Welcome to this in‑depth Espria & AvePoint webinar, where we explore the modern landscape of Microsoft 365 data protection, backup strategy, compliance, security and risk reduction.

Hosted by Roy Charman, CTO at Espria, and Callum Noad, Solutions Engineer at AvePoint, this session explains how organisations can dramatically strengthen resilience against data loss, ransomware and compliance failures, while improving visibility and governance across the entire Microsoft 365 environment.

Meet the Speakers

Roy Charman, CTO at Espria

Roy introduces the Espria mission to partner with best‑in‑class vendors, leading to the choice of AvePoint as their strategic backup and compliance partner. He oversees cloud infrastructure, vendor partnerships and the Espria Managed 365 services.

Callum Noad, Solutions Engineer at AvePoint

Callum demonstrates AvePoint’s solutions daily, supports proofs‑of‑concept and advises customers on backup, governance and Microsoft 365 configuration best practices.

What This Webinar Covers

This session addresses the most common data challenges organisations face, including:

Why Microsoft Native Backup Isn’t Enough

Microsoft 365 provides basic retention, but it doesn’t offer true backup protection. This ensures data can be restored quickly and fully, even after major breaches or accidental deletions.

Ransomware Detection & Suspicious Activity Alerts

AvePoint uses behavioural analytics and threat intelligence to identify:

- Sudden mass deletions or modifications

- Encrypted or unusual file types

- Repeated suspicious user activity

- Known malicious file hashes.

These alerts are routed to the Espria experts, who can respond immediately and help prevent escalation.

Granular to Full‑Scale Recovery

Whether restoring a single lost file or recovering an entire Microsoft 365 environment, AvePoint and Espria support:

- User self‑service restores

- Admin‑level recovery options

- Full tenant rebuilds when required

- Disaster recovery support and guidance.

Espria manages the recovery process so customers don’t need deep technical expertise.

Reducing Data Exposure & Locating Sensitive Information

It’s normal for HR, Finance and other teams to store sensitive data but it becomes a problem when the data moves to the wrong place or is shared externally. AvePoint Insights (included by default in the Espria service) identifies:

- Sensitive files across SharePoint, Teams, Exchange and OneDrive

- External sharing risks

- Files containing PII, financial data, and confidential documents

- Misplaced or over‑exposed content.

Espria works with customers to understand which findings are important and applies corrective actions.

Automated Policies for Ongoing Data Governance

AvePoint’s Policies tool enables Espria to enforce security and compliance automatically. Policies can:

- Restrict risky sharing

- Enforce permissions

- Apply sensitivity rules

- Prevent accidental exposure

- Correct misconfigurations continuously.

Insights identifies the risks; Policies prevents them from happening again.

Full Microsoft 365 Security Review

The Espria Managed 365 Backup & Compliance package includes a thorough health assessment aligned to:

- CIS

- NIST

- Microsoft Secure Score

- Industry benchmarks.

This ensures your Microsoft 365 deployment is secure and compliant from day one, with expert guidance and best‑practice recommendations.

Why Choose Espria + AvePoint?

Espria enhances AvePoint’s technology with:

- Complete Microsoft 365 backup

- Ransomware response

- Sensitive data visibility

- Automated governance

- Compliance foundation checks

- Ongoing monitoring

- Expert remediation and support.

Cyber insurance has undergone a dramatic transformation in recent years, evolving from an optional safeguard into a critical component of modern business compliance. Yet despite this shift, many UK SMEs remain dangerously unprepared for the level of cybersecurity maturity insurers now require. In this in‑depth video, we unpack how cyber insurance has become a new form of compliance, what this means for business leaders and why failing to meet new underwriting standards can result in devastating financial consequences.

As highlighted by the Espria Head of Compliance, Ritchie Puckey, the biggest misconception is that cyber insurance is simply a matter of filling out a form. Too many organisations still assume policies function as automatic protection, without understanding that insurers now demand demonstrable evidence of robust, maintained and continuously tested cybersecurity controls. This dangerous underestimation has left many SMEs exposed, unaware that insurers may refuse claims or even decline renewals if they detect insufficient cyber hygiene.

In this video, we explore why insurance providers have effectively become regulators, scrutinising not just whether businesses have controls like MFA or incident response procedures, but whether they can prove these controls work. Businesses are now facing premium hikes of up to 300% or being denied coverage altogether because they cannot demonstrate active risk management or verified incident response capabilities. These aren’t theoretical concerns; there have already been real, public disputes where insurers rejected claims on the grounds that basic controls were missing or untested.

We’ll also break down the certifications and frameworks that are quickly becoming non‑negotiable prerequisites for insurability. Standards such as Cyber Essentials, Cyber Essentials Plus, ISO 27001 and SOC 2 aren’t just badges of cybersecurity excellence, they are emerging as minimum compliance expectations. Without them, businesses risk being categorised as high‑risk clients, facing stiffer premiums, reduced cover or outright refusal by insurers who are no longer willing to underwrite inadequate security postures.

One of the most significant shifts we cover is the movement of cybersecurity discussions from the IT department to the boardroom. Cyber risk is now both a financial and operational threat that demands oversight from CFOs, COOs and executive leadership teams. The key question has fundamentally changed from “Are we insured?” to “Can we prove we are insurable?”. This shift underscores a broader industry trend where preparedness, documentation, and measurable cyber resilience form the backbone of eligibility for cyber insurance.

Our video also delves into how Espria is helping organisations navigate this complex landscape. Through structured readiness assessments and cybersecurity gap analysis, they guide businesses in identifying overlooked vulnerabilities from outdated system migrations (such as the critical need to transition from Windows 10 to Windows 11) to the implementation of modern security solutions such as managed detection and response (MDR). These steps help organisations meet the strict standards insurers now expect, reducing the likelihood of policy rejection or costly disputes after cyber incidents.

By the end of this video, you will not only understand why cyber insurance requirements have tightened so dramatically, but you’ll also have a clear roadmap of the steps your organisation can take to strengthen its security posture, demonstrate cyber maturity and ensure that your insurance coverage truly protects you when it matters most. If your business wants to avoid wasted premiums, denied claims and preventable financial fallout, this comprehensive breakdown will give you the insights you need to stay protected in today’s rapidly evolving threat landscape.

#cyberinsurance #cybersecurity #smebusiness #businessprotection

Cybersecurity is no longer just an IT issue, it’s a business-critical priority. In this episode, we explore why building a cyber-aware culture and creating a threat-protected organisation is the smartest investment any business can make. With cyber threats escalating at an unprecedented pace, UK businesses face a stark reality: even the strongest technical defences can be undone by human error.

The UK government’s launch of the Vulnerability Research Institute (VRI) marks a significant milestone in strengthening national cyber resilience. This initiative aims to unite public and private sectors to share intelligence and uncover systemic weaknesses across industries. By advancing knowledge sharing and vulnerability research, the VRI promises to help businesses better understand and address infrastructure risks. But while collaboration is vital, organisations cannot afford to wait for external solutions, they need proactive internal strategies that address vulnerabilities at every level.

Why is this so urgent? A 2025 Sophos report revealed that social engineering attacks, such as phishing and malicious emails, were responsible for 37% of ransomware incidents in the UK last year. Groups like Scattered Spider exploit these weaknesses with alarming success. Even more concerning, over 40% of ransomware victims lack the expertise to detect and stop an attack, exposing a critical skills gap that attackers are eager to exploit.

So, what can organisations do to protect themselves?

• Invest in employee training: Cybersecurity awareness must extend beyond the IT department. Every employee—from reception to senior leadership—should know how to spot suspicious activity and follow proper reporting procedures.
• Refresh knowledge regularly: Threats evolve quickly and training cannot be a one-off exercise. Continuous education is key to resilience.
• Prepare for incidents: Stress-test your incident response plans and run cyber defence exercises to identify weaknesses before attackers do.
• Leverage MDR services: Managed Detection and Response adds expert threat hunting and remediation capabilities, reducing the risk of prolonged breaches.

For businesses handling sensitive data, such as payment details or personal customer information, robust monitoring and detection strategies are essential. MDR services provide expert threat hunting and remediation tools, adding a critical layer of protection. And when prevention isn’t enough, cyber insurance can help mitigate financial losses, making it a cornerstone of a comprehensive risk strategy.

The reality is that even the best cyber protection isn’t bulletproof. Threat actors are opportunistic, targeting the weakest entry points across all sectors. Retail may be in the spotlight today, but tomorrow it could be your industry. Don’t wait for headlines, take action now. Reassess your security controls, invest in training and consider cyber insurance to close the door on opportunity.

