Sign up to save your podcasts
Or
Share Ep.81 Peter Andrijeczko | A Business Owner's Guide to Cybersecurity
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ep.81 Peter Andrijeczko | A Business Owner's Guide to Cybersecurity
This episode features Peter Andrijeczko, a Reading-based cyber security expert and Information Security Manager. The conversation delves into the human side of security, defining it as the essential practice of protecting valuable data from "bad actors". Peter emphasises that employees serve as a business's first line of defence and highlights the importance of education in spotting threats like phishing.
We also discuss the evolution of security models, moving from traditional "bastion" defences to the modern Zero Trust approach—a "verify, don't trust" philosophy that constantly monitors network activity. The role of AI is examined as a "Cold War" tool used by both defenders to monitor systems and attackers to launch more sophisticated breaches.
Finally, the conversation covers practical strategies for both large organisations and "the little guy," including the use of cloud technology and password managers. Peter concludes by offering five immediate privacy tips—such as disabling email preview panes and stripping photo metadata—to help individuals protect their digital footprint.
KEY TAKEAWAYS
1. Employees are Your "First Line of Defence"
Technology alone cannot secure a business, as the human element is the most critical factor. Peter emphasises that educating staff on how to spot reconnaissance activity is essential, as most attacks—like phishing—rely on human error to succeed. Rather than reprimanding staff for mistakes during simulations, businesses should focus on training them to be the primary alert system for unusual activity.
2. Move Toward a "Zero Trust" Model
The traditional "bastion" or "castle" defence—where everyone inside the office network is automatically trusted—is no longer sufficient in an era of remote work. Business owners should consider a Zero Trust approach, which operates on the principle of "verify, don't trust".
3. Use Risk Analysis to Balance Cost and Protection
Cybersecurity is about mitigating risk, not achieving absolute perfection. Peter advises business owners to categorise their data by sensitivity—for example, a client database is far more valuable than general sales documentation—and apply protections accordingly. Instead of spending infinite amounts of money, owners should use a cost-benefit ratio to invest in tools (like firewalls or cloud services) that provide the highest reduction in risk for their most sensitive assets.
TIMECODES
00:00 Introduction and welcome to Peter
00:42 What is Cyber Security?
03:10 What problems do companies face when it comes to Cyber Security
06:18 How can businesses minimise problems on the front line of defence
07:12 How has AI impacted cyber security
12:37 Process for applying Cyber Security
16:02 How do you communicate difficult subjects for CEOs
16:44 How do you communicate difficult subjects for employees
19:10 What problems do smaller companies face
20:55 Peter's planned cyber security talks at the Ukrainian centre
24:24 Change resistance | How do you get people to take on board changes
26:65 Peter's final advice for individuals
View all episodes
By Maria LloydThis episode features Peter Andrijeczko, a Reading-based cyber security expert and Information Security Manager. The conversation delves into the human side of security, defining it as the essential practice of protecting valuable data from "bad actors". Peter emphasises that employees serve as a business's first line of defence and highlights the importance of education in spotting threats like phishing.
We also discuss the evolution of security models, moving from traditional "bastion" defences to the modern Zero Trust approach—a "verify, don't trust" philosophy that constantly monitors network activity. The role of AI is examined as a "Cold War" tool used by both defenders to monitor systems and attackers to launch more sophisticated breaches.
Finally, the conversation covers practical strategies for both large organisations and "the little guy," including the use of cloud technology and password managers. Peter concludes by offering five immediate privacy tips—such as disabling email preview panes and stripping photo metadata—to help individuals protect their digital footprint.
KEY TAKEAWAYS
1. Employees are Your "First Line of Defence"
Technology alone cannot secure a business, as the human element is the most critical factor. Peter emphasises that educating staff on how to spot reconnaissance activity is essential, as most attacks—like phishing—rely on human error to succeed. Rather than reprimanding staff for mistakes during simulations, businesses should focus on training them to be the primary alert system for unusual activity.
2. Move Toward a "Zero Trust" Model
The traditional "bastion" or "castle" defence—where everyone inside the office network is automatically trusted—is no longer sufficient in an era of remote work. Business owners should consider a Zero Trust approach, which operates on the principle of "verify, don't trust".
3. Use Risk Analysis to Balance Cost and Protection
Cybersecurity is about mitigating risk, not achieving absolute perfection. Peter advises business owners to categorise their data by sensitivity—for example, a client database is far more valuable than general sales documentation—and apply protections accordingly. Instead of spending infinite amounts of money, owners should use a cost-benefit ratio to invest in tools (like firewalls or cloud services) that provide the highest reduction in risk for their most sensitive assets.
TIMECODES
00:00 Introduction and welcome to Peter
00:42 What is Cyber Security?
03:10 What problems do companies face when it comes to Cyber Security
06:18 How can businesses minimise problems on the front line of defence
07:12 How has AI impacted cyber security
12:37 Process for applying Cyber Security
16:02 How do you communicate difficult subjects for CEOs
16:44 How do you communicate difficult subjects for employees
19:10 What problems do smaller companies face
20:55 Peter's planned cyber security talks at the Ukrainian centre
24:24 Change resistance | How do you get people to take on board changes
26:65 Peter's final advice for individuals