Devanesan Moses (known as “Moses”) is the Global Head of IoT/OT Sales for Check Point Software. Moses started his journey in cyber security back in 1998 helping customers secure their networks. His passion to enhance customer service led to the launch of Diamond Support in 2005 which was recognized as a strength of Check Point Support by Gartner in 2011, and continues to be the highest level support offering in the security industry. Moses led Check Point Professional Services and Lifecycle Management Services from 2011 through 2015 and during this period grew revenue by 420%. One of the highlights in 2014; he established a SWAT team to “Industrialize IT Security” by implementing 850 physical NGFW clusters in stores of one of North Americas largest retailer. This project was designed from ground up which included new management architecture, migration of firewall policies from other vendors to Check Point and segmented network. A complex project managed by the Lifecycle Management Services team with 40+ cutovers every night and successfully completed in less than 2 months.
In 2015 Moses joined ForeScout as Director of Software Engineering and was instrumental in building the development team from the first hire to eventually 27 developers/QA engineers. His team was engaged in successfully completing several hundred POCs as ForeScout migrated from a NAC solution to an IoT security solution. After his return to Check Point in 2018, Moses led the Business Development effort to transform legacy support to a digital platform with PRO Support that grew exponentially to 3000+ customers with an adoption rate of 545% in 2 years. Today Moses and his team are passionate about helping customers tackle one of the most challenging problems – Securing IoT/OT environment. The Check Point IoT/OT team believes this challenge can be overcome by implementing the right best of breed security solution – Check Point Quantum IoT Protect.
How can IoT assist in facilitating easy and seamless digital transformations?
IoT (Internet of Things), as we call it, is in itself not defined. It is a loaded term that is many different things to different people and companies. IoT is changing the world we live in, and a key ingredient to realizing the benefits of smart cities, smart buildings, medical devices, asset tracking, video surveillance and analytics, smart robotics, and the list goes on. Regardless of industry vertical, IoT offers new paths for competitive advantage, operational efficiencies, cost reductions, and environmental sustainability.
As we adapt to the new normal with more connected things, security becomes a central issue. It is true; IoT accelerates digital transformation efforts but is inherently vulnerable to cyber attacks. A recent study found that IoT devices are often attacked within five minutes of being connected to the web. Most businesses are struggling to determine what devices are running in their environments and cannot rely on legacy visibility tools that are losing relevancy with the rise of new IoT protocols. As the old saying goes, you can’t secure what you can’t see. Advanced IoT discovery is the starting point for proper IoT security combined with zero trust network segmentation and real-time threat prevention.
How can organizations improve in terms of capitalizing on IoT opportunities?
According to IDC, IoT spending will return to double-digit growth rates in 2021 and achieve a CAGR of 11.3% until 2024. There is no doubt that the world is changing, and your organization will change as well. To capitalize on IoT opportunities, it is essential to be specific. Ask yourself: “What does IoT mean for my business? How can we leverage IoT to achieve a competitive advantage, operational efficiencies, cost reduction, and environmental sustainability? And, how can we show our customers that we are trusted partners in enhancing their lives?”
Based on an IoT survey from Bain (2018), the most common objection to IoT implementation was security, and it is still true today. However, to be competitive in the market, businesses must embrace IoT adoption; this puts the burden on the security teams to secure IoT devices. A recent survey of security professionals found that 99% of them lack confidence in securing IoT devices. When businesses are not confident that existing security controls and policies are sufficient, IoT adoption is slower, and the company loses the competitive advantage.
How are businesses establishing enterprise-wide strategies for managing IoT?
IoT means different things for different parts of the organization. Business that scale in terms of multiple use case seem to maximize the impact that forces a cultural change, and adoption becomes an easier task. A study by McKinsey highlighted financial success for businesses when a more significant number of use cases are implemented. While a smaller scale may be suitable for the early days of the digital transformation journey, there is a clear advantage when companies add multiple use cases – one that has a powerful impact. The COVID-19 pandemic ushered in the acceleration of digital transformation with IoT as a critical ingredient. We witnessed the implementation of multiple strategies to enable the transition of remote work, which forced a cultural change within business globally. Don’t be afraid to “go big” with IoT.
To address security concerns with IoT implementation, at Check Point, we simplified our solution to fit within three verticals:
- Enterprises (IoT devices)
- Healthcare organizations (IoMT – Internet of Medical Things devices)
- Industrial organizations (OT – Operational Technology devices)
Almost every company is exposed to cyber attacks, and many medium-to-large businesses have two or all three of these verticals in their environment. You can confidently secure IoT/IoMT/OT environment with Check Point’s best-of-breed approach.
For organizations with IoT technologies in place, how can they ensure that digital transformations are completed securely and that IoT security is not an afterthought?
The undisputed fact is that 100% of businesses have IoT in their environments and are very much aware of the security challenges with IoT. Managing and securing IoT does not require new or complex ideas or principles. The first step in this process is for businesses to identify unmanaged devices in the network and undergo a thorough IoT security risk assessment to examine vulnerabilities and implement the right solution or security control to prevent attacks in real-time. IDC released an excellent IoT security guide that outlines the challenges and solutions to prevent and combat cyber attacks on your network and devices.
What are the best practices when it comes to testing the security of IoT systems?
IoT security solutions have quickly become a “must-have” to protect networks and devices from the rapidly expanding threat landscape. To summarize the best practices:
- Real-time IoT discovery & risk analysis
- Simple zero-trust IoT segmentation
- Multiple layers of IoT threat prevention technologies
Anything else that you wish to share with the Cyber Talk audience
If you’re unsure where to start when it comes to securing your IoT, consider a one-time IoT Security Check-up Report. The report gives you complete IT/IoT/OT visibility to everything in your environment – managed and unmanaged with thorough security risk assessment for every device. You can request your free IoT security check-up here.