Events, Governance and Risk Management, Infosecurity Europe Conference
Closed Door Security CEO William Wright discusses mitigating common security risks
Matthew J. Schwartz (Euro Infosec) •
June 18, 2024
Common cybersecurity vulnerabilities such as unpatched software and weak credentials can leave digital systems open to cyberattacks. William Wright, CEO of Closed Door Security, spoke about the importance of enabling SMB signing, which is often overlooked due to its low or medium severity.
reference: NHS ransomware attack: Healthcare infrastructure is critical
He said SMB signing should be “on by default” to thwart potential ransomware attacks that exploit Microsoft Network Trust Level Manager to steal credentials and access to networks.
Wright recommended using an identity access management platform or conditional access policies to effectively address security challenges, acknowledging the complexities of integrating MFA into legacy systems.
“You can enable password policies for most services, but not all of them. Some services don’t have password policies built in, but for the rest you can use access management and IAM tools. Especially in larger organizations, you have to balance user ease of use with security, which can be very difficult,” he said.
In this video interview with Information Security Media Group at Infosecurity Europe 2024, Wright also shared:
- The challenges that large organizations and departments, such as educational institutions, face when implementing MFA, especially concerns about privacy.
- Why patch management remains a widespread problem
- Why software developers need to take more responsibility for security, instead of shifting the burden to end users.
Mr Wright is a penetration tester, security auditor and Scotland’s first Chartered Cybersecurity Professional. Prior to joining Closed Door Security he was Principal Security Consultant at MTI.