The Small Business Cyber Security Guy | UK Cybersecurity for SMB & Startups

The Small Business Cyber Security Guy

The UK's leading small business cybersecurity podcast, helping SMEs protect against cyber threats without breaking the bank. Join cybersecurity veterans Noel Bradford (CIO at Boutique Security First MSP) and Mauven MacLeod (ex-UK Government Cyber Analyst) as they translate enterprise-level security expertise into practical, affordable solutions for UK small businesses. 🎯 WHAT YOU'LL LEARN: Cyber Essentials certification guidance Protecting against ransomware & phishing attacks GDPR compliance for small businesses Supply chain & third-party security risks Cloud security & remote work protection Budget-friendly cybersecurity tools & strategies 🏆 PERFECT FOR: UK small business owners (5-50 employees) Startup founders & entrepreneurs SME managers responsible for IT security Professional services firms Anyone wanting practical cyber protection advice Every episode delivers actionable cybersecurity advice that you can implement immediately, featuring real UK case studies

  1. Why Windows 11 25H2 Is a Quiet Security Game-Changer

    2 DAYS AGO · BONUS

    Why Windows 11 25H2 Is a Quiet Security Game-Changer

    Host Graham Faulkner dives into Windows 11 25H2 in this solo episode, explaining why this understated update matters for security, stability, and small-business productivity. He breaks down how 25H2 arrives as an Enablement Package (EKB), what that means if you’re already on 24H2, and why the streamlined rollout keeps disruptions to a minimum. The episode covers key technical and practical changes: removal of legacy components like PowerShell 2.0 and WMIC, continued performance improvements (CPU scheduling, memory management, faster startups), and expanded Wi‑Fi 7 support. Graham highlights Microsoft’s shift toward continuous monthly innovation and why that helps maintain a more secure, reliable environment without waiting for big yearly releases. Security is a major focus: Graham explains Microsoft’s Secure Future initiative, which brings AI-assisted secure coding and enhanced vulnerability detection into the development and post-release lifecycle. He frames these advances for small business owners, showing how better detection and automated security practices reduce risk and downtime. Practical deployment and lifecycle details are explained clearly: support-cycle resets (24 months for Home/Pro, 36 months for Enterprise/Education), how to get 25H2 via the “Get the Latest Updates” toggle, controlled rollouts and device holds, and enterprise deployment options like Windows AutoPatch and the Microsoft 365 Admin Center. He also covers admin-friendly improvements such as removing preinstalled Microsoft Store apps with Intune or Group Policy. The episode closes with hands-on advice: check the Windows Release Health Hub for known issues, back up critical machines before upgrading, verify driver and app compatibility, and prepare rollback plans for important systems. Graham adds a personal anecdote about preparing his vinyl-catalog PC for the update and stresses that 25H2 is about steady, practical improvements—safer, faster, and less disruptive for both single machines and fleets.

    10 min
  2. Your 3-Year-Old's Data Is on the Dark Web Right Now: The Kido Wake-Up Call

    3 DAYS AGO · BONUS

    Your 3-Year-Old's Data Is on the Dark Web Right Now: The Kido Wake-Up Call

    In 40 years of Information Technology work, Noel Bradford has never been this angry. On September 25th, 2025, the Radiant ransomware gang stole personal data from 8,000 children at Kido International nurseries, posted their photos and medical records online, and then started calling parents at home to demand ransom payments. This isn't just another data breach. This is the moment cybercrime lost whatever soul it had left. In this raw, unfiltered episode, Noel breaks down exactly what happened, why the security failures that enabled this attack exist in thousands of UK small businesses right now, and what you need to do immediately to protect your organisation from becoming the NEXT headline. WARNING: This episode contains strong language and discusses disturbing tactics used by cybercriminals. Parental guidance advised. What You'll Learn The complete timeline of the Kido ransomware attack and how it unfolded Why hackers spent weeks inside the network before striking The new escalation tactic of directly contacting victims' families Five critical security failures that allowed 8,000 children's records to be stolen Why "we're too small to be targeted" is the most dangerous lie in business The regulatory consequences Kido faces under UK GDPR Immediate action steps every small business must take NOW Why does this attack signal a fundamental shift in cybercrime tactics   Key Takeaways The Five Critical Failures Initial Access Was Preventable - Likely phishing, weak passwords, or unpatched vulnerabilities No Monitoring - Weeks of dwell time with zero detection No Network Segmentation - Hackers accessed everything once inside No Data Loss Prevention - 8,000 records exfiltrated without triggering alarms Inadequate Backups - No mention of restoration from clean backups New Threat Landscape Reality Ransomware gangs now directly contact victims' families Children's data is being weaponised for psychological pressure Moral boundaries in cybercrime have completely dissolved Attack tactics proven successful will be replicated by other groups Business Impact Statistics 43% of UK businesses suffered a breach in the past year Nearly 50% of primary schools reported cyber incidents 60% of secondary schools experienced attacks The education sector is particularly vulnerable Featured Experts & Sources Government & Law Enforcement: Metropolitan Police Cyber Crime Unit Information Commissioner's Office (ICO) Jonathon Ellison, Director for National Resilience, National Cyber Security Centre Cybersecurity Experts: Rebecca Moody, Head of Data Research, Comparitech Anne Cutler, Cybersecurity Expert, Keeper Security Mantas Sabeckis, Infosecurity Researcher, Cybernews Direct Victims: Stephen Gilbert, Parent with two children at Kido nursery Threat Actors: Radiant Ransomware Gang (claims to be Russia-based) Immediate Action Checklist Do These TODAY: Enable multi-factor authentication on ALL business accounts Check that all software is updated to the latest versions Review who has access to sensitive data Verify backups exist and are stored offline Schedule staff phishing awareness training Do These This Week: Audit your network segmentation Implement monitoring and alerting systems Review password policies across the organisation Create an incident response plan Assess cyber insurance coverage Do These This Month: Conduct a full security audit Test backup restoration procedures Implement data loss prevention tools Review vendor and third-party security Schedule penetration testing Resources Mentioned Government Resources National Cyber Security Centre: https://www.ncsc.gov.uk/ Information Commissioner's Office: https://ico.org.uk/ Met Police Cyber Crime Unit: https://www.met.police.uk/advice/advice-and-information/fa/fraud/online-fraud/cyber-crime/ UK Cyber Security Breaches Survey: https://www.gov.uk/government/collections/cyber-security-breaches-survey Cybersecurity Companies Comparitech: https://www.comparitech.com/ Keeper Security: https://www.keepersecurity.com/ Cybernews: https://cybernews.com/ Legal & Compliance UK GDPR Guidance: https://ico.org.uk/for-organisations/guide-to-data-protection/ Children's Data Protection: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/children-and-the-uk-gdpr/ Episode Quotes "What happened to Kido International this week represents the absolute lowest point I've witnessed in 40 years of cybersecurity." "These hackers didn't just encrypt some files and demand payment. They actively posted samples of children's profiles online. Then they started ringing parents directly." "You're not special. You're not too small. You're not immune. You're just next on the list unless you take action." "The hackers claim they 'deserve some compensation for our pentest.' Let that sink in. They're calling this a penetration test." "A child's photo, name, and home address in criminal hands. This data doesn't expire. It doesn't get less valuable. It just sits there, a permanent risk to these families." "None of these failures are unique to nurseries or large organizations. I see the same problems in small businesses every single week." "You're making the same mistakes that led to 8,000 children's data being posted on the dark web. The only difference is scale." Discussion Questions How would you respond if your business were to experience a similar attack? What security measures do you currently have in place? Do you know where your most sensitive data is stored and who can access it? When was the last time you tested your backup restoration? How would you handle direct contact from threat actors? Connect With Noel Bradford Website: The Small Business Cyber Security Guy Email: hello@thesmallbusinesscybersecurityguy.co.uk LinkedIn: Noel Bradford Need Help With Your Cybersecurity? Equate Group Support The Podcast If this episode made you think differently about cybersecurity, please: ⭐ Leave a 5-star review on Apple Podcasts 📢 Share this episode with other business owners 📧 Subscribe to get every new episode 💬 Join the conversation on social media using #KidoHack   Legal Disclaimer The information provided in this podcast is for educational and informational purposes only. It does not constitute legal, financial, or professional cybersecurity advice. Always consult with qualified professionals regarding your specific situation. Opinions expressed are those of the host and do not necessarily reflect the views of any organisations mentioned. Transcript Full episode transcript available at: TBC Episode Tags #Cybersecurity #Ransomware #DataBreach #SmallBusiness #KidoHack #UKBusiness #CyberCrime #DataProtection #GDPR #InformationSecurity #CyberAwareness #ThreatIntelligence #BusinessSecurity #RansomwareAttack #ChildSafety © 2025 The Small Business Cyber Security Guy Podcast. All rights reserved.

