Shows
The Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsLocked In: Palantir, Microsoft and the Hidden Political Risk in Your CloudPicture this: you’re a minister in Europe and Washington quietly asks for a peek. Your emails, drafts and cabinet notes aren’t in a secret vault — they live on someone else’s servers. This episode opens on that impossible, very real moment and follows the ripple effects: threats of sanctions, a neutral Switzerland walking away from Palantir, and the uncomfortable truth that the UK handed that very company the keys to its health, defence and policing systems.
We meet the players: Noel Bradford, the Small Business Cybersecurity Guy, who’s spent four decades turning tape backups into survi...
2026-02-2327 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsLocked In: Palantir, Microsoft and the Hidden Political Risk in Your CloudPicture this: you’re a minister in Europe and Washington quietly asks for a peek. Your emails, drafts and cabinet notes aren’t in a secret vault — they live on someone else’s servers. This episode opens on that impossible, very real moment and follows the ripple effects: threats of sanctions, a neutral Switzerland walking away from Palantir, and the uncomfortable truth that the UK handed that very company the keys to its health, defence and policing systems.
We meet the players: Noel Bradford, the Small Business Cybersecurity Guy, who’s spent four decades turning tape backups into survi...
2026-02-2327 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsEdge Devices Under Siege — 393 Days of Unnoticed AccessIn this episode of Small Business Cybersecurity Guy, host Maurven McLeod and guest Dr Corinne Jefferson (former US government intelligence analyst turned London-based consultant) unpack Google Threat Intelligence’s alarming report on the Defence Industrial Base (DIB) and explain exactly why it matters to small and medium-sized businesses. They move straight from the uncomfortable headline — Chinese state-linked hackers averaging 393 days of dwell time inside victim networks — to practical implications for 50–80 person companies across manufacturing, logistics, and software supply chains.
Topics covered include clear definitions (APT, UNC), the distinction between edge devices and endpoints, why firewalls and VPN applianc...
2026-02-1622 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsEdge Devices Under Siege — 393 Days of Unnoticed AccessIn this episode of Small Business Cybersecurity Guy, host Maurven McLeod and guest Dr Corinne Jefferson (former US government intelligence analyst turned London-based consultant) unpack Google Threat Intelligence’s alarming report on the Defence Industrial Base (DIB) and explain exactly why it matters to small and medium-sized businesses. They move straight from the uncomfortable headline — Chinese state-linked hackers averaging 393 days of dwell time inside victim networks — to practical implications for 50–80 person companies across manufacturing, logistics, and software supply chains.
Topics covered include clear definitions (APT, UNC), the distinction between edge devices and endpoints, why firewalls and VPN applianc...
2026-02-1622 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFour Campaigns, One Nightmare: How 2026's Attacks Bypass Every Small-Business DefenceIn this urgent episode of Small Business Cybersecurity Guy, hosts Mauven MacLeod and Graham Falkner join the notably fed-up Noel Bradford to unpack four simultaneous, high‑impact campaigns that emerged between late January and early February 2026. We walk listeners through detailed research from Trellix, Securonix, Rapid7 and Microsoft and explain why these attacks matter to every small business — even if you think you’re too small to be a target.
We open with APT28 (Fancy Bear) exploiting CVE‑2026‑21509: a weaponised Office document that triggers on open, drops an Outlook backdoor (MiniDoor/NotDoor) and a C++ implant (Beardshell) injected i...
2026-02-0928 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFour Campaigns, One Nightmare: How 2026's Attacks Bypass Every Small-Business DefenceIn this urgent episode of Small Business Cybersecurity Guy, hosts Mauven MacLeod and Graham Falkner join the notably fed-up Noel Bradford to unpack four simultaneous, high‑impact campaigns that emerged between late January and early February 2026. We walk listeners through detailed research from Trellix, Securonix, Rapid7 and Microsoft and explain why these attacks matter to every small business — even if you think you’re too small to be a target.
We open with APT28 (Fancy Bear) exploiting CVE‑2026‑21509: a weaponised Office document that triggers on open, drops an Outlook backdoor (MiniDoor/NotDoor) and a C++ implant (Beardshell) injected i...
2026-02-0928 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsSecurity Theatre Exposed — Passkeys, the CISA Leak, and the Hidden Value in Your Cyber InsuranceIn this urgent episode of The Small Business Cybersecurity Guide, hosts Noel Bradford, Mauven McLeod and Graham Faulkner bring together three experts to answer one question: why you’re doing security wrong and what practical steps will actually protect your business. We cover four pressing, unconnected problems that share the same root cause — a massive gap between perceived and real security.
Dr. Sarah Chen explains passkeys in plain English: how they remove the shared secret that makes passwords vulnerable, why they defeat phishing, credential stuffing and most brute-force attacks, and exactly how small businesses should pilot them this...
2026-02-0243 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsSecurity Theatre Exposed — Passkeys, the CISA Leak, and the Hidden Value in Your Cyber InsuranceIn this urgent episode of The Small Business Cybersecurity Guide, hosts Noel Bradford, Mauven McLeod and Graham Faulkner bring together three experts to answer one question: why you’re doing security wrong and what practical steps will actually protect your business. We cover four pressing, unconnected problems that share the same root cause — a massive gap between perceived and real security.
Dr. Sarah Chen explains passkeys in plain English: how they remove the shared secret that makes passwords vulnerable, why they defeat phishing, credential stuffing and most brute-force attacks, and exactly how small businesses should pilot them this...
2026-02-0243 min
UnixGuy Cyber Security CareerCyber Security Market Trends in 2026 with Josh MadakorJosh Madakor and I both work in this industry and help individuals land cyber security jobs from all over the world. In this episode we discuss the important cyber security market trends in 2026, and what you need to focus on to get hired.If you want to cut through noise and understand cyber security market trends in 2026, then this episode is for you. we discuss Cyber Security Market trends, dismantle common myths, and talk about every important topic when it comes to landing a cyber security job in 2026Josh...
2026-02-0128 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWho’s in Charge When Ransomware Hits? Building Your Incident Response TeamIn this episode of Small Business Cybersecurity Guy, hosts Mauven MacLeod, Noel Bradford and Graham Falkner walk you through Module One of their six-part incident response plan series: building your response team. Through the real-world Katie Roberts case study (name changed), they show why independence matters when a breach hits — and how an unbiased incident manager can quickly uncover the truth, coordinate response, and save a business from far worse outcomes.
Topics covered include the four core incident roles (external incident manager, technical lead, business continuity coordinator, communications lead), how to find and contract an ext...
2026-01-1930 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWho’s in Charge When Ransomware Hits? Building Your Incident Response TeamIn this episode of Small Business Cybersecurity Guy, hosts Mauven MacLeod, Noel Bradford and Graham Falkner walk you through Module One of their six-part incident response plan series: building your response team. Through the real-world Katie Roberts case study (name changed), they show why independence matters when a breach hits — and how an unbiased incident manager can quickly uncover the truth, coordinate response, and save a business from far worse outcomes.
Topics covered include the four core incident roles (external incident manager, technical lead, business continuity coordinator, communications lead), how to find and contract an ext...
2026-01-1930 min
UnixGuy Cyber Security CareerReality of being a Cyber Security Content Creator! (ft. Cybersecurity girl)In this episode I'm joined with one of the biggest cyber security content creators in the world: "Cybersecurity girl" (Caitlin Sarian). With a combined following of nearly 2Million followers, we explore what it's like to be a professional cyber security content creator. Is it really a viable career? How can you become a cyber security content creator? Caitlin shares all her secrets with us!Follow Caitlin (Cybersecurity Girl) on Instagram: https://www.instagram.com/cybersecuritygirl/Caitlin (Cybersecurity Girl) Website: https://www.cybersecuritygirl.com/
2026-01-1835 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsUK Government Admits Cyber Chaos — 28% of Systems ‘Cannot Be Defended’: What SMBs Need to KnowIn this episode of the Small Business Cybersecurity Guy, host Noel Bradford is joined by Mauven McLeod and Graham Falkner to unpack the Cabinet Office’s January 2026 Government Cyber Action Plan — a blunt, 100‑page admission that the UK government’s cybersecurity posture is “critically high” risk and that many of its own targets are unachievable. The trio break down the report’s headline findings, case studies of high‑profile failures, and why this matters to you even if you’ve never worked with government.
Key revelations from the Plan covered in the episode include: roughly 28% of government IT is legacy and c...
2026-01-1227 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsUK Government Admits Cyber Chaos — 28% of Systems ‘Cannot Be Defended’: What SMBs Need to KnowIn this episode of the Small Business Cybersecurity Guy, host Noel Bradford is joined by Mauven McLeod and Graham Falkner to unpack the Cabinet Office’s January 2026 Government Cyber Action Plan — a blunt, 100‑page admission that the UK government’s cybersecurity posture is “critically high” risk and that many of its own targets are unachievable. The trio break down the report’s headline findings, case studies of high‑profile failures, and why this matters to you even if you’ve never worked with government.
Key revelations from the Plan covered in the episode include: roughly 28% of government IT is legacy and c...
2026-01-1227 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFacepalm Retrospective: 2025’s Greatest Cyber Fails — From 123456 to the LouvreWelcome to the Small Business Cybersecurity Guy Christmas Special with host Noel Bradford and guests Mauven MacLeod and Graham Falkner. This episode is a rapid-fire, often hilarious and sometimes horrifying roundup of the most spectacular cyber security disasters of 2025, told with a no-nonsense focus on what small businesses should learn from them.
We open with the MacHire fiasco: security researchers discovered an admin account on McDonald’s AI hiring chatbot (Paradox.ai/Olivia) protected by the password "123456," exposing up to 64 million applicant records. The researchers reported the flaw; no known mass theft occurred, but the episode underlines ve...
2025-12-2221 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFacepalm Retrospective: 2025’s Greatest Cyber Fails — From 123456 to the LouvreWelcome to the Small Business Cybersecurity Guy Christmas Special with host Noel Bradford and guests Mauven MacLeod and Graham Falkner. This episode is a rapid-fire, often hilarious and sometimes horrifying roundup of the most spectacular cyber security disasters of 2025, told with a no-nonsense focus on what small businesses should learn from them.
We open with the MacHire fiasco: security researchers discovered an admin account on McDonald’s AI hiring chatbot (Paradox.ai/Olivia) protected by the password "123456," exposing up to 64 million applicant records. The researchers reported the flaw; no known mass theft occurred, but the episode underlines ve...
2025-12-2221 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsBoards, Breaches and Accountability: Why Small Firms Need Risk Registers NowDo UK small businesses need cyber risk registers? Graham said no. After this 40-minute debate with Noel Bradford, he changed his mind completely.
This Small Business Cyber Security Guy podcast episode tackles cyber risk management for UK SMEs through a heated debate about whether small business boards need formal cyber risk registers.
UK cyber security statistics that changed Graham's mind:
43% of UK small businesses experienced cyber breaches last year (DSIT 2025)
73% have no board-level cyber security responsibility
28% of SMEs say one cyber attack could close them permanently (Vodafone 2025)
Average UK small business breach costs £3,398
R...
2025-12-1545 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsBoards, Breaches and Accountability: Why Small Firms Need Risk Registers NowDo UK small businesses need cyber risk registers? Graham said no. After this 40-minute debate with Noel Bradford, he changed his mind completely.
This Small Business Cyber Security Guy podcast episode tackles cyber risk management for UK SMEs through a heated debate about whether small business boards need formal cyber risk registers.
UK cyber security statistics that changed Graham's mind:
43% of UK small businesses experienced cyber breaches last year (DSIT 2025)
73% have no board-level cyber security responsibility
28% of SMEs say one cyber attack could close them permanently (Vodafone 2025)
Average UK small business breach costs £3,398
R...
2025-12-1545 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe Printer Is Watching: How Your Office Gear Is the Biggest Cyber ThreatFor our 30th episode, we're tackling the cybersecurity blind spot that almost no one discusses but everyone should worry about. You've secured your laptops. You've rolled out multi-factor authentication. Your firewall is properly configured. But what about that office printer quietly storing every contract and payslip you've printed this year on a hard drive nobody ever wipes, with a password an attacker can guess in three tries?
This episode reveals the uncomfortable truth about Internet of Things (IoT) devices in your business. We're talking about printers, CCTV systems, smart thermostats, networked door locks, and every other "smart"...
2025-12-0836 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe Printer Is Watching: How Your Office Gear Is the Biggest Cyber ThreatFor our 30th episode, we're tackling the cybersecurity blind spot that almost no one discusses but everyone should worry about. You've secured your laptops. You've rolled out multi-factor authentication. Your firewall is properly configured. But what about that office printer quietly storing every contract and payslip you've printed this year on a hard drive nobody ever wipes, with a password an attacker can guess in three tries?
This episode reveals the uncomfortable truth about Internet of Things (IoT) devices in your business. We're talking about printers, CCTV systems, smart thermostats, networked door locks, and every other "smart"...
2025-12-0836 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsReverse Benchmarking: Learn from the Biggest Cyber FaceplantsWhat if the best way to protect your business isn't copying what the successful companies do, but avoiding what the failures did wrong? Welcome to reverse benchmarking, the cybersecurity equivalent of learning from other people's face-plants so you don't repeat them.
In this episode, Noel and Mauven flip traditional benchmarking on its head. Instead of asking "what are the best companies doing?", they explore the far more revealing question: "what did the disasters get catastrophically wrong?" From the Target breach via an HVAC vendor to ransomware attacks on UK holiday parks, the hosts dissect spectacular cybersecurity failures...
2025-12-0125 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsReverse Benchmarking: Learn from the Biggest Cyber FaceplantsWhat if the best way to protect your business isn't copying what the successful companies do, but avoiding what the failures did wrong? Welcome to reverse benchmarking, the cybersecurity equivalent of learning from other people's face-plants so you don't repeat them.
In this episode, Noel and Mauven flip traditional benchmarking on its head. Instead of asking "what are the best companies doing?", they explore the far more revealing question: "what did the disasters get catastrophically wrong?" From the Target breach via an HVAC vendor to ransomware attacks on UK holiday parks, the hosts dissect spectacular cybersecurity failures...
2025-12-0125 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsPrison for Negligent Directors? Rebooting UK Cyber EnforcementIn this provocative second instalment of the accountability series, hosts Noel Bradford and Mauven MacLeod lay out a detailed proposal for a UK cybersecurity enforcement regime that balances protection for small businesses with personal liability for negligent directors. They compare the current weak regulatory approach to the Health and Safety Executive model, cite international evidence from Singapore, and explore why criminal consequences — up to fines, disqualification and, in extreme cases, prison — might be necessary to change boardroom behaviour.
The episode explains a three-tier framework: Tier 1 (micro and small businesses) protected by Cyber Essentials and criminal liability only for...
2025-11-2437 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsPrison for Negligent Directors? Rebooting UK Cyber EnforcementIn this provocative second instalment of the accountability series, hosts Noel Bradford and Mauven MacLeod lay out a detailed proposal for a UK cybersecurity enforcement regime that balances protection for small businesses with personal liability for negligent directors. They compare the current weak regulatory approach to the Health and Safety Executive model, cite international evidence from Singapore, and explore why criminal consequences — up to fines, disqualification and, in extreme cases, prison — might be necessary to change boardroom behaviour.
The episode explains a three-tier framework: Tier 1 (micro and small businesses) protected by Cyber Essentials and criminal liability only for...
2025-11-2437 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhen Ransomware Kills: Should Directors Face Prison for Cyber Negligence?What happens when business negligence causes serious harm to thousands of people? If a faulty ladder injures someone, directors face prison time. If forty million people have their data stolen due to poor security, they receive a strongly worded letter.
In this provocative first episode of our two-part series, Noel and Mauven examine the shocking disparity between health and safety enforcement and cybersecurity regulation in the UK. We compare the HSE's tough approach (prison sentences, director liability, millions in fines) with the ICO's gentle touch (guidance, occasional fines, zero criminal consequences).
With 40 million voter records...
2025-11-1742 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhen Ransomware Kills: Should Directors Face Prison for Cyber Negligence?What happens when business negligence causes serious harm to thousands of people? If a faulty ladder injures someone, directors face prison time. If forty million people have their data stolen due to poor security, they receive a strongly worded letter.
