A global change in culture has been materializing recently in the energy automation business for electric utilities with regards to cyber security. This has accelerated rapidly in the last three years, with the culmination of new standards and mature methodologies being deployed for the energy market. Electric utilities operate critical infrastructure in order to secure the reliability of the energy supply. Therefore the utility is focused on the uninterrupted operation and availability of the different components of the infrastructure from the control centers, substations, RTUs to the field devices. Former energy automation systems (EAS) have not been developed with cyber security in mind. They have been operated as an “island” with “private” communication connections to other systems. Starting with the introduction of internet technology, EASs became increasingly more interconnected and emerged as targets for “hacker” groups to attack the infrastructure. The process of awareness for cyber security issues started initially very slowly. The first attacks / incidents were not widely published and therefore not prevalently known. Nowadays the awareness of cyber security issues is growing due to the importance of energy infrastructure to be constantly in operation. The awareness of all the related cyber security topics needs to be extended in future to guarantee further smooth operation of the critical energy infrastructure. The operational failure of an EAS can have an extremely negative impact for industry, the general public and governments. Industry and households increasingly depend on electrical energy. Nobody will accept a blackout due to a cyber security attack.