    18 min
  3. When Teen Hackers Test Your Defences: Lessons from the School Yard to the Boardroom

    4 DAYS AGO

    When Teen Hackers Test Your Defences: Lessons from the School Yard to the Boardroom

    Join hosts Noel Bradford and Mauven McLeod in this Back-to-School special of the Small Business Cybersecurity Guy podcast as they trace a line from 1980s schoolroom mischief to modern, large-scale breaches that put millions of students and small organisations at risk. Through recollections of early BBC Model B and Novell-era antics, the episode uses real recent incidents to expose how weak passwords, written credentials and opportunistic insiders create systemic security failures. The episode unpacks headline-making investigations and statistics — including the ICO analysis showing that students are behind a majority of school data breaches, the PowerSchool compromise that affected tens of millions of records and led to extortion demands, and targeted campaigns such as Vice Society and the evolving Kiddo International incident. The hosts explain the motivations behind student-led breaches (curiosity, dares, financial gain, and revenge) and how those same drivers also appear within small businesses. Noel and Mauven explain why insider threats matter, even when they aren’t sophisticated: most breaches exploit simple weaknesses, such as reused or guessable passwords, written notes, shared admin accounts, and a lack of access controls. Producer Graham contributes a live update on ongoing incidents, and the episode highlights how these events translate into operational disruptions — including school closures, days of downtime, and long-term reputational and legal fallout. Practical defence is the episode’s focus: clear, actionable guidance covers immediate steps (audit access, enable multi-factor authentication, remove unnecessary privileges), short-term actions (implement logging and monitoring, deploy password managers, set up incident response procedures) and longer-term resilience measures (regular access reviews, backups, staff training and cultural change). The hosts emphasise designing security around human behaviour so staff follow safe practices instead of working around them. Listeners will get a concise checklist of recommended technical controls — MFA, role-based access, privileged account separation, activity logging and reliable backups — alongside cultural advice: leadership buy-in, recognisable rewards for good security behaviour, and channels for curious employees to learn responsibly. The episode also highlights regulatory shifts, such as the introduction of mandatory Cyber Essentials for certain educational institutions, and links these requirements to small business risk management. Expect vivid anecdotes, practical takeaways and a clear call-to-action: if a curious teenager can bypass your systems, it’s time to harden them. Whether you run a two-person firm or a growing small business, this episode provides the context, evidence, and step-by-step priorities to reduce insider risk, detect misuse quickly, and recover from incidents without compromising your customers’ trust.