This episode also explores the human impact of cyber risk. Human error remains the number one vulnerability and attackers know it. A single lapse in judgment, clicking a malicious link or sharing credentials, can open the door to devastating consequences. That’s why building a cyber-aware culture is just as important as deploying advanced technology. From the IT team to the front desk, every employee plays a role in defending the business.

Watch now to learn how to build resilience, reduce risk and stay ahead of evolving threats. Discover why a proactive approach to cybersecurity is not just smart, it’s essential for survival in a digital-first world.

The compelling final episode of the Espria podcast series on The State of Ransomware 2025 report. Brian Sibley is joined once again by Jon Hope from Sophos to delve into a critical and often under-discussed aspect of ransomware: its human impact.

While previous episodes focused on attack profiles and industry statistics, this conversation shifts the lens to the psychological and organisational consequences of ransomware incidents. The discussion begins by acknowledging that ransomware is not just an IT or financial issue, it’s a deeply human one. IT professionals, often under immense pressure, face guilt, anxiety and even burnout following an attack. In fact, 31% of cases involve long-term stress-related absences and in 25% of incidents, senior IT leaders lose their jobs, regardless of fault.

The episode highlights how cybersecurity is still perceived as an IT-only problem in many organisations, which contributes to the lack of support and recognition for IT teams. However, there’s a silver lining; 30% of IT managers report increased recognition post-incident, suggesting a shift in how businesses value their cybersecurity teams.

Beyond the workplace, the ripple effects extend to families and communities, especially when victim organisations operate in critical sectors like healthcare or social care. A ransomware attack on a hospital, for example, can disrupt essential services and even endanger lives.

The conversation also explores the evolving tactics of cybercriminals. Ransom demands are now more strategically calculated based on a victim’s ability to pay, with some organisations managing to negotiate payments down to 85% of the original demand. However, negotiation is risky, 18% of organisations end up paying more due to missteps or perceived desperation.

Jon Hope explains how ransomware has become industrialised, with cybercriminals operating like legitimate businesses, complete with ROI models and affiliate networks. This scalability means that even small organisations are no longer safe from attack. The myth of being “too small to be a target” is firmly debunked.

The episode concludes with a call for collaboration, both within organisations and across the cybersecurity industry. Sophos’ Managed Detection and Response (MDR) service is presented as a way to share the burden, learn from global incidents and strengthen defences collectively. The idea is to build a “cybersecurity club” where knowledge is pooled and everyone benefits, mirroring the way cybercriminals themselves share tools and tactics.

Key Takeaways:

• Ransomware has significant psychological and organisational consequences.
• IT teams often face guilt, stress and job loss after incidents.
• Cybercriminals tailor ransom demands based on victims’ ability to pay.
• Negotiation can reduce costs but also backfire.
• No organisation is too small to be targeted.
• Collaboration and shared intelligence are essential to combat ransomware.
• Sophos MDR offers a proactive, community-driven approach to cybersecurity.

This episode is essential listening for business leaders, IT professionals and anyone involved in risk management. It’s a powerful reminder that cybersecurity is not just about systems, it’s about people.

For years, the Managed Service Provider (MSP) model has been the go-to solution for SMEs seeking reliable IT support. But for mid-sized businesses with skilled internal IT teams, this traditional model is no longer fit for purpose.

UK businesses are evolving. Their IT environments are more complex, their ambitions more strategic and their internal capabilities stronger. The one-size-fits-all MSP model is struggling to keep up. What these organisations need isn’t a replacement for their internal teams, but a partner that complements and enhances them.

Stephen Cook, Sales Director at Espria, believes the MSP model is “broken” because it hasn’t adapted to the pace of technological change or the shifting needs of modern businesses. As companies pursue digital transformation, cloud migration and cybersecurity upgrades, traditional support models are under strain. IT is now a strategic driver of growth and that demands a new kind of support.

Many MSPs lack the specialist skills needed for today’s IT environments. Internal teams are capable but stretched, facing growing threats and expanding transformation initiatives. Rigid MSPs often fail to integrate smoothly, creating friction and reducing agility.

Cook warns that adding an MSP can sometimes undermine internal control. IT managers are cautious about providers who disrupt strategic oversight or misalign with long-term goals. The concern isn’t just job security, it’s about autonomy and alignment.

