Episode 4: Who Can Get into Your Business Right Now?

Episode 5: Taking Control of Your Data

Your business data is constantly moving. Shared across Teams. Stored in cloud drives. Downloaded onto devices. Sent externally. Duplicated. Renamed. Forwarded. And in many SMBs, nobody has full visibility of where it all lives anymore. In this episode, Lynn sits down with Nisha Sondhi to unpack the growing challenges of data governance, oversharing, and data sprawl. They also discuss why controlling your data has become one of the biggest cyber security challenges facing modern businesses. Because data doesn’t usually become exposed through one dramatic event. It happens gradually. A file gets overshared. Access permissions are never reviewed. Sensitive information sits in the wrong place. A link gets sent externally. And over time, organisations lose track of what’s sensitive, who has access to it, and what’s happening to it. This conversation explores why data classification is often missing in SMB environments, how human behaviour quietly increases risk, and why “everyone has access to everything” creates far more problems than it solves. Nisha also breaks down the growing pressure coming from compliance requirements, insurers, and customers — who increasingly expect organisations to prove they understand where their data lives and how it’s protected. Most importantly, this episode reframes data governance as something practical, not overwhelming. Because good data security isn’t about locking everything down. It’s about balance, visibility, and putting the right controls around the data that matters most. A Cyber Security Snapshot [https://info.babble.cloud/cyber-security-snapshot] helps organisations identify hidden gaps across data sharing, access, governance, and user behaviour: creating a clearer picture of where risk actually exists. Key takeaways: * Why data sprawl creates hidden security risks * The dangers of oversharing inside and outside the business * Why data classification is often missing in SMBs * How compliance and cyber insurance are reshaping data governance * What good data governance actually looks like in practice Chapters: 00:00 Introduction 01:10 Meet Nisha Sondhi 02:10 Why businesses lose track of their data 07:20 Why governance and compliance now matter more 09:05 The problem with unclassified data 12:31 How human behaviour increases data risk 19:20 What to do when sensitive data is exposed 24:04 Conclusion

Episode 4: Who Can Get into Your Business Right Now?

If someone stole a password in your business today, how much could they actually access? That’s the question at the centre of this episode. Lynn sits down with Anton Davies to unpack why identity has become the new perimeter in cyber security, and why attackers are increasingly targeting people, passwords, and access instead of trying to “hack” their way into systems. Because modern cyber attacks often don’t start with breaking in. They start with logging in. This episode explores how compromised identities can quietly open the door to sensitive systems, company data, and internal tools (often without anyone realising until it’s too late). From over-provisioned admin access to forgotten accounts and weak password habits, Anton breaks down the identity gaps that commonly exist inside SMB environments and why they’re so dangerous. The conversation also unpacks the practical side of identity security, including: * Why multi-factor authentication (MFA) should be non-negotiable * How conditional access helps reduce unnecessary risk * Why “too much access” can become a major problem * How small housekeeping habits can dramatically improve visibility and control Most importantly, this episode reframes identity security as something bigger than passwords. It’s about understanding who has access to what, when they should have it, and what happens if those accounts are compromised. Because if identity is now the front door to your business, you need to know exactly who can walk through it. A Cyber Security Snapshot [https://info.babble.cloud/cyber-security-snapshot] helps organisations identify hidden gaps across identity, access, devices, and governance: creating a clearer picture of where exposure actually exists. Key takeaways: * Why identity is now the new perimeter in cyber security * How credential theft leads to larger breaches * The risks of excessive admin access and poor housekeeping * Why MFA and conditional access matter more than ever * How passphrases can strengthen password security Chapters: 0:00 Introduction 1:10 Meet Anton Davies 2:05 Identity as the new perimeter 3:11 Credential theft and its implications 6:21 Security gaps in identity management 7:41 Excessive privilege risks 10:44 Penetration testing explained 11:29 Lifecycle control in identity management 13:57 Non-negotiables for SMB identity security 18:37 Governance and ownership of identity 21:49 Anton’s quick win for password security 24:27 Conclusion

Episode 3: Why 95% of Cyber Breaches Start with People — and What to Do About It

Cyber criminals don’t always need to break through your firewall. Sometimes, they just need someone to click. In this episode, Lynn sits down with James Gaskell to unpack why human behaviour remains one of the biggest cyber security risks facing SMBs today, and why AI-assisted phishing and social engineering attacks are becoming harder to spot than ever. Because modern phishing doesn’t always look suspicious anymore. It looks like urgency. Convenience. A QR code at an event. A message from your bank. A quick request from a colleague. And when people are busy, distracted, or simply trying to get through the day, mistakes happen. That’s exactly what attackers are counting on. But this episode isn’t about blame or fear. It’s about understanding how human risk actually works, and how small, consistent changes can dramatically reduce exposure over time. James explores why cyber security training often becomes a tick-box exercise, how shadow IT and unofficial tools quietly create risk, and why visibility into everyday behaviour matters just as much as the technology protecting your business. Most importantly, this conversation reframes people not as the weakest link, but as a potential line of defence (when they’re supported with the right awareness, guidance, and processes). Improving cyber security starts with understanding where your gaps are and building from there. A Cyber Security Snapshot [https://info.babble.cloud/cyber-security-snapshot] helps organisations identify those hidden gaps across people, devices, access, and data – creating a clearer picture of where risk actually sits. Key takeaways: · Why phishing attacks are still so effective · How AI is changing social engineering attacks · The hidden risks created by everyday behaviour · Why cyber awareness training often falls short · How to turn people into a stronger line of defence Chapters: 00:00 Introduction 01:01 Meet James Gaskell 02:18 Why phishing still works 05:10 How social engineering became more convincing 11:16 Why attackers target behaviour, not systems 13:04 The hidden gaps in everyday cyber habits 14:48 Shadow IT and the visibility problem 17:40 Moving from reactive to proactive security 19:28 Turning people into part of the defence 22:03 Measuring human risk properly 23:18 James’s final advice 24:18 Conclusion