In this provocative first episode of our two-part series, Noel and Mauven examine the shocking disparity between health and safety enforcement and cybersecurity regulation in the UK. We compare the HSE's tough approach (prison sentences, director liability, millions in fines) with the ICO's gentle touch (guidance, occasional fines, zero criminal consequences).
With 40 million voter records...
2025-11-1742 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFrom SMS to FIDO2: A Small Business Guide to Phishing‑Resistant AuthenticationIn this episode of the Small Business Cybersecurity Guide, hosts Noel Bradford and Mauven McLeod are joined by Mark Bell from Authentrend (episode sponsor) to explain why the mobile phone, long promoted as a convenient authentication tool, can be one of the weakest links in your business security.
Using real-world examples, including a recent breach of a 15-person firm that relied on SMS one-time passwords, the trio outlines how simple attacks, such as SIM swapping and code interception, make SMS and many authenticator app workflows vulnerable to targeted attackers.
The hosts define multi-factor authentication in...
2025-11-1032 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFrom SMS to FIDO2: A Small Business Guide to Phishing‑Resistant AuthenticationIn this episode of the Small Business Cybersecurity Guide, hosts Noel Bradford and Mauven McLeod are joined by Mark Bell from Authentrend (episode sponsor) to explain why the mobile phone, long promoted as a convenient authentication tool, can be one of the weakest links in your business security.
Using real-world examples, including a recent breach of a 15-person firm that relied on SMS one-time passwords, the trio outlines how simple attacks, such as SIM swapping and code interception, make SMS and many authenticator app workflows vulnerable to targeted attackers.
The hosts define multi-factor authentication in...
2025-11-1032 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsNo More Excuses: Cyber Essentials Forces MFA on Every Cloud Service (Apr 2026)In this episode Graham and Mauven break down a major overhaul to Cyber Essentials coming into force from April 2026. The hosts explain the headline change — mandatory multi-factor authentication (MFA) for every cloud service with no loopholes — and how the scheme has tightened scoping so any internet-connected service or system that processes company data is now in scope.
Topics covered include the new emphasis on passwordless authentication (passkeys, FIDO2 hardware keys, and biometrics), why the NCSC is pushing these technologies, and the practical security benefits and limits of passwordless solutions. They also discuss the real-world impact on small busi...
2025-11-0307 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsNo More Excuses: Cyber Essentials Forces MFA on Every Cloud Service (Apr 2026)In this episode Graham and Mauven break down a major overhaul to Cyber Essentials coming into force from April 2026. The hosts explain the headline change — mandatory multi-factor authentication (MFA) for every cloud service with no loopholes — and how the scheme has tightened scoping so any internet-connected service or system that processes company data is now in scope.
Topics covered include the new emphasis on passwordless authentication (passkeys, FIDO2 hardware keys, and biometrics), why the NCSC is pushing these technologies, and the practical security benefits and limits of passwordless solutions. They also discuss the real-world impact on small busi...
2025-11-0307 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFinalSpark, Ethics & Security: What Living-Neuron Computers Mean for Your CompanyWhat if I told you there’s a laboratory in Switzerland where scientists are building computers from living human neurons?
Sounds like science fiction, right? But it’s happening right now, and the energy crisis driving this research is about to affect every small business owner’s cloud computing bills.
In this episode, Noel, Graham, and Mauven explore FinalSpark’s revolutionary biocomputing platform. This Swiss company has created the Neuroplatform, a system using approximately 160,000 living human neurons to perform computational tasks. Their goal?
Solving the massive energy consumption problem created by artificial intelligence and modern data centres.
Your brain runs on 20 watts...
2025-11-0322 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsFinalSpark, Ethics & Security: What Living-Neuron Computers Mean for Your CompanyWhat if I told you there’s a laboratory in Switzerland where scientists are building computers from living human neurons?
Sounds like science fiction, right? But it’s happening right now, and the energy crisis driving this research is about to affect every small business owner’s cloud computing bills.
In this episode, Noel, Graham, and Mauven explore FinalSpark’s revolutionary biocomputing platform. This Swiss company has created the Neuroplatform, a system using approximately 160,000 living human neurons to perform computational tasks. Their goal?
Solving the massive energy consumption problem created by artificial intelligence and modern data centres.
Your brain runs on 20 watts...
2025-11-0322 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsGhosts in the Machine — Halloween Special: When Your Tools Turn on YouThis Halloween special of the Small Business Cyber Security Guy peels back the curtain on the scariest place hackers hide: the tools and toolchains you trust. Hosts Graeme Falkner, Noel Bradford and Mauven MacLeod go ghost hunting inside compilers, build systems and update pipelines to show how supply‑chain attacks can insert backdoors that you’ll never spot by reading source code alone.
The episode revisits Ken Thompson’s classic compiler backdoor thought experiment and explains, in plain language, how a compromised compiler can propagate secrets invisibly. The hosts walk through real incidents — XcodeGhost, SolarWinds, EventStream, and Log4j —...
2025-10-3112 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsGhosts in the Machine — Halloween Special: When Your Tools Turn on YouThis Halloween special of the Small Business Cyber Security Guy peels back the curtain on the scariest place hackers hide: the tools and toolchains you trust. Hosts Graeme Falkner, Noel Bradford and Mauven MacLeod go ghost hunting inside compilers, build systems and update pipelines to show how supply‑chain attacks can insert backdoors that you’ll never spot by reading source code alone.
The episode revisits Ken Thompson’s classic compiler backdoor thought experiment and explains, in plain language, how a compromised compiler can propagate secrets invisibly. The hosts walk through real incidents — XcodeGhost, SolarWinds, EventStream, and Log4j —...
2025-10-3112 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe Doorman Fallacy: How Cost Cuts Become CatastrophesThe £18,000 Saving That Cost £200,000 in Revenue
Ever cut a cost that seemed obviously wasteful, only to discover you'd destroyed something far more valuable? Welcome to the Doorman Fallacy —it's probably happening in your business right now.
In this episode, Noel Bradford introduces a concept from marketing expert Rory Sutherland's book "Alchemy" that explains precisely why "sensible" security cost-cutting so often leads to catastrophic consequences. Through five devastating real-world case studies, we explore how businesses optimise themselves into oblivion by defining roles too narrowly and measuring only what's easy to count.
Spoiler alert: The doorman does far...
2025-10-2750 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe Doorman Fallacy: How Cost Cuts Become CatastrophesThe £18,000 Saving That Cost £200,000 in Revenue
Ever cut a cost that seemed obviously wasteful, only to discover you'd destroyed something far more valuable? Welcome to the Doorman Fallacy —it's probably happening in your business right now.
In this episode, Noel Bradford introduces a concept from marketing expert Rory Sutherland's book "Alchemy" that explains precisely why "sensible" security cost-cutting so often leads to catastrophic consequences. Through five devastating real-world case studies, we explore how businesses optimise themselves into oblivion by defining roles too narrowly and measuring only what's easy to count.
Spoiler alert: The doorman does far...
2025-10-2750 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsInfoSec vs CyberSec vs IT Security: Stop Wasting Money on the Wrong One | UK SMB Reality CheckVendors love throwing around "InfoSec," "CyberSec," and "IT Security" like they're selling completely different solutions. Half the time it's the same thing with three different price tags. The other half? You're buying protection that doesn't address your actual risks.
With 50% of UK small businesses hit by cyber incidents in 2025 and 60% closing within six months of severe data loss, getting this wrong isn't just expensive—it's potentially fatal to your business.
Noel Bradford (40+ years wrangling enterprise security at Intel, Disney, and BBC) and Mauven MacLeod (ex-Government Cyber analyst who's seen threats at the national security level) cu...
2025-10-2037 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsInfoSec vs CyberSec vs IT Security: Stop Wasting Money on the Wrong One | UK SMB Reality CheckVendors love throwing around "InfoSec," "CyberSec," and "IT Security" like they're selling completely different solutions. Half the time it's the same thing with three different price tags. The other half? You're buying protection that doesn't address your actual risks.
With 50% of UK small businesses hit by cyber incidents in 2025 and 60% closing within six months of severe data loss, getting this wrong isn't just expensive—it's potentially fatal to your business.
Noel Bradford (40+ years wrangling enterprise security at Intel, Disney, and BBC) and Mauven MacLeod (ex-Government Cyber analyst who's seen threats at the national security level) cu...
2025-10-2037 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhy the Chancellor Just Wrote to UK CEOs: Cyber Attacks Surge 50%Ministers have sent an urgent letter to UK business leaders after the NCSC handled 204 nationally significant cyber incidents in the past year, with 18 "highly significant" incidents – a 50% increase for the third consecutive year. Join Mauven MacLeod and Graham Falkner as they unpack the government's wake-up call and translate ministerial warnings into concrete actions every business leader can take today.
What You'll Learn
Why the Chancellor and three Cabinet Ministers personally co-signed an urgent letter to UK business leaders - Ministerial letter on cyber security
The shocking NCSC statistics: nearly half of all incidents were nationally significant, with highly sig...
2025-10-1407 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhy the Chancellor Just Wrote to UK CEOs: Cyber Attacks Surge 50%Ministers have sent an urgent letter to UK business leaders after the NCSC handled 204 nationally significant cyber incidents in the past year, with 18 "highly significant" incidents – a 50% increase for the third consecutive year. Join Mauven MacLeod and Graham Falkner as they unpack the government's wake-up call and translate ministerial warnings into concrete actions every business leader can take today.
What You'll Learn
Why the Chancellor and three Cabinet Ministers personally co-signed an urgent letter to UK business leaders - Ministerial letter on cyber security
The shocking NCSC statistics: nearly half of all incidents were nationally significant, with highly sig...
2025-10-1407 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsExtra Credit: The Corrections, The Code, and The Safeguarding BombshellWe were wrapping up our interview with Tammy Buchanan about the Kido nursery breach when she said: "Actually, there were some really important points I forgot to make."
So we grabbed another cup of tea, broke out the custard creams, and kept recording.
Then, during the tea break, Graham discovered something on Twitter: VX-Underground, a credible malware research collective, had posted a screenshot of what appears to be a Kido GitHub repository containing API code. Files that typically contain system credentials. A potential smoking gun.
In Part 2, Tammy reveals what was missed in P...
2025-10-1335 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsExtra Credit: The Corrections, The Code, and The Safeguarding BombshellWe were wrapping up our interview with Tammy Buchanan about the Kido nursery breach when she said: "Actually, there were some really important points I forgot to make."
So we grabbed another cup of tea, broke out the custard creams, and kept recording.
Then, during the tea break, Graham discovered something on Twitter: VX-Underground, a credible malware research collective, had posted a screenshot of what appears to be a Kido GitHub repository containing API code. Files that typically contain system credentials. A potential smoking gun.
In Part 2, Tammy reveals what was missed in P...
2025-10-1335 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsDetention: The Day 8,000 Children's Data Went MissingEpisode Description
Following the Kido nursery breach where 8,000 children's photos were stolen and posted online, we sit down with education sector expert Tammy Buchanan. With 15 years working in UK schools and now consulting on data protection compliance, Tammy reveals the shocking reality of cybersecurity in British education. From nurseries using platforms like Famly and Tapestry to primary schools struggling with basic MFA implementation, this conversation exposes systematic failures that put every child's data at risk. If you're a parent, school governor, or education professional, this episode will change how you think about school security.
Currently ranked in...
2025-10-0741 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsDetention: The Day 8,000 Children's Data Went MissingEpisode Description
Following the Kido nursery breach where 8,000 children's photos were stolen and posted online, we sit down with education sector expert Tammy Buchanan. With 15 years working in UK schools and now consulting on data protection compliance, Tammy reveals the shocking reality of cybersecurity in British education. From nurseries using platforms like Famly and Tapestry to primary schools struggling with basic MFA implementation, this conversation exposes systematic failures that put every child's data at risk. If you're a parent, school governor, or education professional, this episode will change how you think about school security.
Currently ranked in...
2025-10-0741 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsYour 3-Year-Old's Data Is on the Dark Web Right Now: The Kido Wake-Up CallIn 40 years of Information Technology work, Noel Bradford has never been this angry. On September 25th, 2025, the Radiant ransomware gang stole personal data from 8,000 children at Kido International nurseries, posted their photos and medical records online, and then started calling parents at home to demand ransom payments. This isn't just another data breach. This is the moment cybercrime lost whatever soul it had left.
In this raw, unfiltered episode, Noel breaks down exactly what happened, why the security failures that enabled this attack exist in thousands of UK small businesses right now, and what you need to...
2025-09-3018 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsYour 3-Year-Old's Data Is on the Dark Web Right Now: The Kido Wake-Up CallIn 40 years of Information Technology work, Noel Bradford has never been this angry. On September 25th, 2025, the Radiant ransomware gang stole personal data from 8,000 children at Kido International nurseries, posted their photos and medical records online, and then started calling parents at home to demand ransom payments. This isn't just another data breach. This is the moment cybercrime lost whatever soul it had left.
In this raw, unfiltered episode, Noel breaks down exactly what happened, why the security failures that enabled this attack exist in thousands of UK small businesses right now, and what you need to...
2025-09-3018 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhen Teen Hackers Test Your Defences: Lessons from the School Yard to the BoardroomJoin hosts Noel Bradford and Mauven McLeod in this Back-to-School special of the Small Business Cybersecurity Guy podcast as they trace a line from 1980s schoolroom mischief to modern, large-scale breaches that put millions of students and small organisations at risk. Through recollections of early BBC Model B and Novell-era antics, the episode uses real recent incidents to expose how weak passwords, written credentials and opportunistic insiders create systemic security failures.
The episode unpacks headline-making investigations and statistics — including the ICO analysis showing that students are behind a majority of school data breaches, the PowerSchool compromise that af...
2025-09-2941 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhen Teen Hackers Test Your Defences: Lessons from the School Yard to the BoardroomJoin hosts Noel Bradford and Mauven McLeod in this Back-to-School special of the Small Business Cybersecurity Guy podcast as they trace a line from 1980s schoolroom mischief to modern, large-scale breaches that put millions of students and small organisations at risk. Through recollections of early BBC Model B and Novell-era antics, the episode uses real recent incidents to expose how weak passwords, written credentials and opportunistic insiders create systemic security failures.
The episode unpacks headline-making investigations and statistics — including the ICO analysis showing that students are behind a majority of school data breaches, the PowerSchool compromise that af...
2025-09-2941 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups£80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's CybersecurityCo-op's CEO has just confirmed that their cybersecurity disaster cost £80 million. The attackers? Teenagers are using basic social engineering. In this Hot Takes episode, we break down how "We've contained the incident" turned into an £80 million earnings wipeout, and why the final bill could reach £400-500 million once legal claims are settled.
This isn't just another breach story - it's a wake-up call for every UK business owner who thinks "it won't happen to us."
Key Topics Covered
The Attack Breakdown [0:30]
April 2024 attack by the Scattered Spider group
Social engineering, not sophisticated exploits
6.5 million mem...
2025-09-2508 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups£80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's CybersecurityCo-op's CEO has just confirmed that their cybersecurity disaster cost £80 million. The attackers? Teenagers are using basic social engineering. In this Hot Takes episode, we break down how "We've contained the incident" turned into an £80 million earnings wipeout, and why the final bill could reach £400-500 million once legal claims are settled.
This isn't just another breach story - it's a wake-up call for every UK business owner who thinks "it won't happen to us."
Key Topics Covered
The Attack Breakdown [0:30]
April 2024 attack by the Scattered Spider group
Social engineering, not sophisticated exploits
6.5 million mem...
2025-09-2508 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsDORA's Wake-Up Call: How JLR and Collins Aerospace Exposed a New Regulatory StormDate: 23 September 2025 — Host Mauven McLeod delivers a furious, fast-paced analysis of two seismic cyber incidents and what they mean for UK and global businesses. This episode examines the Jaguar Land Rover and Collins Aerospace ransomware attacks, the human-driven methods that enabled them, and why they represent the first significant test of the EU's Digital Operational Resilience Act (DORA).
Topics covered include the scale of the damage (JLR reportedly losing up to £5 million per day and sector-wide losses potentially exceeding £1 billion), the criminal methodology (simple social engineering and help-desk manipulation by groups linked to Lapsus-style actors), and the casc...
2025-09-2319 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsDORA's Wake-Up Call: How JLR and Collins Aerospace Exposed a New Regulatory StormDate: 23 September 2025 — Host Mauven McLeod delivers a furious, fast-paced analysis of two seismic cyber incidents and what they mean for UK and global businesses. This episode examines the Jaguar Land Rover and Collins Aerospace ransomware attacks, the human-driven methods that enabled them, and why they represent the first significant test of the EU's Digital Operational Resilience Act (DORA).
Topics covered include the scale of the damage (JLR reportedly losing up to £5 million per day and sector-wide losses potentially exceeding £1 billion), the criminal methodology (simple social engineering and help-desk manipulation by groups linked to Lapsus-style actors), and the casc...
2025-09-2319 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups81 Security Patches + Windows 10’s Final Countdown: What Every Business Owner Must KnowSeptember 2025 Patch Tuesday: Critical Business Update
Special Edition with Graham Falkner
Microsoft's September Patch Tuesday brings 81 security fixes, including 9 critical vulnerabilities already being exploited by attackers. This episode provides essential business guidance for small business owners navigating these updates safely and efficiently.
Key Topics Covered:
Business impact of 81 security vulnerabilities
Four critical threats affecting small businesses
SharePoint Server active exploitation campaigns
Network authentication bypass vulnerabilities
7-day practical deployment strategy
Windows 10 end-of-life planning (October 14th deadline)
Cyber Essentials compliance requirements
Critical Action Items:
Days 1-2: Assess SharePoint installations and document processing...
2025-09-1112 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups81 Security Patches + Windows 10’s Final Countdown: What Every Business Owner Must KnowSeptember 2025 Patch Tuesday: Critical Business Update
Special Edition with Graham Falkner
Microsoft's September Patch Tuesday brings 81 security fixes, including 9 critical vulnerabilities already being exploited by attackers. This episode provides essential business guidance for small business owners navigating these updates safely and efficiently.
Key Topics Covered:
Business impact of 81 security vulnerabilities
Four critical threats affecting small businesses
SharePoint Server active exploitation campaigns
Network authentication bypass vulnerabilities
7-day practical deployment strategy
Windows 10 end-of-life planning (October 14th deadline)
Cyber Essentials compliance requirements
Critical Action Items:
Days 1-2: Assess SharePoint installations and document processing...
2025-09-1112 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsElectoral Commission: 40 Million Hacked, Zero Fines - But Small Businesses Pay Thousands for LessEpisode Summary
The Electoral Commission suffered a 14-month data breach affecting 40 million UK voters, yet faced zero ICO enforcement action. Meanwhile, small businesses receive crushing GDPR fines for minor infractions. This explosive episode exposes dangerous double standards leaving SMBs vulnerable while government bodies escape accountability.
The Shocking Facts
Breach Duration: 14 months (August 2021 - October 2022)
Affected People: 40 million UK voters' data accessible
Attack Method: ProxyShell vulnerabilities - patches available months before breach
Attribution: Chinese state-affiliated actors (APT31)
ICO Response: "No enforcement action taken"
Security Failures That Would Destroy Small Businesses
...
2025-09-0913 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsElectoral Commission: 40 Million Hacked, Zero Fines - But Small Businesses Pay Thousands for LessEpisode Summary
The Electoral Commission suffered a 14-month data breach affecting 40 million UK voters, yet faced zero ICO enforcement action. Meanwhile, small businesses receive crushing GDPR fines for minor infractions. This explosive episode exposes dangerous double standards leaving SMBs vulnerable while government bodies escape accountability.
The Shocking Facts
Breach Duration: 14 months (August 2021 - October 2022)
Affected People: 40 million UK voters' data accessible
Attack Method: ProxyShell vulnerabilities - patches available months before breach
Attribution: Chinese state-affiliated actors (APT31)
ICO Response: "No enforcement action taken"
Security Failures That Would Destroy Small Businesses
...
2025-09-0913 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups60% of Small Businesses DIE After Cyberattacks - Are You Next?🚨 SHOCKING: 60% of Small Businesses Shut Down Forever After Cyberattacks
96% of hackers target YOUR business, not big corporations. Think you're too small to be a target? Think again.
Noel and Mauven reveal the brutal truth about cybersecurity that could save your business - or expose why you're already at risk.
💀 The Terrifying Reality:
82% of ransomware attacks target businesses under 1,000 employees
Small business employees face 350% MORE attacks than enterprise workers
Average cyber incident costs UK businesses £362,000
Only 17% of small businesses have cyber insurance
🛡️ What Y...
2025-09-0826 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups60% of Small Businesses DIE After Cyberattacks - Are You Next?🚨 SHOCKING: 60% of Small Businesses Shut Down Forever After Cyberattacks
96% of hackers target YOUR business, not big corporations. Think you're too small to be a target? Think again.
Noel and Mauven reveal the brutal truth about cybersecurity that could save your business - or expose why you're already at risk.
💀 The Terrifying Reality:
82% of ransomware attacks target businesses under 1,000 employees
Small business employees face 350% MORE attacks than enterprise workers
Average cyber incident costs UK businesses £362,000
Only 17% of small businesses have cyber insurance
🛡️ What Y...
2025-09-0826 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups48 Hours to Zero: How Ransomware Destroyed a 158-Year BusinessK&P Logistics — 158 years in business — wiped out in 48 hours by ransomware. Noel Bradford and Maurven MacLeod unpack that real-world catastrophe to show small businesses how the same fate can be avoided. If you run a local shop, agency or family firm and think cybersecurity is either incomprehensible or unaffordable, this episode is for you.
Noel Bradford, with 40 years of experience in corporate security, and Maurven MacLeod, a former government cyber analyst who tracked nation-state actors, introduce themselves and explain why attackers are increasingly targeting customer databases and other easy-to-access systems. They describe common threat vectors and the...
2025-09-0101 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & Startups48 Hours to Zero: How Ransomware Destroyed a 158-Year BusinessK&P Logistics — 158 years in business — wiped out in 48 hours by ransomware. Noel Bradford and Maurven MacLeod unpack that real-world catastrophe to show small businesses how the same fate can be avoided. If you run a local shop, agency or family firm and think cybersecurity is either incomprehensible or unaffordable, this episode is for you.
Noel Bradford, with 40 years of experience in corporate security, and Maurven MacLeod, a former government cyber analyst who tracked nation-state actors, introduce themselves and explain why attackers are increasingly targeting customer databases and other easy-to-access systems. They describe common threat vectors and the...
2025-09-0101 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsEXPOSED: How One Weak Password Killed a 158-Year-Old Company & Cost 2,000+ Jobs (The UK Cyber Graveyard)💀 Welcome to the UK's Cyber Graveyard 💀
Over 2,000 jobs GONE. Centuries of business history DELETED. All because of weak passwords and basic security failures that could have been prevented for FREE.
🚨 THE VICTIMS:
KNP Logistics: 158 years old, £94.5M revenue → 730 redundancies
Travelex: Global currency giant → 1,309 UK job losses
NRS Healthcare: NHS supplier → Currently liquidating after 16 months
💣 THE KILLER: Simple password attacks that Multi-Factor Authentication would have STOPPED
🛡️ WHAT YOU'LL LEARN:✅ The 5 fatal security failures that killed these companies✅ Why MFA blocks 99.9% of credential attacks (and costs nothing)✅ 30-60-90 day action plan to bulletproof your business✅ How...
2025-09-0138 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsEXPOSED: How One Weak Password Killed a 158-Year-Old Company & Cost 2,000+ Jobs (The UK Cyber Graveyard)💀 Welcome to the UK's Cyber Graveyard 💀
Over 2,000 jobs GONE. Centuries of business history DELETED. All because of weak passwords and basic security failures that could have been prevented for FREE.
🚨 THE VICTIMS:
KNP Logistics: 158 years old, £94.5M revenue → 730 redundancies
Travelex: Global currency giant → 1,309 UK job losses
NRS Healthcare: NHS supplier → Currently liquidating after 16 months
💣 THE KILLER: Simple password attacks that Multi-Factor Authentication would have STOPPED
🛡️ WHAT YOU'LL LEARN:✅ The 5 fatal security failures that killed these companies✅ Why MFA blocks 99.9% of credential attacks (and costs nothing)✅ 30-60-90 day action plan to bulletproof your business✅ How...
2025-09-0138 min
The 10 Minute Cyber FixWhen AI Turns Against YouEpisode SummaryAI-powered cybercriminals are now targeting UK small businesses with unprecedented sophistication, making artificial intelligence threats the top security concern for 35% of SMEs in 2025. Host Lucy Harper breaks down how criminals weaponise machine learning against businesses and provides a five-step action plan to defend against deepfakes, AI-generated phishing, and automated attacks that traditional security cannot detect.What You'll LearnAI-Powered Cyber Attacks: How criminals use machine learning to create personalised, sophisticated attacks that bypass traditional security measures and target UK SMEs specifically.Technical Threat Landscape: The mechanics behind AI-generated phishing...
2025-08-2212 minThe 10 Minute Cyber FixPayPal's 16 Million User NIGHTMARE - Your Business Is NextEpisode SummaryCybercriminals are selling alleged PayPal credentials for nearly 16 million users on dark web forums, highlighting the devastating reality of credential stuffing attacks targeting UK businesses daily. Hosts Lucy Harper and Graham break down why this threat represents far more than just another data breach and provide an emergency action plan for protecting your business from automated credential attacks.What You'll LearnWhy the alleged PayPal credential dump likely comes from infostealer malware rather than a company breachHow credential stuffing attacks work and why they're particularly dangerous for UK SMEsThe devastating financial impact...
2025-08-2109 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsAI Cyber Threats Target Small Business - insights from DefCon 33 & Black Hat 2025🎧 Latest Episode Alert | Fresh intelligence from DefCon 33 reveals how AI-enhanced cyber threats to small business are accelerating rapidly. Techniques demonstrated in Las Vegas are targeting UK businesses within weeks.
🚨 Critical Cyber Threats to Small Business
AI-Powered Social Engineering
85% success rates against security professionals
AI psychological profiling from social media
Voice synthesis for CEO impersonation attacks
Multi-month fake identity campaigns
Supply Chain Cyber Threats
Coordinated ecosystem attacks across suppliers
AI mapping of business relationships
MSP compromises affecting 200+ networks
Hardware backdoors surviving firmware updates
Automated Attack Evolution
6-hour vulnerability-to-exploit timeline
88% evasion of tradit...
2025-08-1846 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsAI Cyber Threats Target Small Business - insights from DefCon 33 & Black Hat 2025🎧 Latest Episode Alert | Fresh intelligence from DefCon 33 reveals how AI-enhanced cyber threats to small business are accelerating rapidly. Techniques demonstrated in Las Vegas are targeting UK businesses within weeks.
🚨 Critical Cyber Threats to Small Business
AI-Powered Social Engineering
85% success rates against security professionals
AI psychological profiling from social media
Voice synthesis for CEO impersonation attacks
Multi-month fake identity campaigns
Supply Chain Cyber Threats
Coordinated ecosystem attacks across suppliers
AI mapping of business relationships
MSP compromises affecting 200+ networks
Hardware backdoors surviving firmware updates
Automated Attack Evolution
6-hour vulnerability-to-exploit timeline
88% evasion of tradit...
2025-08-1846 minThe 10 Minute Cyber FixThe Fortinet Vulnerability CrisisEpisode SummaryHost Lucy Harper breaks down why this latest FortiNet incident should represent the final straw in a relentless pattern of Fortinet vulnerabilities and provides a comprehensive action plan for UK businesses to conduct strategic vendor risk assessments.What You'll LearnHow 780 coordinated IP addresses targeted Fortinet SSL VPNs in the largest recorded attack campaignGreyNoise's 80% correlation between attack surges and vulnerability disclosures within 6 weeksThe systematic pattern across Multiple CVE exploitationsWhy UK SMEs face catastrophic risk multiplication through managed service provider compromisesComplete 4-step action plan ending with strategic vendor risk assessment for firewall replacement
2025-08-1810 minThe 10 Minute Cyber FixWhen Your Webcam Becomes the WeaponEpisode SummaryCybersecurity researchers reveal how thousands of trusted Lenovo webcams can be remotely converted into persistent BadUSB attack weapons that survive complete system wipes. Host Lucy Harper breaks down the BadCam vulnerability (CVE-2025-4371) and provides immediate protection strategies for UK businesses using affected devices.What You'll LearnHow the BadCam vulnerability allows remote conversion of Lenovo webcams into BadUSB attack devicesWhy firmware-level attacks operate below traditional security detection and survive system rebuildsThe financial and operational impact on UK SMEs using vulnerable Lenovo 510 FHD and Performance FHD webcamsFour immediate action steps to audit...
2025-08-1410 minThe 10 Minute Cyber FixAugust 2025 Patch Tuesday Security Update Roundup: 107 Microsoft Flaws Plus Critical Industry PatchesEpisode SummaryMicrosoft's August 2025 Patch Tuesday delivers 107 vulnerability fixes including one actively exploited zero-day, while critical updates from Adobe, Google, Cisco, and WinRAR address zero-day attacks across the software ecosystem. Host Lucy Harper breaks down the coordinated multi-vendor security response and provides immediate deployment guidance for UK businesses.What You'll LearnMicrosoft's 107 vulnerabilities including CVE-2025-53779 Kerberos zero-day under active exploitationCritical Office application flaws in Word, Excel, and Exchange Server affecting business operationsMulti-vendor security crisis involving Adobe AEM Forms, WinRAR, Android Qualcomm chips, and Cisco infrastructureEmergency deployment strategies for coordinating updates across multiple technology...
2025-08-1310 minThe 10 Minute Cyber FixUK Becomes Europe's Prime Malware TargetEpisode SummaryNew research reveals the UK has become the third most targeted country globally for malware attacks, with over 103 million incidents hitting British businesses in Q2 2025. Host Lucy Harper explains why the UK has become Europe's biggest cybersecurity target and provides immediate protection steps on Microsoft Patch Tuesday. What You'll LearnWhy the UK faces over 1 million daily malware attacks, ranking #1 in EuropeHow APC virus targets business automation systems for maximum disruptionWhy Britain's digital economy makes it a prime criminal targetFour immediate action steps to protect against malware infiltrationWhich website...
2025-08-1212 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhen Your Safety Net Becomes the Target🚨 Episode 11: When Your Safety Net Becomes the TargetBackup Security Under Fire + Business Email Compromise Reality Check
Your backups aren't protecting you anymore—they're the primary target. In this explosive double-header episode, we expose why 94% of ransomware attacks now target backup systems first, and how Business Email Compromise enables these devastating attacks.
🎯 What You'll Learn:Backup Reality Check: Why "immutable" storage isn't, and cloud sync ≠ backup protection
Cloud Provider Truth Bomb: Neither Microsoft nor Google guarantee your data integrity
BEC Epidemic: How £35+ billion in global losses connect to backup destruction
Modern Attack Chains: Email compromise → reconnaissance → backup annihila...
2025-08-1131 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhen Your Safety Net Becomes the Target🚨 Episode 11: When Your Safety Net Becomes the TargetBackup Security Under Fire + Business Email Compromise Reality Check
Your backups aren't protecting you anymore—they're the primary target. In this explosive double-header episode, we expose why 94% of ransomware attacks now target backup systems first, and how Business Email Compromise enables these devastating attacks.
🎯 What You'll Learn:Backup Reality Check: Why "immutable" storage isn't, and cloud sync ≠ backup protection
Cloud Provider Truth Bomb: Neither Microsoft nor Google guarantee your data integrity
BEC Epidemic: How £35+ billion in global losses connect to backup destruction
Modern Attack Chains: Email compromise → reconnaissance → backup annihila...
2025-08-1131 minThe 10 Minute Cyber FixNVidia Under Siege: Critical Server Patches That Can't WaitEpisode SummaryCritical vulnerabilities in NVIDIA's Triton Inference Server allow complete AI system takeover through sophisticated vulnerability chaining. Host Lucy Harper breaks down how attackers can steal proprietary AI models, manipulate responses, and use compromised servers as network pivot points, providing emergency patch guidance for UK businesses deploying artificial intelligence infrastructure. What You'll LearnHow three chained vulnerabilities (CVE-2025-23319, CVE-2025-23320, CVE-2025-23334) enable complete AI server takeoverWhy NVIDIA Triton's Python backend becomes the entry point for sophisticated AI infrastructure attacksThe business impact of AI model theft, data manipulation, and intellectual property compromise4...
2025-08-1112 minThe 10 Minute Cyber FixTikTok Shop's AI-Powered Million-Pound Crypto HeistEpisode SummaryUK businesses face a sophisticated new threat as criminals deploy artificial intelligence to industrialize fraud through TikTok Shop. Host Lucy Harper exposes the "FraudOnTok" campaign that's already stolen over £900,000 through 15,000 fake websites, weaponized AI-generated content, and advanced malware specifically designed to hunt cryptocurrency wallets on personal devices that connect to business systems. What You'll LearnHow the "FraudOnTok" campaign uses AI to create convincing fake influencer videos at industrial scaleWhy SparkKitty malware specifically targets screenshots to steal cryptocurrency wallet recovery phrasesHow OAuth token theft bypasses traditional password security and multi-factor authenticationThe business r...
2025-08-0810 minThe 10 Minute Cyber FixBeware the QR Code: How Quishing is Costing UK Businesses MillionsEpisode SummaryQR codes have become a weapon of choice for cybercriminals, with UK businesses losing £3.5 million in just one year to "quishing" attacks. This episode breaks down the alarming surge in QR code phishing, how these sophisticated attacks work, and provides five actionable steps every SME can take immediately to protect themselves.Key Statistics & Facts784 quishing reports to Action Fraud (April 2024 - April 2025)£3.5 million stolen from UK victims (reported cases only)£4,500 stolen daily through fake QR codes5.3 billion QR code redemptions projected for 2025500,000+ phishing emails now contain QR codes in PDF attachments73% of peo...
2025-08-0513 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhite House CIO Insights Part 3 - Advanced Threats & AIIn the final part of our White House CIO Insights series, we explore the cutting-edge AI-powered threats that are transforming cybersecurity. Our special guest Sarah Chen, who heads up AI threat research at a leading UK cybersecurity firm, reveals how artificial intelligence is being weaponized by criminals - and what small businesses can do to defend themselves.
From deepfakes that fool CEOs to AI that writes custom malware in real-time, discover why traditional security approaches are failing and what you need to implement today to protect your business against tomorrow's threats.
What You'll Learn
...
2025-08-0445 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhite House CIO Insights Part 3 - Advanced Threats & AIIn the final part of our White House CIO Insights series, we explore the cutting-edge AI-powered threats that are transforming cybersecurity. Our special guest Sarah Chen, who heads up AI threat research at a leading UK cybersecurity firm, reveals how artificial intelligence is being weaponized by criminals - and what small businesses can do to defend themselves.
From deepfakes that fool CEOs to AI that writes custom malware in real-time, discover why traditional security approaches are failing and what you need to implement today to protect your business against tomorrow's threats.
What You'll Learn
...
2025-08-0445 minThe 10 Minute Cyber FixWhen Your Firewall Becomes the Threat - Monday 4th August 2025Breaking: Critical SonicWall Vulnerability Threatens UK Small BusinessesArctic Wolf researchers identified a surge in ransomware attacks targeting SonicWall devices since July 15th, 2025. The Akira ransomware gang exploits a zero-day vulnerability bypassing traditional security measures, affecting thousands of UK SMEs.Why This Attack Is Different:90-minute deployment: Initial breach to full encryption in under 2 hoursBypasses security: Compromises updated devices with MFA enabledMassive scale: 300,000+ SonicWall appliances vulnerable, 210,000 unpatchedSophisticated infrastructure: Uses established hosting providersLong-term campaign: Patterns traced to October 2024Impact on UK Small Business:SonicWall devices are popular among UK SMEs for...
2025-08-0409 min
UnixGuy Cyber Security CareerThe SECRET World of Cyber-Crime & Counter-Terrorism CareerMost people think cyber security is all about firewalls and hacking. But there is a hidden side of the industry that few talk about. It involves counterterrorism, human trafficking, organised crime, and intelligence work that often remains classified.In this episode, I speak with Hayley Van Loon, Deputy CEO of Crimestoppers International and former intelligence officer. She shares what it is really like working at the intersection of cyber security and national security. We cover real-world cases, including the disturbing truth behind counterfeit goods and how they fund terrorism and human trafficking.Hailey explains how...
2025-08-0431 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe UK Government’s Ransomware Gambit: Why Your SMB Just Became a Bigger TargetUK Ransomware Ban: Why Your SMB Just Became a Bigger Target
Show: The Small Business Cyber Security Guy Hot Take
Hosts: Graham Falkner & Noel Bradford
Episode Length: 7:30
Category: Business, Technology
Episode Description
The UK Government just dropped the most aggressive ransomware policy in the world - and it's about to make your small business a much more attractive target for criminals.
Join Graham and Noel as they break down the three shocking proposals that will reshape cyber threats for every British business...
2025-08-0108 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe UK Government’s Ransomware Gambit: Why Your SMB Just Became a Bigger TargetUK Ransomware Ban: Why Your SMB Just Became a Bigger Target
Show: The Small Business Cyber Security Guy Hot Take
Hosts: Graham Falkner & Noel Bradford
Episode Length: 7:30
Category: Business, Technology
Episode Description
The UK Government just dropped the most aggressive ransomware policy in the world - and it's about to make your small business a much more attractive target for criminals.
Join Graham and Noel as they break down the three shocking proposals that will reshape cyber threats for every British business...
2025-08-0108 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsHelp Desk MFA Reset Fails: Scattered Spider vs. UK RetailEpisode Description
Join Noel Bradford and Graham Falkner for another cybersecurity hot take as they dive into the alarming world of help desk social engineering attacks. This episode exposes how the notorious Scattered Spider group has weaponized basic human helpfulness to devastating effect, turning your friendly IT support into the front door for ransomware attacks.
From MGM's $100 million disaster to the recent wave of UK retail breaches (M&S, Co-op, Harrods), discover how teenagers armed with nothing more than convincing accents and sob stories are outsmarting million-pound security systems. Spoiler alert: it's not the tech...
2025-07-3108 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsHelp Desk MFA Reset Fails: Scattered Spider vs. UK RetailEpisode Description
Join Noel Bradford and Graham Falkner for another cybersecurity hot take as they dive into the alarming world of help desk social engineering attacks. This episode exposes how the notorious Scattered Spider group has weaponized basic human helpfulness to devastating effect, turning your friendly IT support into the front door for ransomware attacks.
From MGM's $100 million disaster to the recent wave of UK retail breaches (M&S, Co-op, Harrods), discover how teenagers armed with nothing more than convincing accents and sob stories are outsmarting million-pound security systems. Spoiler alert: it's not the tech...
2025-07-3108 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsCyber Essentials - White House Security Principles for UK Small BusinessPart 2 of White House CIO Insights Series | ~38 minutes
How do you implement White House-level security without White House-level budgets? Building on insights from former White House CIO Theresa Payton's interview with Scammer Payback, Noel and Mauven explore the UK's Cyber Essentials framework - translating enterprise security principles into achievable small business requirements.
The Five Cyber Essentials Controls:
Boundary Firewalls - Your digital perimeter defense
Secure Configuration - Closing manufacturer security gaps
Access Control & MFA - 90% credential attack prevention
Malware Protection - Beyond traditional antivirus
Security Update Management - Systematic patching
...
2025-07-2842 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsCyber Essentials - White House Security Principles for UK Small BusinessPart 2 of White House CIO Insights Series | ~38 minutes
How do you implement White House-level security without White House-level budgets? Building on insights from former White House CIO Theresa Payton's interview with Scammer Payback, Noel and Mauven explore the UK's Cyber Essentials framework - translating enterprise security principles into achievable small business requirements.
The Five Cyber Essentials Controls:
Boundary Firewalls - Your digital perimeter defense
Secure Configuration - Closing manufacturer security gaps
Access Control & MFA - 90% credential attack prevention
Malware Protection - Beyond traditional antivirus
Security Update Management - Systematic patching
...
2025-07-2842 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhite House CIO Insights - The Threat Landscape Small Business FacesWhat's scarier - protecting the President or a small business in Manchester? Former White House CIO Theresa Payton says they face exactly the same sophisticated threats now.
Runtime: 36 minutes | Series: Part 1 of 3 | Hosts: Noel Bradford & Mauven MacLeodKey Topics Covered
Nation-state targeting: North Korea (vengeful), Iran (cyber mercenaries), Russia (everything), China (supply chains)
"Verify and never trust" - Evolution from Reagan's "trust but verify" for modern threats
Island hopping attacks - Small businesses as stepping stones to larger targets
White House security principles scaled for small business budgets
Multi-factor authentication - 90% effective against credential attacks
Supply chain...
2025-07-2138 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsWhite House CIO Insights - The Threat Landscape Small Business FacesWhat's scarier - protecting the President or a small business in Manchester? Former White House CIO Theresa Payton says they face exactly the same sophisticated threats now.
Runtime: 36 minutes | Series: Part 1 of 3 | Hosts: Noel Bradford & Mauven MacLeodKey Topics Covered
Nation-state targeting: North Korea (vengeful), Iran (cyber mercenaries), Russia (everything), China (supply chains)
"Verify and never trust" - Evolution from Reagan's "trust but verify" for modern threats
Island hopping attacks - Small businesses as stepping stones to larger targets
White House security principles scaled for small business budgets
Multi-factor authentication - 90% effective against credential attacks
Supply chain...
2025-07-2138 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe Hidden Dangers of Technical DebtShow Notes
Duration: 25:16
Hosts: Mauven MacLeod & Noel Bradford
Technical debt isn't just old computers - it's a ticking time bomb in every UK business. When Noel discovers his local Oxford Council data was sitting in legacy systems for 21 years, things get personal. From NHS cyber deaths to £1.4 billion breaches, this episode reveals why "if it ain't broke, don't fix it" could destroy your business.
Warning: Contains one epic Noel rant and brutal truths about preventable disasters.
Shocking Statistics Revealed
160,000 Mic...
2025-07-1428 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsThe Hidden Dangers of Technical DebtShow Notes
Duration: 25:16
Hosts: Mauven MacLeod & Noel Bradford
Technical debt isn't just old computers - it's a ticking time bomb in every UK business. When Noel discovers his local Oxford Council data was sitting in legacy systems for 21 years, things get personal. From NHS cyber deaths to £1.4 billion breaches, this episode reveals why "if it ain't broke, don't fix it" could destroy your business.
Warning: Contains one epic Noel rant and brutal truths about preventable disasters.
Shocking Statistics Revealed
160,000 Mic...
2025-07-1428 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsMcDonalds’ SuperSized Cyber Screw UpShow Guide: When Basics Break - Special Bonus Episode
Duration: 9 minutes | Type: Special Episode
Episode Summary
McDonald's password "123456" exposed 64 million job applications. M&S lost £300M to a phone call. Our full team dissects how basic security failures are destroying major brands and what small businesses must learn.
Featured Team
Noel Bradford - Lead Host
Mauven MacLeod - Ex-NCSC Specialist
Oliver Sterling - Cybersecurity Veteran
Dr. Sarah Chen - AI Security Researcher
Key Segments & Timestamps
🍟 McDonald's AI Disaster (0:00-3:00)
Paradox.ai hiring bot secu...
2025-07-1012 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsMcDonalds’ SuperSized Cyber Screw UpShow Guide: When Basics Break - Special Bonus Episode
Duration: 9 minutes | Type: Special Episode
Episode Summary
McDonald's password "123456" exposed 64 million job applications. M&S lost £300M to a phone call. Our full team dissects how basic security failures are destroying major brands and what small businesses must learn.
Featured Team
Noel Bradford - Lead Host
Mauven MacLeod - Ex-NCSC Specialist
Oliver Sterling - Cybersecurity Veteran
Dr. Sarah Chen - AI Security Researcher
Key Segments & Timestamps
🍟 McDonald's AI Disaster (0:00-3:00)
Paradox.ai hiring bot secu...
2025-07-1012 min
The Security Guy and CIA Spy PodBroadcast by Robert Siciliano and Peter WarmkaClose with Caution: Cyber Threats Lurking in Real Estate Deals #43Episode 43- Peter and Robert discuss mortgage closing wire fraud in the real estate industry and the importance of password management and two-factor authentication controls in order to reduce the risk of multiple forms of account takeover fraud.Show notes/Links: Data breach exposes passwords from Google and other tech giantshttps://thepaypers.com/digital-identity-security-online-fraud/data-breach-exposes-passwords-from-google-and-other-tech-giants--127381019 Billion Passwords Leaked: Protect Yourself from Cyber Threatshttps://securityboulevard.com/2025/05/19-billion-passwords-leaked-protect-yourself-from-cyber-threats/?utm_source=feedly&utm_medium=rss&utm_campaign=19-billion-passwords-leaked-protect-yourself-from-cyber-threatsThe Best Password Managers for 2025 https://www.pcmag.com/picks/t...
2025-06-1727 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsCertification Without SecurityThis episode exposes why cyber certifications like ISO27001 and SOC 2 don’t guarantee real security. We break down the difference between frameworks and show how neglecting basic controls leaves even big brands open to attack.
2025-06-0915 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsCertification Without SecurityThis episode exposes why cyber certifications like ISO27001 and SOC 2 don’t guarantee real security. We break down the difference between frameworks and show how neglecting basic controls leaves even big brands open to attack.
2025-06-0915 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsOutsmarted by DeceptionIranian cyber attackers aren’t just hacking—they’re outsmarting and outmaneuvering defenses through psychological cunning. Noel and Morven break down the real methods behind the headlines, exposing how these groups trick even the savviest users and why old-school security training just isn’t enough anymore.
2025-06-0210 minThe Small Business Cyber Security Guy | Cybersecurity for SMB & StartupsOutsmarted by DeceptionIranian cyber attackers aren’t just hacking—they’re outsmarting and outmaneuvering defenses through psychological cunning. Noel and Morven break down the real methods behind the headlines, exposing how these groups trick even the savviest users and why old-school security training just isn’t enough anymore.
2025-06-0210 min
Car Dealership Guy Podcast#95 Cyber attack testing a trillion dollar industry, “Spearfishing", Where do dealers go from here? | A special panel discussion with cyber security experts, dealers, and industry insidersWelcome to the Car Dealership Guy Podcast. In this special episode, I'm hosting a panel of cyber security experts, dealers, and industry insiders where we discuss: A cyber attack testing a trillion dollar industry,
"spearfishing", what’s at stake and where do dealers go from here?This episode of the Car Dealership Guy Podcast is brought to you by:Car Dealership Guy News - The #1 source for concise and unbiased car industry news. Stay informed with the most relevant and interesting stories by visiting https://cdg.news
2024-06-251h 11
Online 🌐 With Amr The Internet Guy, Helping business owners become more successful onlineOnline with Amr The Internet Guy Episode 31, How to protect yourself and your business from Cyber criminals, with Scott Schober🎧This is Online with Amr The Internet Guy! The show focuses on entrepreneurs and business owners, helping them become more successful in conducting their business on the web without being stuck with Technology 😱, getting a headache, pulling their hairs out, or buying expensive software!My guest today is Scott Schober,Scott is an innovator and Wireless expert from New Jersey, he is the President and CEO of Berkeley Varitronics Systems a provider of advanced, world-class wireless test and security solutions.He is the author of three best-selling security books: Hacked Again (based on personal experi...
2022-03-1758 min
Online 🌐 With Amr The Internet Guy, Helping business owners become more successful onlineOnline with Amr The Internet Guy Episode 31! How to protect yourself and your business from Cyber criminals, with Scott Schober 🎧This is Online with Amr The Internet Guy! The show focuses on entrepreneurs and business owners, helping them become more successful in conducting their business on the web without being stuck with Technology 😱, getting a headache, pulling their hairs out, or buying expensive software!My guest today is Scott Schober, Scott is an innovator and Wireless expert from New Jersey, he is the President and CEO of Berkeley Varitronics Systems a provider of advanced, world-class wireless test and security solutions.He is the author of three best-selling security books...
2022-03-1758 min