Protecting IoT devices and networks against cyber-attacks with IoT Protect

Editor’s brief: With the Internet of Things (IoT) becoming deeply embedded in our daily lives, and especially in industrial IoT (IIoT), the glaring lack of cybersecurity in such often simplistic devices and networks can be worrying indeed. All too often, some IoT devices are hardcoded and difficult to patch or upgrade, and they can be difficult to secure. Check Point Software launched IoT Protect, which can secure IoT devices and networks even agaisnt the most sophisticated attacks, especially important in critical infrastructures, power plants, oil and gas facilities, rail and mass transit systems, etc. Read more below.

SINGAPORECheck Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has introduced its Internet of Things (IoT) Protect solution to secure both IoT devices and networks in smart building, smart city, healthcare, industrial and critical infrastructure environments against all types of advanced Gen VI cyber-threats. The solution delivers threat prevention and security management capabilities to block even unknown cyber-attacks at both IoT network and IoT device level, using threat intelligence and innovative IoT-specific security services.

The majority of organisations across the commercial, industrial, healthcare and utility sectors have deployed IoT and operational technology (OT) solutions, but this has significantly increased their cyber-risk. Many IoT devices have vulnerabilities and cannot be patched, or use insecure communications protocols. In addition, organisations have diverse estates of devices from multiple vendors, with many shadow devices that are unmanaged and connected to networks without authorisation, so organisations have limited visibility and control of devices and their associated risks. A recent Check Point survey* highlighted these issues: 90% of respondents reported their organisations have shadow IoT devices on their networks, with 44% stating that at least half of their IoT devices were connected without the IT or security teams’ knowledge. Just 11% of respondents stated they had fully implemented an IoT security solution, and 52% have no IoT security deployed at all.

As a result, 67% of enterprises and 82% of healthcare firms have experienced IoT-related incidents. These growing attacks against IoT devices and networks, combined with the rapid move to remote working enforced by the Covid-19 pandemic, demand the most advanced, comprehensive security fabric that can identify vulnerable IoT devices, apply protection, and stop evasive cyber-threats.

“The number of IoT devices connected to the Internet continues to accelerate and will be 41.6 billion by 2025. Cyber criminals are targeting IoT devices across all industries including medical, industrial, smart building, smart office, so enterprises are making security a high priority. Given the huge volume and variety of IoT devices, organisations need an easy way to deploy security.” said Robyn Westervelt, IDC’s Research Director, Security & Trust. Check Point’s comprehensive IoT Protect Security solution uses automation and threat intelligence to provide device risk assessment, network segmentation, and threat prevention from the most sophisticated cyber-attacks.”

Check Point’s IoT Protect gives network-level security and policy management together with Check Point security gateways, and IoT Protect Nano-Agents, which enable on-device runtime protection. IoT Protect integrates with the industry’s leading IoT asset discovery platforms across the healthcare, industrial, smart office and smart building sectors to secure hundreds of thousands of IoT devices. The solution delivers:

  • Complete IoT device visibility and risk analysis:  it identifies and classifies IoT devices on any network through integrations with the leading discovery engines, to expose risks such as weak passwords, outdated firmware and known vulnerabilities.
  • Vulnerability mitigation and zero-day threat prevention even on unpatchable devices:  IoT devices can be ‘virtually patched’ to fix security flaws, even those with unpatchable firmware or legacy operating systems. IoT Protect features 60 IoT-specific security services to identify and stop unauthorized access and traffic to and from devices and servers, and to prevent IoT-targeted malware attacks. The unique IoT Defense Nano-Agent can also be embedded on devices to give built-in zero-day prevention.
  • Intuitive Zero Trust network segmentation and management:  the solution applies and enforces granular security rules across the entire IoT network fabric based on device attributes, risks and protocols, and supports holistic security policy management in a single pane of glass for both IT and IoT networks.

“We wanted to ensure that we had complete visibility and control over security across our IT network, and all of the devices on our operational technology (OT) networks in our manufacturing facilities,” said Kalpesh Shah, Digital Risk Offer and CISO, CIPLA Limited, a multinational pharmaceutical and Biotechnology Company. “With Check Point’s IoT Protect solution, we were able to discover all devices on the OT network identify vulnerabilities in them and apply virtual patches to eliminate security threats to these systems. We were also able to block all unnecessary communications to devices, which has enhanced OT performance.”

“From IP cameras to smart elevators, medical devices and industrial controllers, many IoT devices are inherently vulnerable and easy to hack. But securing these growing networks of devices is extremely challenging because of their diversity – which means organisations themselves are extremely vulnerable to attacks,” said Itai Greenberg, VP, Product Management of Check Point.  “IoT Protect is unique in giving organisations a complete, end-to-end security fabric that protects at both the network and device level, and is easy to set-up and manage. This enables even legacy, unpatchable devices to be protected against various types of attack or exploitation, preventing disruption and damage to critical processes.”

IoT Protect offers the industry’s largest IoT discovery ecosystem to secure hundreds of thousands of IoT devices. Check Point maintains an open framework of technology partners specializing in the discovery and classification of IoT devices in a variety of verticals. With some of which agreements were signed that allow Check Point’s customers to get an end-to-end solution. These partners include as of today Armis, MediGate, Claroty and Ordr. IoT Protect supports over 1,600 IoT and operational technology (OT) protocols, applications and commands out of the box, and enables compliance best practices for regulations including HIPAA, NERC CIP, GDPR and many others. Its market-leading threat prevention capabilities are powered by Check Point ThreatCloud, the world’s largest and most powerful threat intelligence database.

IoT Protect is available immediately.  Full details are available from:

* Survey of over 400 IT security professionals at enterprise organisations internationally, conducted by Dimensional Research