CrowdStrike Falcon Insight for IoT delivers tailored threat prevention, patch management, and interoperability across XIoT including IoT, OT, and medical devices. Credit: GreenButterfly / Shutterstock Cybersecurity vendor CrowdStrike has announced the release of new extended detection and response (XDR) capabilities within its Falcon platform to secure extended internet of things (XIoT) assets including IoT, Industrial IoT, OT, and medical devices. CrowdStrike Falcon Insight for IoT delivers tailored threat prevention, rapid patch management, and interoperability across XIoT assets to help customers secure their organization with the same platform across IoT, IT endpoints, cloud workloads, identities, and data, CrowdStrike said.The challenges posed to organizations and security teams in effectively securing diverse IoT resources remain stark, while the threats posed to IoT assets subject enterprises to significant risks, attacks, and vulnerabilities.IT/OT convergence driving IoT security challenges, risksThe mass convergence of IT and OT forces security teams to secure critical infrastructure systems. However, traditional IT security solutions don’t interoperate with XIoT assets, lack context for effective threat prevention and detection, and disrupt operations, CrowdStrike said in a press release. CrowdStrike Falcon Insight for IoT collects and leverages asset-specific context to drive tailored XIoT threat prevention policy and high-fidelity detection, CrowdStrike claimed. “With the acceleration of OT digital transformation, organizations are struggling to address security challenges including stopping sophisticated attacks and dealing with operational complexity in securing XIoT assets in industrial control systems (ICS) networks,” said Michael Sentonas, president of CrowdStrike. CrowdStrike said Falcon Insight for IoT’s key features include:XIoT threat detection reduces risk and improves business continuity by identifying threats via asset-specific context such as device type, OS version, and protocols.Tailored, AI-based threat prevention stops threats at the source, with custom policy recommendations for XIoT assets that empower organizations to limit system burden and manage sensor updates.Response for hard-to-patch assets contains threats with integrated response actions, such as host/process containment and USB device control.A lightweight agent provides interoperability with mission critical XIoT assets that is tested and validated by ICS vendors.Deep integrations with CrowdStrike Alliance and XIoT partners enhance protection, detection, and response.IoT security, threat detection/response challenges mount up for businessesThe challenges and risks organizations face in securing their extensive IoT footprints and detecting/responding to IoT-related threats are considerable. “One of the biggest challenges is visibility,” Hollie Hennessy, senior analyst, IoT cybersecurity at Omdia, tells CSO. “Organizations need to be able to have an accurate picture of devices that are connected to their network, yet Omdia’s research shows one in five don’t regularly perform an audited inventory of connected devices. Without this picture, it can be difficult to reach and deploy an effective cybersecurity program.” This is paired with the different technologies, operating systems, devices, and departments which IoT spans across, Hennessy adds. For most enterprises, IoT-related incidents involve malware or the targeting of devices with poor security to access the IT side of the network, Hennessy says. However, for an organization like a hospital with medical IoT devices, the worst-case scenario could impact human life. “Similarly, there could be operational impact and financial impact if processes in an OT environment were to be manipulated, and there could also be an impact on worker safety. This impact needs to be considered when assessing risk.”Threat detection and response is one part of effective cybersecurity for IoT – but it can require specialist solutions, compared to products you may see in the IT space. “In order to be effective, threat detection and response for IoT/OT/medical IoT needs to be contextualized, assessed, and analyzed in light of the organization’s environment – including the devices that are connected to the network, their interactions, and behavior.”IoT, ICS assets are vulnerable, attractive attack targetsLast week, the US Cybersecurity and Infrastructure Security Agency (CISA) published seven advisories covering vulnerabilities in ICS and supervisory control and data acquisition (SCADA) software from multiple vendors. Some of the flaws were rated critical and two of them already have public exploits.Meanwhile, a report from industrial cybersecurity firm Otorio recently highlighted the attack vectors industrial wireless IoT devices are susceptible to along with vulnerabilities the company’s researchers found in several such products. “Industrial wireless IoT devices and their cloud-based management platforms are attractive targets to attackers looking for an initial foothold in industrial environments” the researchers said in their report. “This is due to the minimal requirements for exploitation and potential impact.” Related content interview Strong CIO-CISO relations fuel success at Ally CIO Sathish Muthukrishnan and CISO Donna Hart have forged a partnership steeped in Ally’s culture of radical candor that keeps the financial services firm secure and innovative. By Dan Roberts May 09, 2024 9 mins CIO CSO and CISO IT Leadership news Zscaler shuts down exposed system after rumors of a cyberattack Initially dismissing rumors, Zscaler now says it did have a system exposed but nothing important has been accessed. By Shweta Sharma May 09, 2024 3 mins Data Breach Cyberattacks news Palo Alto launches AI-powered solutions to fight AI-generated cyberthreats The suite is powered by Palo Alto’s proprietary solution, Precision AI, which integrates machine learning, deep learning, and generative AI technologies. By Prasanth Aby Thomas May 09, 2024 3 mins Generative AI Security Software news F5 patches BIG-IP Next Central Manager flaws that could lead to device takeover Two high-risk vulnerabilities could allow attackers to gain full administrative control on devices via leaked password hashes. By Lucian Constantin May 08, 2024 5 mins Threat and Vulnerability Management Cloud Security Vulnerabilities PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe