Organisations facing challenges on IoT security and require automatic zero trust protection, firmware scanning, and on-device runtime protection for enterprises
In 2022, the market for the Internet of Things (IoT) is expected to grow 18% to 14.4 billion active connections. By 2025, as supply constraints ease and growth further accelerates, there will be approximately 27 billion connected IoT devices.1
It is important to consider these numbers and take them seriously. Year after year, more IoT devices are being manufactured and connected. Here’s more troubling news – in 2021 alone, there were over 1 billion IoT-related cyberattacks.2
IoT has become integrated everywhere and into everything, including your enterprise environment. This is a particularly good thing if proper precautionary measures are taken for security. There are many examples of positive IoT use cases: It can increase employee productivity, enable mission critical processes to run smoothly and efficiently.
However, this same technology can also open your enterprise up to cyberattacks. Take Verkada, the IoT building-security startup that was hacked in 2021, exposing footage from over 150,000 connected surveillance cameras belonging to 95 customers.
In India, according to Statistica, in 2019, there were approximately 250 million internet of things (IoT) connected devices and this number was expected to reach over two billion by 2021. With the use of IoT devices expected to grow in India, there is cause for concern as many of these IoT devices can be unpatched and, in many cases, exist invisibly throughout the network. This is a cause for concern in India, where an organization is being attacked on average 1742 times per week in the last 6 months, compared to 1167 attacks per organization globally, according to Check Point’s Threat Intelligence report.
Organisations today must have the ability to protect against IoT network threats. From IP cameras and smart buildings to access devices and printers, they must protect their infrastructure against IoT network cyberattacks and identify and protect all IoT devices on the bank network.
In this article, we will go over the complexities involved with securing IoT devices and how our new solution, Quantum IoT Protect, provides value to our customers.
What was announced?
Quantum IoT Protect is available as a software blade within Check Point’s Quantum ‘Titan’ release R81.20, which revolutionizes network security by blocking the most evasive zero-day DNS, phishing, and IoT attacks. Titan combines our innovative AI deep learning technology, advanced global threat intelligence, and Check Point patented techniques to immediately identify and block the most sophisticated threats. Titan also delivers operational efficiency by extending new cloud-based capabilities to on-premises Quantum firewalls through Infinity Cloud Services. This makes it easy to expand network security capabilities without the traditional operational issues involved with updating firewalls.
However, in this article w will focus specifically on Quantum IoT Protect and the value it provides for our customers.
With Quantum IoT Protect, you can start discovering and protecting your IoT assets in just minutes. We are the first and only vendor that can protect not only network IoT-related attacks, but also the IoT device themselves through the device’s firmware. The solution automatically builds and autonomously enforces zero-trust network access profiles for IoT assets, protecting them against known and unknown cyber threats. The solution leverages industry leading threat intelligence, over 300 IPS signatures, firmware scanning, and on-device run-time protection – all within a single management console.
Check out the Quantum IoT Protect overview video below:
<iframe width=”560″ height=”315″ src=https://www.youtube.com/embed/hJm5MWE-obA title=”YouTube video player” frameborder=”0″ allow=”accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture” allowfullscreen></iframe>
How does Quantum IoT Protect Work?
Quantum IoT Protect discovers all the assets connected to your organization, providing full visibility to all of these devices and their connections – including IP Cameras, Network Printers, PoS Systems, and more. The assets connected to your organization are identified, highlighted with its associated security risk, and automatically grouped together by device type and role.
The greatest value for our customers comes in this next step. It only takes a couple minutes after turning Quantum IoT Protect on for full visibility and protection for the discovered assets to occur. Plus, you don’t have to worry about any assets that will connect in the future, or change IP addresses, as Quantum IoT Protects keeps the inventory up to date.
Autonomous Zero Trust Protection
One of the consistent struggles our customers approach us with is the complicated task of manually creating zero-trust policies for their assets. Consequently, most of the traffic coming to and from the connected devices is left open. Luckily for them, Quantum IoT Protect automatically builds and enforces zero-trust network profiles for your entire inventory of connected assets on their Quantum Security Gateways. This blocks any unauthorized access preventing any damage to the organization. The autonomous zero-trust network profiles are built on advanced AI technologies, research, and behavior analytics to extend zero-trust practices into IoT assets. IoT and OT environments change frequently and it’s important that your IoT security solution can automatically adapt in real-time to secure these devices.
Advanced Network Threat Prevention
Leveraging Check Point’s industry leading IPS, Quantum IoT Protect can block attempts to exploit known IoT vulnerabilities in real-time. Check Point offers over 10,000 protections for IT and IoT related vulnerabilities as well as several hundreds of protections targeted at Industrial Control Systems. These protections can be applied as virtual patches, which is a huge benefit in a world where IoT device patches are near impossible to complete due to various reasons – including difficult to reach device locations, mission critical runtime, complex protocols and standards, etc.
Preemptive On-Device Security
Quantum IoT Protect also offers the ability to secure IoT devices themselves, at a high scale. For example, it may be difficult for some to protect certain IoT devices that cannot sit behind a security gateway or are so sophisticated that it seems impossible to protect against. This security is built directly into the IoT devices firmware, scanning the firmware for vulnerabilities, and blocking any threats in real time. The solution continuously monitors the device’s firmware to ensure security is always up to date. With Quantum IoT Protect, we are offering revolutionary on-device runtime protection for device manufacturers to develop connected IoT devices with built-in firmware security. Check Point’s Nano Agent® is added to the IoT device with the assistance of the device manufacturer monitoring the current state of the device and acting based on anomalies to identify and remediate zero-day attacks.
To learn more about this, read about some of the work we’ve been doing with Intel and Provision-ISR.
Unified Management Console
IoT discovery, protections, policy creation, event analysis and much more is offered as an end-to-end solution through a single management console with Quantum IoT Protect. With the new Quantum Cyber Security Platform ‘Titan’ release (R81.20) mentioned earlier, Quantum IoT Protect is integrated directly into the Check Point’s security management architecture, making it simple for customers to define unified access control policies and investigate threats through a single pane of glass. Now, you can autonomously monitor IoT logs/data using behavior-based AI & ML; which automatically updates the on-premises security management IoT access control and threat prevention policies.
Why Is Check Point Unique?
With the release of our Quantum Security Platform ‘Titan’ (R81.20) mentioned earlier, including Quantum IoT Protect, Check Point is the only vendor in the market that proactively prevent cyber threats at the device and network level, while other vendors are focused individually on scanning, posture, monitoring, and alerts. The reality of the market is that customers not only need discovery of attacks, but also technology that can prevent the attacks.
Plain and simple, we make device discovery effortless by embedding it directly into our Quantum Security Gateways without the need of any additional hardware sensors. Check Point is the first and only vendor to build and enforce autonomous zero-trust network access profiles to prevent IoT-related cyber threats. For use cases that require advanced discovery, like Industrial and Healthcare organization, we continue to deliver tightly integrated partnerships with industry experts (like Armis and Claroty). These specific partners bring the best device discovery and expertise into these specific use cases, while Check Point provides the best security capabilities. And lastly, we can embed IoT protections directly into the device firmware, creating additional partnerships with device manufacturers to provide preemptive threat prevention for zero-day attacks on IoT devices.
By Harish Kumar, Head, Enterprise, Check Point Software Technologies, India & SAARC