is not solely the responsibility of end users; it also falls on those who design and maintain the physical infrastructure that supports our digital systems.

Each year, the campaign focuses on a different theme. This year’s theme, “Stay Safe Online”, emphasizes practical steps such as stronger password management, multi-factor authentication, regular software updates, and timely incident reporting.

However, beyond the individual steps we can all take to protect our own personal data lies another critical layer of defense: the physical infrastructure that keeps digital systems operational. In data centers, power interruptions, environmental fluctuations, and unauthorized access can all create vulnerabilities that cybercriminals can exploit. In an era where downtime and breaches can cost millions, building infrastructure resilience is a cybersecurity imperative.

Protecting the Physical Infrastructure

When people think about cybersecurity, they often envision software firewalls, encryption protocols, or identity management tools. However, modern threats are no longer confined to the digital layer; they increasingly target the physical systems that house, power, cool, and connect to IT infrastructure.

Consider a few examples:

• A power outage or surge can disable defenses or create opportunities for malicious access during recovery.
• Inadequate environmental monitoring might allow tampering or sabotage to go unnoticed.
• Poorly managed racks or cabling can lead to accidental cross-connections, data leakage, or unauthorized device insertion.

In today’s interconnected world, cybersecurity must extend beyond software to include the physical infrastructure that keeps operations running securely.

How Legrand Solutions Support a Secure and Resilient Data Center

Legrand’s data center solutions portfolio is built around one key principle: resilience through intelligent infrastructure. By designing systems that deliver visibility, control, and reliability across power, cooling, and connectivity, we support organizations in maintaining both operational continuity and security integrity.

Uninterruptible Power Supply (UPS)

UPS systems protect sensitive equipment from power fluctuations and outages, ensuring data centers remain operational. However, their increasing interconnectivity also heightens their exposure to cyber threats that can severely disrupt data center operations.  

With UPS systems embedded in IT and operational technology (OT) networks, this connectivity creates new opportunities for risk, making it vital for organizations to adopt integrated security approaches. As cyber threats evolve, protecting UPS systems against attacks is essential to minimize downtime, safeguard data, and maintain service reliability.  

Common threats include malware, ransomware, DDoS attacks, and phishing. Vulnerabilities such as default credentials, unpatched software, and unsecured network exposure make these systems potential entry points for cyber intrusions.  

Recognizing this, Legrand’s UPS portfolio - including the Keor FLEX - is designed with security, scalability, and resilience at its core.  

Some of the features of the Keor FLEX UPS include:

• Multiple communication interfaces: Includes SNMP, TCP/IP, USB, Modbus, dry contacts, for secure integration with network management and monitoring platforms.
• Predictive diagnostics and remote monitoring: Detects abnormal operating conditions early, helping prevent failures that could expose vulnerabilities.
• Hot-swappable modular design: Ensures service continuity and reduces risk during maintenance or module replacement.
• Front-access maintenance design: Limits physical exposure by allowing all servicing from the front, supporting controlled and secure operation.
• Compliance with international standards: Includes IEC 62040-1/-2/-3 /-4, IEC 62443-4-2, and CE marking, certifying compliance with stringent safety and performance requirements.

Cybersecurity Regulations and Standards

Legrand’s UPS systems comply with European cybersecurity standards EN IEC 62443-4-1  and EN IEC 62443-4-2, which specify secure product development lifecycle requirements and technical security criteria for industrial automation and control systems (IACS).

These standards cover key security principles, including identification and authentication control, data confidentiality, system integrity, restricted data flow, timely response to events, user control, and resource availability.

Security assurance is reinforced through formal certification processes conducted by accredited testing laboratories and National Certification Bodies (NCBs) within Europe.

By implementing these standards, Legrand ensures UPS systems remain resilient to cyberattacks throughout their lifecycle by emphasizing secure design, implementation, defect and patch management, and incident response.

Intelligent PDUs

Rack power distribution units (PDUs) have evolved far beyond basic power strips. Today, they function as intelligent, networked devices that provide advanced management and monitoring capabilities, delivering real-time visibility, reporting, and alerting of power metrics and events. However, this connectivity also introduces new opportunities for cyber-attacks. Many legacy PDUs and infrastructure components still lack basic cybersecurity protections and are vulnerable to attack.

Legrand has embedded advanced cybersecurity features across its Raritan PX4 and Server Technology PRO4X intelligent rack PDUs powered by the Xerus™ firmware platform.

Why Xerus™ Stands Out:  

• Secure Boot: Ensures only verified firmware runs on your PDU, preventing tampering or malicious code execution.
• Vulnerability Testing (VAPT): Each firmware version undergoes rigorous internal and third-party testing, including penetration testing with industry-standard tools such as Nessus.
• Encrypted Communications: All devices use AES 128b/256b encryption with firewall support and strong password policies.
• SB 327 & NISTIR 8259 Compliance: Meets or exceeds the requirements of leading security regulations for IoT devices.
• Stringent Internal Standards: Ensure all connected products meet the LNCA security policies for IoT devices
• Frequent Firmware Updates: Two major and six minor releases annually, with urgent patches delivered fast.
• Customizable Alerts: Intelligent features such as SmartLock™ and webcam triggers deliver real-time visual alerts and automated response protocols for unauthorized access events.

Overhead Busway

As an integral part of the broader data center power distribution system, overhead track busways also help secure operational infrastructure. The Starline M70 Critical Power Monitor is a next-generation power monitoring device designed to optimize electrical infrastructure in mission-critical data centers. It delivers real-time, revenue-grade power monitoring with unparalleled precision and control to ensure peak performance, balance loads, and prevent failures.  

Key cybersecurity-supporting features include:

• Encrypted password storage: Protects login credentials from unauthorized access.
• Role-based access control: Admin privileges restrict configuration rights for enhanced security.
• Read-only display mode: Limits configuration access for certain users.
• Firmware vulnerability scans: Identifies and addresses potential weaknesses.
• Support for secure communication protocols: HTTPS and SSH protect data in transit.
• Multiple communication protocols: Includes SNMPv1/v2c, BACnet, Modbus TCP/RTU, etc., for secure integration and interoperability.
• Strong default credentials: Randomly generated 15-character passwords that must be changed upon first use.

Looking Ahead: Securing Data Center Infrastructure 

Data center power systems, ranging from UPSs to PDUs and busways, are critical infrastructure that require vigilant cybersecurity practices to prevent costly disruptions. A comprehensive approach that combines risk assessment, employee training, and advanced technologies can help organizations protect these systems against evolving threats.

By embedding cybersecurity into every layer of infrastructure, data centers can ensure continuity, data protection, and operational trust, reinforcing resilience where it matters most.

Are you looking to protect your critical infrastructure from evolving cyber threats? Contact our team to learn how Legrand's data center solutions can strengthen your data center from the inside out. Contact us here.