))
When Your Safety Net Becomes the Target
Manage episode 499613954 series 3683001
Content provided by The Small Business Cyber Security Guy. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by The Small Business Cyber Security Guy or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
🚨 Episode 11: When Your Safety Net Becomes the Target
Backup Security Under Fire + Business Email Compromise Reality Check
Your backups aren't protecting you anymore—they're the primary target. In this explosive double-header episode, we expose why 94% of ransomware attacks now target backup systems first, and how Business Email Compromise enables these devastating attacks.
🎯 What You'll Learn:
- Backup Reality Check: Why "immutable" storage isn't, and cloud sync ≠ backup protection
- Cloud Provider Truth Bomb: Neither Microsoft nor Google guarantee your data integrity
- BEC Epidemic: How £35+ billion in global losses connect to backup destruction
- Modern Attack Chains: Email compromise → reconnaissance → backup annihilation
- What Actually Works: Third-party solutions, testing reality, budget truths
💡 Key Takeaways:
- Only 27% of businesses successfully recover all data after incidents
- 30-40% of cyber insurance claims denied due to backup inadequacies
- Proper backup solutions cost £20-100/month, not £500+
- Process controls beat technical controls for BEC prevention
- Multi-channel verification saves businesses millions
🎙️ Hosts & Guests:
- Noel Bradford - The Small Business Cyber Security Guy
- Mauven MacLeod - Ex-NCSC Cyber Expert
- Oliver Sterling - Veteran IT & Cyber Specialist
- Lucy Harper & Graham Falkner - Announcing The 10-Minute Cyber Fix daily show!
📺 NEW: The 10-Minute Cyber Fix
Starting Monday! Daily cybersecurity news analysis with Lucy Harper. Perfect for commute listening—cutting through vendor panic and media hyperbole to deliver what actually matters for YOUR business.
🔗 Essential Resources:
- Veeam Ransomware Trends Report 2024 - 94% backup targeting statistics
- FBI IC3 BEC Report 2023 - £35+ billion global losses
- Microsoft Online Services Terms - "Commercially reasonable efforts" reality
- NCSC BEC Guidance - UK government protection advice
- Action Fraud BEC Statistics - UK-specific loss data
- Cyber Essentials Scheme - UK government backup guidance
- Google Cloud Terms of Service - Data responsibility clauses
💰 Vendor Solutions Mentioned:
Third-Party Backup: Veeam Backup for Microsoft 365, Druva, Barracuda, Dropsuite, SkyKick
Key Point: Your cloud provider's backup ISN'T enough—you need independent protection.
⚠️ Critical Actions:
- Implement multi-channel verification for all financial requests
- Test backup restoration regularly, not just backup completion
- Deploy third-party backup for cloud services
- Document procedures that work under pressure
- Train staff on BEC recognition and response
🎯 Next Week Preview:
Advanced Persistent Threats targeting SMBs - How nation-state techniques filter down to everyday criminals. Special guest from UK's Cyber Security Agency.
📱 Connect Wit
2 episodes
Share
