Cyber crime has become a mainstream business risk, yet many UK SMBs still treat it as an IT problem to be quietly managed between printer issues and password resets. In this Hot Take, Noel Bradford argues that scams, fraud, ransomware, and account compromise belong on the risk register alongside cashflow, supplier risk, and customer retention. Drawing on recent British Chambers of Commerce data showing that 21% of firms experienced cyber attacks and 20% reported fraud or scams in the past year, Noel challenges the notion that security is an optional grudge purchase. He makes the case that cyber incidents ultimately land in the business, not just the server cupboard, affecting finance, operations, sales, HR, legal, and leadership. The episode reframes security spending as growth protection and resilience, not compliance theatre, and offers practical questions business owners should ask before an incident forces them to learn the hard way. For UK SMBs and US listeners alike, the message is clear: if cyber only lives in your IT budget, leadership has already failed the first test.

• Welcome Noel opens by framing cyber crime as a business problem with IT consequences, not just a server cupboard issue. He highlights the real costs: time lost, money lost, trust lost, growth delayed, and staff pulled into incidents they didn’t cause.
• Cyber Crime as Business Risk Noel unpacks recent British Chambers of Commerce data showing that 21% of UK firms experienced cyber attacks and 20% reported fraud or scams. He argues that cyber incidents, whether ransomware, invoice fraud, or account takeover, all land in the business, affecting finance, operations, sales, HR, legal, and leadership. He challenges the habit of treating cyber as a grudge purchase and calls for it to be budgeted alongside cashflow, supplier risk, and customer retention. The section includes US parallels via FTC and CISA guidance, and closes with practical questions business owners should ask to map risk, assign decision ownership, and plan resilience before an incident strikes.
• Outro Noel delivers the Hot Take: cyber crime is now a cost of doing business and must be treated as such. He urges leaders to add cyber and fraud to the risk register, review payment controls, assign incident decision owners, map critical systems, and budget for resilience. He warns that firewalls won’t fix weak governance or rebuild trust, and leadership must act before an incident, not during a panicked Teams call.

• https://www.britishchambers.org.uk/
• https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2024
• https://www.ftc.gov/business-guidance/small-businesses
• https://www.cisa.gov/resources-tools/resources/small-business-resources

• https://www.expressvpn.com/blog/
• https://techcrunch.com/
• https://cybernews.com/
• https://www.scmagazine.com/
• https://www.bitdefender.com/
• https://www.securitymagazine.com/
• https://www.wired.com/
• https://vpnmentor.com/