CSPi, a provider of cybersecurity and packet capture products, managed IT and professional services and technology solutions, is utilizing a new approach to address the unique medical device security challenges found in commercial Internet of Things (IoT) devices, especially in the medical market. With Gartner estimating that more than 25% of cyber-attacks will involve IoT devices by 2020, addressing cybersecurity vulnerabilities is a major focus for organizations of all sizes and in all industries.
CSPi and Seceon have partnered and developed a joint solution using a API integration between the ARIA SDS Packet Intelligence application and aiSIEM to solve one of the biggest security challenges related to IoT: where endpoint detection and response (EDR) applications and other bolt-on security services cannot be deployed on IoT devices.
Commercial IoT devices have proven to be one of the most challenging to secure as security considerations have been deprioritized in order to maximize business returns. Most IoT devices have limited, if any, capacity to run third-party security applications like EDRs. However, the explosion of IoT devices means that more sensitive data is being shared across many devices and hackers now have more avenues to exploit, thus making security risks exponentially greater.
“The potential consequences associated with unsecured IoT devices are much worse than people may realize,” explains Gary Southwell, GM, CSPi. “For example, a compromised medical IoT device can threaten a patient’s life, or if an industrial infrastructure, such as a power grid, is taken offline, it can cripple a city. When assessing how best to solve for the security vulnerabilities found in commercial IoT devices, it just made sense to partner with Seceon and leverage their aiSIEM solution.”
The ARIA Packet Intelligence application deploys transparently inside the network and detects, as well as monitors the traffic originating from all IoT devices. It classifies all the traffic related to those devices, at line rate, and creates enriched NetFlow metadata, which are ingested by Seceon’s aiSIEM. The aiSIEM’s ability to take in network flow data sourced from the ARIA SDS solution makes it very effective at finding difficult-to-detect network-born threats, including those originating from IoT devices.
Going one step further, the aiSIEM can instruct the ARIA SDS probes to stop only the specific threat conversations, while allowing critical applications and devices to continue to operate. The solution also provides network-based microsegmentation, preventing rogue IoT devices from trying to communicate with devices or applications they should not. The technology also works Seceon’s aiMSSP technology and allows MSSPs to offer managed detection and response (MDR) solutions into the IoT market space.
“We are very excited to join forces with CSPi and solve the unique challenges of securing commercial IoT devices,” says Chandra Panday, CEO of Seceon. “When coupled with our aiMSSP offerings, both enterprises and MSSPs have a powerful new MDR solution to surgically stop more threats within the network, including those impacting IoT devices.”