Episode 2: Cyber Security Made Simple: A Six-Area Framework for SMBs

You’ve bought the tools. Firewall. Antivirus. Backups. Maybe even advanced detection. So why does it still feel like something’s missing? In this episode, we move beyond awareness and into something most SMBs don’t have: structure. Lynn sits down with Adam Bearder (the mind behind HIDDEN) to unpack a problem many businesses recognise but struggle to articulate: security that looks solid on paper, but doesn’t hold up in practice. Because the issue isn’t usually a lack of technology. It’s a lack of clarity. Who owns what? What happens when something goes wrong? Are alerts being acted on, or just ignored? And most importantly: do you actually know where your weakest point is? This is where HIDDEN comes in. HIDDEN isn’t another product or a list of tools. It’s a simple, structured way to understand your cyber security. So you can see where you’re strong, where you’re exposed, and what to fix next. At its core are six areas every business relies on: ·        Human risk – how your people behave and where mistakes can happen ·        Identity – who has access to what, and how that access is controlled ·        Data – how your information is stored, used, and shared ·        Disaster recovery – how quickly you can recover when something goes wrong ·        Endpoint protection – how your devices are kept secure day to day ·        Network & cloud – how everything connects and where risks can enter Individually, most businesses have pieces of this covered. But rarely do they have a clear, joined-up view across all of them. And that’s the gap. Because once you can see your weakest area, you can do something about it. If you take one thing from this episode, it’s this: Stop reacting and buying tools for the sake of it, and start by understanding where you actually stand. Our  Cyber Security Snapshot [https://info.babble.cloud/cyber-security-snapshot] is designed to do exactly that: give you a clear starting point so you can move forward with confidence, not assumptions. Key takeaways: ·        Why having more tools doesn’t always mean better security ·        How “tool sprawl” can quietly increase your risk ·        What cyber security maturity actually looks like in practice ·        The six areas that define your overall security ·        Why confidence comes from knowing your weakest link Chapters: 00:00 Introduction 01:04 Meet Adam Bearder 02:47 Why you still feel exposed despite buying all the tools 07:07 The concept of maturity in cyber security 09:54 Exploring the six areas of the HIDDEN framework 16:49 Shared language between leadership and IT 19:34 Adam’s final advice 21:02 Conclusion

Episode 1: Why UK Businesses Are Being Targeted by Cyber Attacks

Most SMBs think they’re reasonably well protected. They’ve got antivirus. Someone’s responsible. Nothing bad has happened (yet). But here’s the uncomfortable truth: if you had to prove you’re secure today, could you? In this first episode, Lynn sits down with Mark O’Dell, Director of Secure Cloud and AI at Babble, to unpack why the UK has become one of the most targeted countries for cyber threats, and why small and mid-sized businesses are firmly in the firing line. This isn’t about scare tactics. It’s about clarity. You’ll hear why the idea of being “too small to matter” doesn’t hold up anymore, how AI and automation have changed the economics of cyber attacks, and why many businesses are being caught out – not because they’re doing nothing, but because their approach hasn’t kept pace. Mark also breaks down the shift from traditional perimeter security to a world where identity, devices, and human behaviour are now the real battleground. From password reuse to supply chain exposure and even overlooked backup risks, this episode highlights the gaps most businesses don’t realise they have. And that’s the point. Cyber risk doesn’t usually come from what you know. It comes from what you can’t see. If you’re relying on a mixed bag of tools, assumptions, and “we’ve always been fine,” this episode will challenge that thinking and give you a more practical way to look at your security. Because before you rush to buy another solution, you need to understand where you actually stand. That’s where a Cyber Security Snapshot [https://info.babble.cloud/cyber-security-snapshot] comes in: a simple way to see where you’re strong, where you’re exposed, and what to fix first. Key takeaways: * Why the UK is such a high-value target for cyber criminals * The myth of “we’re too small to matter”, and why it’s dangerous * How AI and automation have changed the threat landscape * The shift from perimeter security to identity, devices, and human risk * Why most SMBs are exposed in ways they don’t fully understand Chapters: 00:00 Introduction 00:52 Meet Mark O’Dell 02:09 Why the UK is a prime cyber target 04:09 The “too small to matter” myth 12:35 How the threat landscape has shifted 18:24 Business impact and reputational damage 23:42 Final advice for SMBs 25:31 Conclusion