    41 min

  4. 25 SEPT · BONUS

    £80M Blow: How Teenagers and One Phone Call Bankrupted Co-op's Cybersecurity

    Co-op's CEO has just confirmed that their cybersecurity disaster cost £80 million. The attackers? Teenagers are using basic social engineering. In this Hot Takes episode, we break down how "We've contained the incident" turned into an £80 million earnings wipeout, and why the final bill could reach £400-500 million once legal claims are settled. This isn't just another breach story - it's a wake-up call for every UK business owner who thinks "it won't happen to us." Key Topics Covered The Attack Breakdown [0:30] April 2024 attack by the Scattered Spider group Social engineering, not sophisticated exploits 6.5 million members affected (100% of Co-op members) 2,300 stores disrupted, 800 funeral homes on paper systems The Real Cost [1:45] £80 million confirmed earnings impact £206 million total sales impact £20 million in direct incident costs Zero cyber insurance coverage Why It Could Get Much Worse [2:30] Pending ICO fine: £15-20 million likely Individual GDPR compensation claims: £25-£150 per person Potential £325 million member compensation exposure Final bill estimate: £400-500 million Lessons for UK Small Businesses [3:15] Social engineering beats technical defences Cyber insurance is essential, not optional Business continuity failures amplify costs Training matters more than firewalls Key Statistics £80 million - Confirmed earnings impact 6.5 million - Customers affected (every single member) £12 - Cost per affected customer (low by UK standards) £325 million - Potential member compensation exposure 17-20 years old - Age of arrested suspects 2,300+ - Stores affected by operational disruption Resources & Links Full Analysis: Read the complete breakdown: Link  Key Sources Cited: ICO Statement on Retail Cyber Incidents Computer Weekly: Co-op breach coverage Insurance Insider: Co-op's lack of cyber coverage UK Government Cyber Security Breaches Survey 2025 Action Items for Listeners Check your cyber insurance policy - Do you have coverage? Is it adequate? Review employee training - When was the last time your team received social engineering awareness training? Test business continuity - Can your operations survive 2 weeks offline? Read the full blog post - Get all the details and cost breakdowns Quote of the Episode "Co-op's disaster isn't a cybersecurity failure. It's a business leadership failure. And if you're listening to this thinking your business is different, you're next."

    8 min

  5. 23 SEPT · BONUS

    DORA's Wake-Up Call: How JLR and Collins Aerospace Exposed a New Regulatory Storm

    Date: 23 September 2025 — Host Mauven McLeod delivers a furious, fast-paced analysis of two seismic cyber incidents and what they mean for UK and global businesses. This episode examines the Jaguar Land Rover and Collins Aerospace ransomware attacks, the human-driven methods that enabled them, and why they represent the first significant test of the EU's Digital Operational Resilience Act (DORA). Topics covered include the scale of the damage (JLR reportedly losing up to £5 million per day and sector-wide losses potentially exceeding £1 billion), the criminal methodology (simple social engineering and help-desk manipulation by groups linked to Lapsus-style actors), and the cascading supply-chain impacts across automotive and aviation sectors. The episode references confirmations from Anissa about Collins’ ransomware compromise and notes reactions from industry figures such as Chris MacDonald at the Department for Business and Trade, as well as large providers like Tata Consultancy Services, Microsoft and RTX/Collins Aerospace. Key points you’ll take away: these attacks were largely preventable with basic controls — MFA (hardware keys), formal helpdesk identity verification, callback confirmation, network segmentation and focused security training — yet failures persist even at well-resourced organisations. Crucially, the episode explains DORA’s cross-border reach (applicable since 17 January 2025), how EU authorities can designate critical ICT third-party providers (including non-EU firms), the reporting and continuity obligations this triggers for financial entities, and the potential penalties (including fines up to around 1% of global turnover) and oversight mechanisms now coming into play. Practical guidance for listeners covers immediate steps: map vendor dependencies and identify any providers serving EU financial entities; review and update contracts for DORA alignment; update incident response and continuity plans to reflect DORA reporting requirements; and deploy low-cost, high-impact controls like hardware MFA, strict helpdesk processes and segmentation. The episode also critiques the UK government’s reactive crisis management during these incidents and warns of an accelerating enforcement wave: designations, cross-border scrutiny and contractual overhauls are expected to intensify through 2025. Ultimately, Moven argues this is the start of a new era — one where regulatory exposure flows through vendor dependencies and where organisational will, not technical capability, is the biggest barrier to resilience. Listeners will finish with a clear sense of urgency, the regulatory risks to assess, and concrete next steps to reduce operational and regulatory fallout from future incidents.