Espria’s answer is co-managed IT: a partnership model that strengthens internal teams rather than replacing them. Businesses retain control over strategy and operations while gaining access to additional expertise, capacity and resilience. It’s not outsourcing, it’s collaboration.

Co-managed IT starts with the belief that internal teams are worth investing in. It builds on existing strengths and is ideal for mid-sized businesses navigating complex tech environments. These organisations need flexible, collaborative support, not rigid contracts and handovers.

While full outsourcing still has its place, the future lies in adaptable models that respect internal capabilities. MSPs must move beyond infrastructure management and embrace shared goals, mutual respect and tailored services. That’s what co-management enables.

This shift isn’t just about efficiency, it’s about strategic alignment. IT leaders need partners who understand their mission and contribute meaningfully. Cookie-cutter solutions no longer suffice. Businesses want collaborators who empower their teams and support their goals.

For IT managers, co-management eases pressure without sacrificing influence. It supports strategic initiatives while ensuring day-to-day operations run smoothly. It’s also a safety net during upgrades, migrations or security incidents.

From a business perspective, co-managed IT is a smarter investment. It avoids duplication, reduces inefficiency and lowers the risk of misalignment. By integrating external support into existing structures, businesses maximise the value of both internal and external resources.

In conclusion, the traditional MSP model no longer meets the needs of many mid-sized UK businesses. As technology evolves and internal teams grow stronger, flexible, collaborative support is essential. Co-managed IT respects internal expertise, enhances resilience and aligns with strategic goals, making it the future of IT support.

In this podcast, we explore the digital transformation journey of UK small and medium-sized enterprises (SMEs), drawing on insights from the SME Digital Adoption Task Force’s final report. As digital tools become central to business operations, many SMEs find themselves caught between the promise of streamlined efficiency and the reality of fragmented, overwhelming tech ecosystems.

UK SMEs are rapidly adopting digital solutions, from project management platforms and communication apps to specialised software for finance, HR and customer service. This surge is driven by the need to stay competitive, improve collaboration and unlock growth in a digital economy.

However, the report reveals a key challenge: strategic integration is often missing. Many SMEs invest in tools to meet specific needs without a cohesive plan for how they’ll work together. The result is a patchwork of platforms that may function well individually but create friction when combined. Employees are expected to navigate multiple systems, each with its own interface and login, often without standardised processes or sufficient training.

This fragmented approach leads to “platform fatigue.” Far from a minor inconvenience, it has serious implications for productivity, morale and performance. Employees waste time switching between systems, duplicating work and troubleshooting issues. Decision-making slows as information becomes siloed and the cognitive load of managing multiple tools fuels frustration and disengagement.

The financial impact is also considerable. Subscription costs can quickly mount, especially when businesses pay for overlapping or underused features. These hidden costs quietly drain tight budgets, making it harder to invest in growth. The report stresses the need to assess total cost of ownership, not just the upfront price, but also time, training and integration costs.

To address these challenges, the podcast advocates for a strategic approach to digital adoption. Rather than reacting to immediate needs with ad hoc purchases, SMEs should evaluate their broader digital strategy. This includes identifying which platforms deliver the most value, ensuring teams are properly trained, and prioritising integration to reduce friction.

Usability and alignment are key. Tools should be chosen not just for features, but for how well they fit into workflows and how easily they can be adopted. A powerful platform is of little use if it’s too complex or disrupts established processes. By focusing on practical outcomes, SMEs can ensure their digital investments support rather than hinder their goals.

The episode also highlights the role of government and industry support. The Task Force calls for targeted guidance, improved digital literacy programmes and resources to help businesses make informed decisions. These initiatives are especially vital for smaller firms with limited IT expertise or budget.

Another theme is the human impact of digital overload. Platform fatigue isn’t just about software, it’s about people. When employees are overwhelmed by disjointed systems, engagement and performance suffer. Simplifying the digital environment helps foster a more productive workplace culture, leading to better retention, stronger collaboration and a more agile organisation.

The episode concludes with a call to action for SMEs to reclaim control of their digital environments. By adopting a strategic, user-focused approach, businesses can reduce waste, improve efficiency and unlock the full potential of their tools. The goal isn’t to use more technology, but to use the right technology, intelligently and intentionally, to empower people and drive sustainable growth.

Episode 3: The Importance of Integration.

