Updated on: February 12, 2024
SafetyDetectives had the privilege of interviewing Terry Lewis, the Founder and CEO of RoboShadow. In this exclusive conversation, Terry shares insights into the inspiration behind founding RoboShadow, the key services it offers to businesses, and his observations on significant trends in the cybersecurity landscape. With a focus on addressing weaknesses in multi-factor authorization and emphasizing the importance of BitLocker compliance, Terry provides valuable perspectives on enhancing cybersecurity measures for organizations, particularly in the era of remote work.
Hi Terry, thank you for your time, can you tell me what motivated you to found RoboShadow?
I owned an MSP in the UK that was coming up to the $10 million turnover element that everyone gets excited about. We had 65 people doing all sorts of digital transformation tasks like cybersecurity and serverless architecture, DevOps and that sort of thing. Every time we got external cyber people involved with our clients; it ended up being a bit of a racket. They’d scare them with lots of vulnerabilities that weren’t well placed in context.
So, we thought, we’re going to build these tools ourselves. We thought it’d be easy, but it’s not. Three years later, and we’re just kind of getting there. Our goal is to offer free cybersecurity capabilities to the world in a simple, understandable way. It’s similar to other brands that give stuff to the world for free by advancing civilization.
What are the main services RoboShadow provides to businesses?
RoboShadow primarily offers internal and external vulnerability assessments, covering approximately 70% of a penetration test. This includes assessments of external IPs, internal device compliance, internal LAN scanning, and cloud integration.
What major trends or shifts have you observed in the cybersecurity landscape in recent years?
The biggest trend is with AI, and everyone is saying we’ve got AI on our platform. In reality, it’s like the AI is going be attacking you and not with really sophisticated robots. it’s individuals leveraging AI capabilities to scan for vulnerabilities and launch attacks. That for me is the biggest thing, you can’t get away with security by obscurity anymore. You need to make sure that you’ve buttoned everything down, because it’s definitely AI that’s going to be scanning you and trying to attack you.
What are the weaknesses that you see in multi-factor authorization and how can it be improved?
It’s people who think that they’ve got multi-factor enabled when they don’t. We see this a lot at RoboShadow, a user will say “yeah, we’ve got that enabled,” and then we go through the rules and see the person doesn’t want these different features enabled. So, they might think they have MFA, but in reality, they instructed the system not to enable it. It’s people thinking they’ve got it when they actually have it.
Solutions like Intune can streamline MFA deployment, but it requires meticulous attention to policy settings, especially in platforms like Office 365 where there’s a certain policy that you have to ensure everyone’s in by default, as opposed to be put in on a case-by-case basis.
Why is it important for individuals and organizations to ensure BitLocker compliance?
In the UK specifically, if you lose your laptop while drunk on a train as it happens, not to me, but a couple of friends of mine, you have to report to the ICO if it’s got company data on it. They will make you tell your clients, depending on how much of a breach they think that is.
So, BitLocker is important to stop people accessing people’s laptops. You can argue in data centers, you don’t need it as much, especially if it’s locked computers in an office. However, I’d suggest having it there anyway just in case a PC gets stolen. But on laptops it is super important.
In the era of remote work, what cybersecurity measures should organizations prioritize for their remote workforce?
it’s just the zero-trust thing. I know these are the basics, but check:
- Is the firewall enabled
- Have you got the machine updated
- Is Windows updated
- Is the third-party patching done
- Have you not got local admin or allowed users to have local administrator
- Is PowerShell disabled for standard user access so people can’t move laterally, if they manage to hack you
We see this often, that’s why RoboShadow is sort of very good in this context. Remote working is a feral way of forgetting about your machines. But you can reconcile against a primary user store like we do in RoboShadow, where you can sync with the Active directory or on-Prem Active directory, to see that all your machines actually working, and if they’ve got those 4 or 5 core basics enabled should be easy.