    19 min

  6. 22 SEPT

    One IT Manager, Massive Risk: Burnout, Sabotage and System Failures

    This episode explores the risks of relying on a single IT manager as an entire IT department. Hosts Noel Bradford and Mauven MacLeod unpack why paying one person a modest salary is not the same as buying a full team of specialists, and they share vivid real-world horror stories — from a sudden resignation that paralysed a 40-person engineering firm, to a ruined holiday when backups failed, to a marketing agency locked out by a burnt-out IT manager. Key topics include the cost mismatch between expectations and reality, how knowledge concentration creates critical single points of failure, signs that your IT lead is drowning (long hours, no lunch breaks, defensiveness, lack of documentation), and how poor management decisions can make things worse. Practical solutions are given: document everything, hire a competent number two rather than a trainee, engage managed service providers for specialist and 24/7 support, move critical services to cloud platforms to reduce on-site burden, and start with small, affordable steps like basic support contracts or break-fix services. The episode includes personal anecdotes from Noel (the "Donny" and zoo-day stories) and a discussion of when to involve external help, how to create continuity plans, and three immediate actions business owners can take today. Listeners are encouraged to have an open conversation with their IT person, assess real costs and risks, and take steps to protect both their systems and their staff from burnout and catastrophic failure.

    41 min
  7. EXPOSED: The £200k Mistake 90% of Small Businesses Make (Dave From IT Isn’t Supposed To Run Your Technology Strategy!)

    15 SEPT

    EXPOSED: The £200k Mistake 90% of Small Businesses Make (Dave From IT Isn’t Supposed To Run Your Technology Strategy!)

    Most small business owners think CIO stands for "Chief I-Fix-Everything Officer" and CISO means "Chief I-Worry-About-Security Officer." In this episode, Noel Bradford (actual CIO/CISO) breaks down what these executive roles actually do and why your business desperately needs this strategic thinking - without the six-figure salary. Discover how fractional CIO/CISO services let 20-100 employee businesses access Fortune 500 expertise for £15,000-35,000 annually instead of £120,000+ for full-time hiring. What You'll Learn The Real Difference Between CIO and CISO: Technology strategy vs security strategy (and why one person can do both). Why Dave from IT Needs Help: The unfair burden of strategic decisions on operational staff. Fractional Services Explained: How to get executive-level guidance for 8-12 hours per month. ROI Reality Check: Technology inefficiencies probably cost you more than £15k annually Finding Quality Providers: Red flags vs genuine executive experience. Integration Strategy: Treating fractional executives like Non-Executive Directors. Key Takeaways Strategic technology and security leadership isn't just for large corporations. Fractional services cost £15,000-35,000 annually vs £120,000+ for full-time hiring Sound fractional executives enhance internal capabilities rather than replacing them. Treat fractional CIO/CISO like Non-Executive Directors - invite them to board meetings. Start with a current state assessment (£3,000-6,000) before ongoing engagement. Diagnostic Questions You probably need fractional CIO/CISO services if you answer "yes" to several of these: Technology decisions are made reactively rather than strategically Increasing tech spending without clear ROI visibility Security/compliance concerns are constantly pushed down the priority list Internal IT person making strategic decisions while handling operations Current systems won't scale with business growth plans Regulatory compliance anxiety about technology approaches Episode Highlights Real-World Example: A 15-person marketing agency saved £300/month and improved security by consolidating from multiple cloud storage solutions to a single strategic platform. Cost Comparison: Fractional services at £150-350/hour for 8 hours monthly vs full-time CIO/CISO at £100,000-180,000 annually plus benefits and normal staffing costs. Next Steps Honest self-assessment of current technology/security decision-making Calculate the annual cost of technology inefficiencies and security risks Research fractional providers with genuine senior executive experience Consider starting with the current state assessment project Connect With Us Hit subscribe, leave a review mentioning whether you're considering fractional services, and share with business owners making technology decisions without strategic guidance. Remember: You don't need enterprise budgets to get enterprise thinking. And be kind to Dave - he's doing his best. #FractionalCIO #FractionalCISO #CIO #CISO #ChiefInformationOfficer #ChiefInformationSecurityOfficer #FractionalExecutive #ITLeadership #TechnologyStrategy #SecurityStrategy #SmallBusiness #SMB #SmallBusinessOwners #Entrepreneurs #BusinessOwners #StartupLife #GrowingBusiness #ScaleUp #BusinessGrowth #SMBTech #ITStrategy #TechnologyLeadership #BusinessTechnology #ITManagement #DigitalTransformation #TechStack #CloudStrategy #ITBudget #TechnologyRoadmap #SystemsIntegration

