CrowdStrike Falcon Insight for IoT delivers tailored threat prevention, patch management, and interoperability across XIoT including IoT, OT, and medical devices. Credit: GreenButterfly / Shutterstock Cybersecurity vendor CrowdStrike has announced the release of new extended detection and response (XDR) capabilities within its Falcon platform to secure extended internet of things (XIoT) assets including IoT, Industrial IoT, OT, and medical devices. CrowdStrike Falcon Insight for IoT delivers tailored threat prevention, rapid patch management, and interoperability across XIoT assets to help customers secure their organization with the same platform across IoT, IT endpoints, cloud workloads, identities, and data, CrowdStrike said.The challenges posed to organizations and security teams in effectively securing diverse IoT resources remain stark, while the threats posed to IoT assets subject enterprises to significant risks, attacks, and vulnerabilities.IT/OT convergence driving IoT security challenges, risksThe mass convergence of IT and OT forces security teams to secure critical infrastructure systems. However, traditional IT security solutions don’t interoperate with XIoT assets, lack context for effective threat prevention and detection, and disrupt operations, CrowdStrike said in a press release. CrowdStrike Falcon Insight for IoT collects and leverages asset-specific context to drive tailored XIoT threat prevention policy and high-fidelity detection, CrowdStrike claimed.“With the acceleration of OT digital transformation, organizations are struggling to address security challenges including stopping sophisticated attacks and dealing with operational complexity in securing XIoT assets in industrial control systems (ICS) networks,” said Michael Sentonas, president of CrowdStrike. CrowdStrike said Falcon Insight for IoT’s key features include:XIoT threat detection reduces risk and improves business continuity by identifying threats via asset-specific context such as device type, OS version, and protocols.Tailored, AI-based threat prevention stops threats at the source, with custom policy recommendations for XIoT assets that empower organizations to limit system burden and manage sensor updates.Response for hard-to-patch assets contains threats with integrated response actions, such as host/process containment and USB device control.A lightweight agent provides interoperability with mission critical XIoT assets that is tested and validated by ICS vendors.Deep integrations with CrowdStrike Alliance and XIoT partners enhance protection, detection, and response.IoT security, threat detection/response challenges mount up for businessesThe challenges and risks organizations face in securing their extensive IoT footprints and detecting/responding to IoT-related threats are considerable. “One of the biggest challenges is visibility,” Hollie Hennessy, senior analyst, IoT cybersecurity at Omdia, tells CSO. “Organizations need to be able to have an accurate picture of devices that are connected to their network, yet Omdia’s research shows one in five don’t regularly perform an audited inventory of connected devices. Without this picture, it can be difficult to reach and deploy an effective cybersecurity program.” This is paired with the different technologies, operating systems, devices, and departments which IoT spans across, Hennessy adds. For most enterprises, IoT-related incidents involve malware or the targeting of devices with poor security to access the IT side of the network, Hennessy says. However, for an organization like a hospital with medical IoT devices, the worst-case scenario could impact human life. “Similarly, there could be operational impact and financial impact if processes in an OT environment were to be manipulated, and there could also be an impact on worker safety. This impact needs to be considered when assessing risk.”Threat detection and response is one part of effective cybersecurity for IoT – but it can require specialist solutions, compared to products you may see in the IT space. “In order to be effective, threat detection and response for IoT/OT/medical IoT needs to be contextualized, assessed, and analyzed in light of the organization’s environment – including the devices that are connected to the network, their interactions, and behavior.”IoT, ICS assets are vulnerable, attractive attack targetsLast week, the US Cybersecurity and Infrastructure Security Agency (CISA) published seven advisories covering vulnerabilities in ICS and supervisory control and data acquisition (SCADA) software from multiple vendors. Some of the flaws were rated critical and two of them already have public exploits.Meanwhile, a report from industrial cybersecurity firm Otorio recently highlighted the attack vectors industrial wireless IoT devices are susceptible to along with vulnerabilities the company’s researchers found in several such products. “Industrial wireless IoT devices and their cloud-based management platforms are attractive targets to attackers looking for an initial foothold in industrial environments” the researchers said in their report. “This is due to the minimal requirements for exploitation and potential impact.” Related content news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Advanced Persistent Threats Advanced Persistent Threats news BSIMM 14 finds rapid growth in automated security technology Embrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing. By John P. Mello Jr. Dec 06, 2023 4 mins Application Security Network Security news Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending. By Gagandeep Kaur Dec 06, 2023 4 mins IT Jobs Security Practices feature 20 years of Patch Tuesday: it’s time to look outside the Windows when fixing vulnerabilities After two decades of regular and indispensable updates, it’s clear that security teams need take a more holistic approach to applying fixes far beyond the Microsoft ecosystem. By Susan Bradley Dec 06, 2023 6 mins Patch Management Software Threat and Vulnerability Management Windows Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe