UnHacked - Cybersecurity Made Simple for Small Businesses

Phoenix IT Advisors

When Russian hackers break into your business’s computers, what will they find and how much will it cost you? How long will it take you to recover? Can you recover? Here’s the sad truth: 97% of breaches could have been prevented with basic security measures; but once you’ve been hit… you can never get UnHacked! UnHacked is a weekly cybersecurity podcast for SMB business owners and leaders that helps them sort through the overwhelming security costs and recommendations, and focus on the best practices that give the highest ROI.

  1. 5H AGO

    82. Your IT Company Is Probably Not Patching Your Systems — Here's How to Catch Them

    Hosts:Justin Shelley — Phoenix IT Advisors | https://www.phoenixitadvisors.com/ Note: Co-hosts Mario Zaki and Bryan Lachapelle are absent this episode — they're representing their firms at a trade show in Dallas. Did you know there are 130+ new cybersecurity vulnerabilities discovered every single day? That's nearly 50,000 last year alone — and the number is growing exponentially, fueled in part by AI-powered attacks. In this solo episode, Justin Shelley breaks down one of the most overlooked and mismanaged areas of cybersecurity for small and mid-sized businesses: patch and vulnerability management. Most business owners assume their IT company is handling it. Most of the time, they're wrong. In this episode, Justin covers: What patching actually is — and why it's far more complex than "set it and forget it"The CVE list — the publicly available database of known vulnerabilities and why it should terrify youZero-day vulnerabilities — what they are and why they're especially dangerousThe reactive spiral of death — the real reason your IT company may be dropping the ball (and it's not because they don't care)The reboot problem — why something as simple as restarting a computer is one of the biggest obstacles to keeping your business secureLegacy systems and blind spots — Windows 10, old software, browsers, firewalls, and all the things that aren't getting patched even when you think they areTwo specific questions you should be asking your IT company right now — and what to do if they can't answer themJustin also shares a personal story about a client breach caused by an outdated version of Microsoft Office — one that nearly destroyed that business and ended a client relationship — to illustrate just how real and costly this problem is. This is episode 8 of the Cybersecurity Basics series. If you haven't already, go back and listen to the previous episodes on frameworks, identity and access management, endpoint security, backups, email phishing, and network security. 🎯 Free Resource: Want to know if your business is actually protected? Visit unhackmybusiness.com for show notes, the full video recording, and to schedule your free cybersecurity risk assessment with Phoenix IT Advisors — no matter where you're located.

    28 min

  2. 6D AGO

    81. The Digital Wild West: How the Death of the Network Perimeter Is Leaving Your Business Wide Open

    Hosts:Justin Shelley — Phoenix IT Advisors | https://www.phoenixitadvisors.com/Bryan Lachapelle — B4 Networks | https://www.b4networks.ca/ Your firewall is not enough anymore — and your IT team may not be telling you that. In Episode 81 of UnHacked, Justin and Bryan dig into one of the most misunderstood concepts in cybersecurity: the network perimeter. It used to be simple. Put a firewall on the edge of your network, install antivirus, done. But that world is gone. Today, your data lives in Microsoft 365, SharePoint, Dropbox, cloud apps your HR manager signed up for last Tuesday, your employee's home network, the guest Wi-Fi at your office, and the IoT thermostat down the hall. The "perimeter" is everywhere — which means it has to be protected everywhere. In this episode, you'll learn: Why the traditional firewall is still necessary — but nowhere near sufficientHow cloud platforms like Microsoft 365 require their own security layer (and what that actually looks like)The hidden danger of VPN tunnels drilled through your firewall during the remote work eraWhy your guest Wi-Fi might not actually be a guest networkWhat shadow IT is and why an employee could be walking out the door with your entire company's data right now — legally, and invisiblyThe single most important first step to securing any business: knowing what you actually havePlus, Justin shares the one question every business owner should ask their IT person — and warns that most of the time, the answer they get back will tell them everything they need to know about how exposed they really are. This is Episode 7 in the UnHacked Cybersecurity Basics mini-series. 🔐 Want to know how secure your business really is? Visit https://www.phoenixitadvisors.com/ and mention UnHacked to schedule a free cybersecurity risk assessment.

    29 min

  3. MAR 13

    80. Your Employees Are the Vulnerability: The Truth About Email Scams, Phishing, and the Human Risk You're Ignoring

    Hosts:Justin Shelley — Phoenix IT Advisors | https://www.phoenixitadvisors.com/Mario Zaki — Mazteck IT | https://www.mazteck.com/Bryan Lachapelle — B4 Networks | https://www.b4networks.ca/ What does it take to lose $50,000 in a single email? Not much. A spoofed address. A busy CFO. A wire transfer that clears before anyone realizes what happened. In Episode 80 of UnHacked, Justin Shelley, Mario Zaki, and Bryan Lachapelle dig deep into one of the most financially devastating threats facing businesses today: Business Email Compromise (BEC). This is Episode 6 of their ongoing 12-part series on Security Basics, and this one hits close to home for every business owner who relies on email to run their company — which is all of them. The guys break down exactly how BEC attacks work in two primary forms: lookalike domains designed to trick you letter by letter, and fully compromised email inboxes where a hacker is literally sitting inside your vendor's or employee's account, reading everything and waiting for the right moment to strike. Using AI, attackers can now download entire mailboxes, study communication patterns, and pick up mid-conversation with chilling accuracy. But the scariest part of this episode isn't the technology — it's the human element. From new employees targeted on LinkedIn within days of posting about their new job, to companies that actively silenced their own IT teams who flagged security gaps (and paid dearly for it), the hosts make a compelling case that people — not software — are both the biggest vulnerability and the most powerful defense a company has. You'll learn: The two types of Business Email Compromise and why one is nearly impossible to stop with technology aloneThe one phone call that could have saved a $50,000 wire transfer — and why most companies don't make itWhy punishing employees who report mistakes is one of the most dangerous things a company can doHow attackers use LinkedIn to target new hires and exploit their eagerness to impress leadershipWhat "zero trust" really means in the context of email — and how to build it into your team's daily behaviorHow to report lookalike domains and get them taken downWhy a culture of security awareness is more valuable than any software tool you can buyThis episode is a wake-up call. Email is not safe by default. Your vendors can be compromised. Your new hires are being targeted. And if you don't have written policies and a culture that rewards vigilance, no firewall in the world will save you.

    42 min

  4. MAR 10

    79. Your Backup Strategy Is Probably Broken (And It Will Cost You)

    Hosts: Justin Shelley - https://www.phoenixitadvisors.com/ Mario Zaki - https://www.mazteck.com/ Bryan Lachapelle - https://www.b4networks.ca/ Think your business is protected because you're paying for IT services? Think again. In this eye-opening episode, three cybersecurity experts share real horror stories of backup failures that cost businesses everything – from tape backups that never worked to QuickBooks files that vanished when needed most. You'll discover why modern backups are more complex than ever (hint: your data isn't just on one server anymore), what immutable storage means for your protection, and the critical difference between having backups and having backups that actually work when disaster strikes. The hosts walk you through a practical framework for auditing your current backup strategy, testing it properly, and creating manual processes to keep your business running during recovery. Plus, learn why some businesses can survive ransomware attacks while others are devastated – and which category you're currently in. Whether you're relying on "my IT guy handles that" or managing backups yourself, this episode will either confirm you're truly protected or expose dangerous gaps before they cost you your business.

    40 min

  5. FEB 26

    78. The Real Perimeter: Why Every Device in Your Business Is a Target

    Hosts: Justin Shelley - https://www.phoenixitadvisors.com/ Mario Zaki - https://www.mazteck.com/ Bryan Lachapelle - https://www.b4networks.ca/ What happens when your laptop gets stolen and you forgot to lock it? In this episode of UnHacked, our hosts dive deep into endpoint security - the real perimeter of your business in today's digital world. Justin, Bryan, and Mario explore real-world examples of how endpoints (computers, phones, VPNs, smart devices) are compromised and share practical CEO-level guidance on protecting these critical access points. From VPN vulnerabilities to improperly configured guest networks, learn why 97% of breaches could be prevented with basic security measures. Key topics include: the four essential endpoint protection checks every CEO should perform, why "it's in the cloud" doesn't mean you're protected, the importance of detection systems alongside prevention, and how to hold your IT team accountable. Whether you're paying for managed IT services or handling security in-house, this episode provides actionable steps to verify your endpoints are truly protected. Don't wait until your business is the next cautionary tale.