    41 min
  8. 81 Security Patches + Windows 10’s Final Countdown: What Every Business Owner Must Know

    11 SEPT · BONUS

    81 Security Patches + Windows 10’s Final Countdown: What Every Business Owner Must Know

    September 2025 Patch Tuesday: Critical Business Update Special Edition with Graham Falkner Microsoft's September Patch Tuesday brings 81 security fixes, including 9 critical vulnerabilities already being exploited by attackers. This episode provides essential business guidance for small business owners navigating these updates safely and efficiently. Key Topics Covered: Business impact of 81 security vulnerabilities Four critical threats affecting small businesses SharePoint Server active exploitation campaigns Network authentication bypass vulnerabilities 7-day practical deployment strategy Windows 10 end-of-life planning (October 14th deadline) Cyber Essentials compliance requirements Critical Action Items: Days 1-2: Assess SharePoint installations and document processing systems Days 3-7: Deploy controlled testing and priority system updates Days 8-14: Complete production environment deployment Immediate: Audit all Windows 10 devices and plan migration Windows 10 Urgent Notice: Support ends October 14th, 2025. This may be the final security update for Windows 10 systems. Extended Security Updates available at significant cost. Migration planning required immediately. Compliance Requirements: Cyber Essentials certified organisations must deploy updates by September 23rd, 2025. Earlier deployment recommended for business risk management. Vulnerable Systems Requiring Priority Attention: SharePoint Server installations (under active attack) Systems processing external documents and email attachments Network authentication infrastructure Customer data handling environments Known Compatibility Issues: PowerShell Direct connection failures in virtualised environments SMB signing requirements affecting older network storage MSI installer UAC prompt changes Sources: Microsoft Security Response Center - September 2025 Security Updates Verizon 2024 Data Breach Investigations Report UK GDPR Article 32 - Security of Processing Requirements Cyber Essentials Certification Guidelines Resources: Comprehensive deployment guides, compatibility checklists, and Windows 11 migration planning available at: thesmallbusinesscybersecurityguy.co.uk Technical support documentation: Microsoft KB5065426, KB5065431, KB5065429 Next Steps: Subscribe for regular cybersecurity updates. Share with business owners who need this information. Visit our website for detailed implementation guidance. This episode provides educational information only. Always implement cybersecurity measures appropriate to your specific business needs and risk profile. Hashtags: #CyberSecurity #SmallBusiness #Windows10 #PatchTuesday #Microsoft #BusinessSecurity #ITSecurity #CyberEssentials #Windows11 #SecurityUpdates #BusinessContinuity #UKBusiness #Compliance #GDPR #CyberInsurance #NetworkSecurity #SharePoint #BusinessTech #InfoSec #DigitalSecurity

    13 min
See All (29)

About

The UK's leading small business cybersecurity podcast, helping SMEs protect against cyber threats without breaking the bank. Join cybersecurity veterans Noel Bradford (CIO at Boutique Security First MSP) and Mauven MacLeod (ex-UK Government Cyber Analyst) as they translate enterprise-level security expertise into practical, affordable solutions for UK small businesses. 🎯 WHAT YOU'LL LEARN: Cyber Essentials certification guidance Protecting against ransomware & phishing attacks GDPR compliance for small businesses Supply chain & third-party security risks Cloud security & remote work protection Budget-friendly cybersecurity tools & strategies 🏆 PERFECT FOR: UK small business owners (5-50 employees) Startup founders & entrepreneurs SME managers responsible for IT security Professional services firms Anyone wanting practical cyber protection advice Every episode delivers actionable cybersecurity advice that you can implement immediately, featuring real UK case studies

Information

You Might Also Like