In this episode of our podcast series with Mimecast, the discussion revolves around the importance of integrating cybersecurity tools within educational institutions. The speakers, Rob Cox and Rob Stock from Mimecast and Brian Sibley from Espria, delve into the benefits and challenges of integrating various cyber tools to enhance the security posture of organisations, particularly those in the education sector.

The discussion begins by highlighting the significance of understanding the cybersecurity tools already in use within an organisation, particularly those in the education sector. The team emphasise that integrating tools from different vendors can strengthen the overall security framework and make the system more sophisticated, Brian adds that modern integrations are much easier to implement compared to the past, often requiring just a few clicks instead of writing code. This ease of integration allows for the exchange of telemetry between different systems, providing a broader understanding of threats within an organisation.

The speakers also discuss the concept of a "single pane of glass," which refers to having a unified view of the organisation's security status. This approach is preferred by IT professionals as it reduces the complexity of managing multiple consoles and helps in identifying and mitigating threats more efficiently. Additionally, integrating cybersecurity tools can help keep costs down by reducing the need to learn and manage multiple systems.

Another key point discussed is the human risk factor. The speakers stress the importance of understanding user behaviour and integrating this information into the broader telemetry of the organisation. This helps in identifying risky behaviours and educating users to mitigate potential threats. They also touch upon the impact of integrating cybersecurity tools on cyber insurance premiums. Demonstrating a proactive approach to cybersecurity through integration can positively influence insurance costs.

In summary, the episode underscores the critical role of integrating cybersecurity tools in enhancing security, reducing costs, and managing human risk. The team provide valuable insights into the practical aspects of integration and its benefits, making a compelling case for organisations to adopt a unified approach to cybersecurity.

In the second of our of State of Ransomware series with Sophos, Brian Sibley, VCTO at Espria and Jon Hope, Cyber Security Evangelist at Sophos talk about what goes on behind the breach and how ransomware gets in. In this episode the team explore the major technical and operational root causes that lead to ransomware incidents in the UK, why exploited vulnerabilities are the leading technical cause and what preventative strategies you can put in place. Don’t let your business become a statistic in the next State of Ransomware report.

In the first of 3 episodes covering Sophos' 2025 report The State of Ransomware', Brian Sibley, VCTO at Espria and Jon Hope, Cyber Security Evangelist at Sophos discuss the findings of this year's report, and specifically its implications for the UK. In this episode the team will reveal key findings that cover the scale and impact of ransomware in the UK, including 70% of attacks resulted in data being encrypted and 26% of encryption-led attacks also involved data theft. The team also discuss the report in comparison to the findings of the 2024 report, the trends and shifts in attack tactics and their outcomes. Gain an understanding of the real-world implications for UK businesses across various sizes and sectors.

Episode 2: The Threat Landscape

Educational institutions are prime targets for cybercriminals due to the vast amount of sensitive data they handle, including student records, financial information, and research data.

According to recent reports, there has been a significant increase in phishing attacks, ransomware, and malware targeting educational institutions.

1. Cyber Security Breaches Survey 2024: According to the UK Government's Cyber Security Breaches Survey 2024, 71% of secondary schools, 86% of further education colleges, and 97% of higher education institutions identified a cyber security breach or attack in the past year. Higher education institutions were particularly affected by phishing attacks (100%), impersonation attacks (90%), and viruses or other malware (77%).
2. Cyber Signals Report: According to Microsoft Threat Intelligence, the education sector in the UK is the third-most targeted industry, with universities experiencing an average of 2,507 cyberattack attempts per week. These attacks include malware, phishing, and IoT vulnerabilities.

In this episode our team discuss the impact of these attacks and how they specifically impact the education sector. We cover questions such as

What’s a typical ransom in the education sector?

How can schools avoid their data being encrypted?

What are best practices for enhancing email security in education

How to balance proactive and reactive strategies; it's not just about protect and detect, but also how you respond and recover.

You will learn how the threat landscape is changing, how cyber criminals exploit vulnerabilities in this sector, how AI is impacting the landscape and how to be proactive in your approach to cyber security.

Conclusion: The email threat landscape in the education sector is constantly evolving, with cybercriminals employing increasingly sophisticated techniques to target educational institutions. By staying informed about the latest trends and adopting advanced email security solutions, educational institutions can protect their sensitive data and ensure a secure learning environment.

In our next episode we’ll be discussing the importance of integration and how shared telemetry can enhance your security posture. We look forward to you joining us.