Events , Governance & Risk Management , Infosecurity Europe Conference
Addressing Security Gaps for Organizational Resilience
Closed Door Security CEO William Wright on Mitigating Common Security RisksCommon cybersecurity vulnerabilities such as unpatched software and weak credentials can leave digital systems exposed to cyberattacks. Closed Door Security CEO William Wright shared the significance of enabling SMB signing, which is often overlooked due to its low or medium severity rating.
See Also: The State of OT Security: A Comprehensive Guide to Trends, Risks, and Cyber Resilience
SMB signing should be "switched on by default" to stop potential ransomware attacks that exploit Microsoft Network Trust Level Manager to steal credentials and access to networks, he said.
Wright recommended using identity access management platforms or conditional access policies to address security challenges effectively, and he acknowledged the complexities of integrating MFA into legacy systems.
"There are password policies you can enable on the vast majority of services but not all of them. Some don't have them inherently, and you can use access management or IAM tools to cover the rest. It's trying to find that balance between usability and security for users, especially in larger organizations. That can be quite a challenge," he said.
In this video interview with Information Security Media Group at Infosecurity Europe 2024, Wright also discussed:
- The challenges that larger organizations or sectors such as education face in implementing MFA, particularly related to privacy concerns;
- Why patch management remains a pervasive problem;
- Why software developers need to assume more responsibility for security, rather than shifting the burden to end users.
Wright is a penetration testing expert, security auditor and Scotland's first chartered cybersecurity expert. Prior to Closed Door Security, he was a principal security consultant at MTI.