Host Graham Faulkner dives into Windows 11 25H2 in this solo episode, explaining why this understated update matters for security, stability, and small-business productivity. He breaks down how 25H2 arrives as an Enablement Package (EKB), what that means if you’re already on 24H2, and why the streamlined rollout keeps disruptions to a minimum.

The episode covers key technical and practical changes: removal of legacy components like PowerShell 2.0 and WMIC, continued performance improvements (CPU scheduling, memory management, faster startups), and expanded Wi‑Fi 7 support. Graham highlights Microsoft’s shift toward continuous monthly innovation and why that helps maintain a more secure, reliable environment without waiting for big yearly releases.

Security is a major focus: Graham explains Microsoft’s Secure Future initiative, which brings AI-assisted secure coding and enhanced vulnerability detection into the development and post-release lifecycle. He frames these advances for small business owners, showing how better detection and automated security practices reduce risk and downtime.

Practical deployment and lifecycle details are explained clearly: support-cycle resets (24 months for Home/Pro, 36 months for Enterprise/Education), how to get 25H2 via the “Get the Latest Updates” toggle, controlled rollouts and device holds, and enterprise deployment options like Windows AutoPatch and the Microsoft 365 Admin Center. He also covers admin-friendly improvements such as removing preinstalled Microsoft Store apps with Intune or Group Policy.

The episode closes with hands-on advice: check the Windows Release Health Hub for known issues, back up critical machines before upgrading, verify driver and app compatibility, and prepare rollback plans for important systems. Graham adds a personal anecdote about preparing his vinyl-catalog PC for the update and stresses that 25H2 is about steady, practical improvements—safer, faster, and less disruptive for both single machines and fleets.

Join hosts Noel Bradford and Mauven McLeod in this Back-to-School special of the Small Business Cybersecurity Guy podcast as they trace a line from 1980s schoolroom mischief to modern, large-scale breaches that put millions of students and small organisations at risk. Through recollections of early BBC Model B and Novell-era antics, the episode uses real recent incidents to expose how weak passwords, written credentials and opportunistic insiders create systemic security failures.

The episode unpacks headline-making investigations and statistics — including the ICO analysis showing that students are behind a majority of school data breaches, the PowerSchool compromise that affected tens of millions of records and led to extortion demands, and targeted campaigns such as Vice Society and the evolving Kiddo International incident. The hosts explain the motivations behind student-led breaches (curiosity, dares, financial gain, and revenge) and how those same drivers also appear within small businesses.

Noel and Mauven explain why insider threats matter, even when they aren’t sophisticated: most breaches exploit simple weaknesses, such as reused or guessable passwords, written notes, shared admin accounts, and a lack of access controls. Producer Graham contributes a live update on ongoing incidents, and the episode highlights how these events translate into operational disruptions — including school closures, days of downtime, and long-term reputational and legal fallout.

Practical defence is the episode’s focus: clear, actionable guidance covers immediate steps (audit access, enable multi-factor authentication, remove unnecessary privileges), short-term actions (implement logging and monitoring, deploy password managers, set up incident response procedures) and longer-term resilience measures (regular access reviews, backups, staff training and cultural change). The hosts emphasise designing security around human behaviour so staff follow safe practices instead of working around them.

Listeners will get a concise checklist of recommended technical controls — MFA, role-based access, privileged account separation, activity logging and reliable backups — alongside cultural advice: leadership buy-in, recognisable rewards for good security behaviour, and channels for curious employees to learn responsibly. The episode also highlights regulatory shifts, such as the introduction of mandatory Cyber Essentials for certain educational institutions, and links these requirements to small business risk management.

Expect vivid anecdotes, practical takeaways and a clear call-to-action: if a curious teenager can bypass your systems, it’s time to harden them. Whether you run a two-person firm or a growing small business, this episode provides the context, evidence, and step-by-step priorities to reduce insider risk, detect misuse quickly, and recover from incidents without compromising your customers’ trust.

Date: 23 September 2025 — Host Mauven McLeod delivers a furious, fast-paced analysis of two seismic cyber incidents and what they mean for UK and global businesses. This episode examines the Jaguar Land Rover and Collins Aerospace ransomware attacks, the human-driven methods that enabled them, and why they represent the first significant test of the EU's Digital Operational Resilience Act (DORA).

Topics covered include the scale of the damage (JLR reportedly losing up to £5 million per day and sector-wide losses potentially exceeding £1 billion), the criminal methodology (simple social engineering and help-desk manipulation by groups linked to Lapsus-style actors), and the cascading supply-chain impacts across automotive and aviation sectors. The episode references confirmations from Anissa about Collins’ ransomware compromise and notes reactions from industry figures such as Chris MacDonald at the Department for Business and Trade, as well as large providers like Tata Consultancy Services, Microsoft and RTX/Collins Aerospace.

Key points you’ll take away: these attacks were largely preventable with basic controls — MFA (hardware keys), formal helpdesk identity verification, callback confirmation, network segmentation and focused security training — yet failures persist even at well-resourced organisations. Crucially, the episode explains DORA’s cross-border reach (applicable since 17 January 2025), how EU authorities can designate critical ICT third-party providers (including non-EU firms), the reporting and continuity obligations this triggers for financial entities, and the potential penalties (including fines up to around 1% of global turnover) and oversight mechanisms now coming into play.

Practical guidance for listeners covers immediate steps: map vendor dependencies and identify any providers serving EU financial entities; review and update contracts for DORA alignment; update incident response and continuity plans to reflect DORA reporting requirements; and deploy low-cost, high-impact controls like hardware MFA, strict helpdesk processes and segmentation. The episode also critiques the UK government’s reactive crisis management during these incidents and warns of an accelerating enforcement wave: designations, cross-border scrutiny and contractual overhauls are expected to intensify through 2025.

Ultimately, Moven argues this is the start of a new era — one where regulatory exposure flows through vendor dependencies and where organisational will, not technical capability, is the biggest barrier to resilience. Listeners will finish with a clear sense of urgency, the regulatory risks to assess, and concrete next steps to reduce operational and regulatory fallout from future incidents.

This episode explores the risks of relying on a single IT manager as an entire IT department.

Hosts Noel Bradford and Mauven MacLeod unpack why paying one person a modest salary is not the same as buying a full team of specialists, and they share vivid real-world horror stories — from a sudden resignation that paralysed a 40-person engineering firm, to a ruined holiday when backups failed, to a marketing agency locked out by a burnt-out IT manager.

Key topics include the cost mismatch between expectations and reality, how knowledge concentration creates critical single points of failure, signs that your IT lead is drowning (long hours, no lunch breaks, defensiveness, lack of documentation), and how poor management decisions can make things worse.

Practical solutions are given: document everything, hire a competent number two rather than a trainee, engage managed service providers for specialist and 24/7 support, move critical services to cloud platforms to reduce on-site burden, and start with small, affordable steps like basic support contracts or break-fix services.

The episode includes personal anecdotes from Noel (the "Donny" and zoo-day stories) and a discussion of when to involve external help, how to create continuity plans, and three immediate actions business owners can take today.

Listeners are encouraged to have an open conversation with their IT person, assess real costs and risks, and take steps to protect both their systems and their staff from burnout and catastrophic failure.

Most small business owners think CIO stands for "Chief I-Fix-Everything Officer" and CISO means "Chief I-Worry-About-Security Officer." In this episode, Noel Bradford (actual CIO/CISO) breaks down what these executive roles actually do and why your business desperately needs this strategic thinking - without the six-figure salary.

Discover how fractional CIO/CISO services let 20-100 employee businesses access Fortune 500 expertise for £15,000-35,000 annually instead of £120,000+ for full-time hiring.

What You'll Learn

• The Real Difference Between CIO and CISO: Technology strategy vs security strategy (and why one person can do both).
• Why Dave from IT Needs Help: The unfair burden of strategic decisions on operational staff.
• Fractional Services Explained: How to get executive-level guidance for 8-12 hours per month.
• ROI Reality Check: Technology inefficiencies probably cost you more than £15k annually
• Finding Quality Providers: Red flags vs genuine executive experience.
• Integration Strategy: Treating fractional executives like Non-Executive Directors.

Key Takeaways

• Strategic technology and security leadership isn't just for large corporations.
• Fractional services cost £15,000-35,000 annually vs £120,000+ for full-time hiring
• Sound fractional executives enhance internal capabilities rather than replacing them.
• Treat fractional CIO/CISO like Non-Executive Directors - invite them to board meetings.
• Start with a current state assessment (£3,000-6,000) before ongoing engagement.

