How to Build Effective & Affordable Cyber Defences for SMEs episode artwork

EPISODE · Nov 12, 2025 · 48 MIN

How to Build Effective & Affordable Cyber Defences for SMEs

from Razorwire Cyber Security & InfoSec Insights

How can small and medium businesses protect themselves from cyber threats without spending a fortune or just ticking boxes for compliance?Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I’m Jim and in this episode, we’re taking a look into the challenges faced by SMEs on the journey through cybersecurity compliance and insurance.I’m joined by Lewis Lockwood from Incursion and Josh X of Capsule, who bring experience from the front lines of offensive security and insurance broking. Together, we tackle the misconception that security is prohibitively expensive and explore how smart strategies can strengthen your defences without breaking the bank.SummaryWe tackle a topic at the heart of SME cybersecurity struggles - from box-ticking compliance to negotiating cyber insurance and surviving data breaches. Lewis Lockwood explains why Cyber Essentials is more than a paperwork exercise and how agility can be a secret weapon for smaller companies. Josh X talks about the realities of selling cyber insurance to resource-stretched businesses, the importance of aligning insurance with actual security posture and the real risks hidden even in smaller businesses.Whether you’re a founder, IT manager or just curious about how attackers think, you’ll get practical advice, cautionary tales and actionable steps you can take today.Key Talking Points Cyber Essentials as Practical Defence, Not Just Compliance Learn why basic frameworks like Cyber Essentials shield SMEs from common attacks, offering affordable, actionable protection that goes well beyond box-ticking.How Insurance and Security Must Work Together Discover the realities of cyber insurance for small businesses, including why your security posture affects premiums and claims, and what actually happens if you’re hit by ransomware or invoice fraud.Learning from Real-World Breaches and SME Pitfalls Hear first hand stories about high profile incidents, negotiation tactics with threat actors and how even a local florist or butcher can be targeted. Understand why continuous education, simple security controls and the right insurance mix can prevent both financial disaster and sleepless nights.Tune in for a conversation that’s honest, insightful and practical - with takeaways you can put into action immediately, no matter your company size.On the security of key documentation: “Where are you storing your insurance documents? If someone wants to get into your network, the easiest thing to do is to look at their insurance documents and be like, okay, they've got a million pound limit, let me ask for £2 mil.”Josh X, CapsuleListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Cybersecurity Cost Perceptions Why the belief that security is prohibitively expensive for SMEs is misleading and what actually drives costs.The Role of Cyber Essentials How Cyber Essentials provides a practical, affordable security baseline for small and medium businesses without breaking the bank.Insurance as a Safety Net Why cyber insurance can't replace proper security measures and how to understand its role as a last resort, not a first line of defence.SME Agility in Security How smaller organisations can use their size as an advantage to quickly implement fixes and adapt to security recommendations compared to larger enterprises.Rise in Cyber Insurance Adoption What's driving growing awareness and uptake of cyber insurance among SMEs and why certain sectors are slower to adopt.Practical Security Measures Simple, cost-effective steps SMEs can take to drastically reduce risk, including patching, access control and MFA.Fraud and Social Engineering Threats Real-world attack scenarios targeting SMEs, from invoice fraud to phishing, and why user awareness matters more than you think.Incident Response and Business Impact The wider consequences of a cyber incident beyond financial loss, including operational disruption, PR crises, regulatory fines and personal liability for directors.Insurance Document Security Why you need to secure your insurance documentation and how attackers use policy details to calibrate ransom demands.The Value of Security Accreditation How frameworks like ISO 27001 and Cyber Essentials can lower your insurance premiums and deliver tangible business benefits beyond compliance.Resources Mentioned Incursion Cyber Security (incursion-security.co.uk) Capsule (capsulecover.com)Cyber EssentialsCyber Essentials PlusIASMEISO 27001DORANIST2PCI DSSHITRUSTJaguar Land Rover Cyber AttackHarrods Cyber AttackCo-op Cyber AttackNHS Cyber AttackSony Cyber AttackICO (Information Commissioner's Office)SOC2DMARCBlockchain technologyConnect with your host James ReesHello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.For more information about us or if you have any questions you would like us to discuss email [email protected] you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.LinkedIn: Razorthorn SecurityYouTube: Razorthorn SecurityTikTok: Razorwire PodcastInstagram: Razorwire PodcastTwitter:   @RazorThornLTDWebsite: www.razorthorn.comAll rights reserved. © Razorthorn Security LTD 2025

NOW PLAYING

How to Build Effective & Affordable Cyber Defences for SMEs

0:00 48:26

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

The Hunt Diaz Task Force A hard-hitting, eye-opening podcast that takes you deep into the relentless fight against human and sex trafficking. Each episode explores the dangerous world of traffickers and predators from every angle—street operations, online investigations, and digital warfare. Hear firsthand from law enforcement, federal agents, and prosecutors as they share real stories of sting operations, investigative tactics, and the challenges of bringing traffickers to justice. Follow live sting operations, online predator investigations, and real-time takedowns of trafficking rings, with insights from cybercrime experts, undercover decoys, and live case discussions. We dive deep into how traffickers operate on the dark web, using cryptocurrency and other digital tools to exploit victims. Learn how law enforcement is using cutting-edge technology to track traffickers and disrupt their operations. The Hunt, pulls back the curtain on the digital and real-world fight against trafficking, exposing the p Explicit The Uncaged Pod Jess MacMillan The Uncaged Pod is the podcast for bold, soul-led women who are ready to break free from the cages of perfectionism, people-pleasing, and limiting beliefs. Hosted by Jess MacMillan, mama, keynote speaker, and women's empowerment advocate, this show delivers raw conversations, powerful insights, and unapologetic truths that will inspire you to reclaim your voice, rewrite your story, and rise with unstoppable confidence.Each week, Jess and her guests dive into topics around leadership, personal growth, entrepreneurship, and motherhood, offering real-life strategies, soulful reflections, and empowering stories to help you lead, live, and love uncaged.Whether you're an entrepreneur, a creative, or a woman who’s remembering who she really is, The Uncaged Pod is your invitation to step into your power and live life on your own terms. Explicit Crime and Conscience Ashley Painter Discover the world of true crime with Ashley on Crime and Conscience. Explore psychological insights and stories that challenge our perceptions of guilt and innocence. Uncover the complexities of crime, trauma, and the human experience in each episode. Explicit Technado (Archived) ACI Learning The Technado crew covers a whirlwind of tech topics each week from interviews with industry experts and up-and-coming companies to commentary on topics like security, vendor certifications, networking, and just about anything IT related. Explicit

Frequently Asked Questions

How long is this episode of Razorwire Cyber Security & InfoSec Insights?

This episode is 48 minutes long.

When was this Razorwire Cyber Security & InfoSec Insights episode published?

This episode was published on November 12, 2025.

What is this episode about?

How can small and medium businesses protect themselves from cyber threats without spending a fortune or just ticking boxes for compliance?Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical...

Can I download this Razorwire Cyber Security & InfoSec Insights episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!