    49 min

  6. FEB 19

    77. The Hidden Cyber Threats Lurking in Your Business (That Your IT Guy Doesn't Even Know About)

    Hosts:Justin Shelley - https://www.phoenixitadvisors.com/ Mario Zaki - https://www.mazteck.com/ You can't secure what you can't see. In this critical episode of our baseline security series, Justin and Mario expose the dangerous reality of "shadow IT" - the hidden software, devices, and vulnerabilities lurking in your business that could be costing you everything. From TeamViewer installations left wide open to former vendors still having backdoor access years later, discover why even the most well-intentioned businesses are sitting ducks for ransomware attacks. Learn the shocking truth about unprotected home computers accessing corporate data, outdated backup software creating attack surfaces, and why "we moved to the cloud" doesn't mean you're safe. This episode delivers actionable steps every CEO needs to take THIS WEEK to identify their digital assets and close dangerous security gaps. Don't wait until you're the next headline - your business depends on knowing what you're protecting.

    47 min

  7. FEB 13

    76. Courts Can Now Use Your ChatGPT History Against You (And Other Identity Nightmares)

    Hosts:Justin Shelley - https://www.phoenixitadvisors.com/Mario Zaki - https://www.mazteck.com/Bryan Lachapelle - https://www.b4networks.ca/ Episode 76 kicks off a comprehensive multi-part series on baseline cybersecurity with a deep dive into identity and access control. The hosts reveal why courts can now pull your ChatGPT conversations in legal proceedings, and break down the critical difference between passwords and passphrases. Learn why shared accounts are a business owner's worst nightmare, discover the three essential Microsoft 365 security settings most companies miss, and understand why your ego might be your biggest security vulnerability. From conditional access policies to employee onboarding checklists, this episode provides non-technical business owners with actionable steps to protect their greatest asset - their business. The conversation includes real-world horror stories of access control failures and practical solutions for companies of all sizes.

    50 min

  8. JAN 27

    75. Governance, Frameworks & Compliance: Your Business Survival Guide

    Hosts: Justin Shelley - https://www.phoenixitadvisors.com/Mario Zaki - https://www.mazteck.com/ In this episode, Justin and Mario dive deep into why "I didn't know" isn't a legal defense when your business gets hit with a cyber attack. Using a realistic scenario of a 60-employee manufacturing company facing $180,000 in losses from ransomware, they explore how delayed IT decisions can devastate businesses overnight. The hosts kick off a comprehensive mini-series on cybersecurity governance, frameworks, and compliance, breaking down complex topics for non-technical business owners. Mario shares real-world stories from his MSP practice, including the shocking reality of passwords taped to monitors and the doctor who simply didn't care about security. Key topics covered: the true cost of cyber attacks, cybersecurity frameworks (CIS, NIST), multi-factor authentication beyond just Office 365, risk assessment strategies, and why business owners must take ownership of their cybersecurity decisions. Whether your industry is regulated or not, this episode provides the foundation every business owner needs to make intelligent security decisions and protect their greatest asset: their business.

    35 min
See All (82)

Ratings & Reviews

5
out of 5
2 Ratings

About

When Russian hackers break into your business’s computers, what will they find and how much will it cost you? How long will it take you to recover? Can you recover? Here’s the sad truth: 97% of breaches could have been prevented with basic security measures; but once you’ve been hit… you can never get UnHacked! UnHacked is a weekly cybersecurity podcast for SMB business owners and leaders that helps them sort through the overwhelming security costs and recommendations, and focus on the best practices that give the highest ROI.

Information

You Might Also Like