Diagnostic Questions

You probably need fractional CIO/CISO services if you answer "yes" to several of these:

• Technology decisions are made reactively rather than strategically
• Increasing tech spending without clear ROI visibility
• Security/compliance concerns are constantly pushed down the priority list
• Internal IT person making strategic decisions while handling operations
• Current systems won't scale with business growth plans
• Regulatory compliance anxiety about technology approaches

Episode Highlights

Real-World Example: A 15-person marketing agency saved £300/month and improved security by consolidating from multiple cloud storage solutions to a single strategic platform.

Cost Comparison: Fractional services at £150-350/hour for 8 hours monthly vs full-time CIO/CISO at £100,000-180,000 annually plus benefits and normal staffing costs.

Next Steps

1. Honest self-assessment of current technology/security decision-making
2. Calculate the annual cost of technology inefficiencies and security risks
3. Research fractional providers with genuine senior executive experience
4. Consider starting with the current state assessment project

Connect With Us

Hit subscribe, leave a review mentioning whether you're considering fractional services, and share with business owners making technology decisions without strategic guidance.

Remember: You don't need enterprise budgets to get enterprise thinking. And be kind to Dave - he's doing his best.

#FractionalCIO #FractionalCISO #CIO #CISO #ChiefInformationOfficer #ChiefInformationSecurityOfficer #FractionalExecutive #ITLeadership #TechnologyStrategy #SecurityStrategy #SmallBusiness #SMB #SmallBusinessOwners #Entrepreneurs #BusinessOwners #StartupLife #GrowingBusiness #ScaleUp #BusinessGrowth #SMBTech #ITStrategy #TechnologyLeadership #BusinessTechnology #ITManagement #DigitalTransformation #TechStack #CloudStrategy #ITBudget #TechnologyRoadmap #SystemsIntegration

Special Edition with Graham Falkner

Microsoft's September Patch Tuesday brings 81 security fixes, including 9 critical vulnerabilities already being exploited by attackers. This episode provides essential business guidance for small business owners navigating these updates safely and efficiently.

• Business impact of 81 security vulnerabilities
• Four critical threats affecting small businesses
• SharePoint Server active exploitation campaigns
• Network authentication bypass vulnerabilities
• 7-day practical deployment strategy
• Windows 10 end-of-life planning (October 14th deadline)
• Cyber Essentials compliance requirements

• Days 1-2: Assess SharePoint installations and document processing systems
• Days 3-7: Deploy controlled testing and priority system updates
• Days 8-14: Complete production environment deployment
• Immediate: Audit all Windows 10 devices and plan migration

Support ends October 14th, 2025. This may be the final security update for Windows 10 systems. Extended Security Updates available at significant cost. Migration planning required immediately.

Cyber Essentials certified organisations must deploy updates by September 23rd, 2025. Earlier deployment recommended for business risk management.

• SharePoint Server installations (under active attack)
• Systems processing external documents and email attachments
• Network authentication infrastructure
• Customer data handling environments

• PowerShell Direct connection failures in virtualised environments
• SMB signing requirements affecting older network storage
• MSI installer UAC prompt changes

• Microsoft Security Response Center - September 2025 Security Updates
• Verizon 2024 Data Breach Investigations Report
• UK GDPR Article 32 - Security of Processing Requirements
• Cyber Essentials Certification Guidelines

Comprehensive deployment guides, compatibility checklists, and Windows 11 migration planning available at: thesmallbusinesscybersecurityguy.co.uk

Technical support documentation: Microsoft KB5065426, KB5065431, KB5065429

Subscribe for regular cybersecurity updates. Share with business owners who need this information. Visit our website for detailed implementation guidance.

This episode provides educational information only. Always implement cybersecurity measures appropriate to your specific business needs and risk profile.

#CyberSecurity #SmallBusiness #Windows10 #PatchTuesday #Microsoft #BusinessSecurity #ITSecurity #CyberEssentials #Windows11 #SecurityUpdates #BusinessContinuity #UKBusiness #Compliance #GDPR #CyberInsurance #NetworkSecurity #SharePoint #BusinessTech #InfoSec #DigitalSecurity