The Small

Business

Cyber Security Guy

Welcome to the blog and podcast, where we share brutally honest views, sharp opinions, and lived experience from four decades in the technology trenches. Whether you're here to read or tune in, expect no corporate fluff and no pulled punches.

Everything here is personal. These are my and the team’s thoughts, opinions forged in the heat of battle! And not those of our employers, clients, or any other professional with whom we are associated.

If you’re offended, take it up with us, not them.

What you’ll get here (and on the podcast):

Straight-talking advice for small businesses that want to stay secure
Honest takes on cybersecurity trends, IT malpractice, and vendor nonsense
The occasional rant — and yes, the occasional expletive
War stories from the frontlines (names changed to protect the spectacularly guilty)

I've been doing this for over 40 years. I’ve seen genius, idiocy, and everything in between. Some of it makes headlines, and most of it should.

This blog and the podcast are where we break it all down.

Grab a coffee and pull up a chair, you need to see this!

When Your Firewall Vendor Starts Dropping Weekly CVEs

Your firewall vendor just announced another critical vulnerability. Last week brought two more. Last month? Six. When does "routine security update" become a vendor reliability crisis that threatens your business?

For UK SMBs running Fortinet or SonicWall, the CISA Known Exploited Vulnerabilities catalogue tells an uncomfortable story: your perimeter security is under active, documented attack. This isn't vendor marketing or compliance theatre.

This is your board-level "do we stay or do we leave" conversation, backed by evidence, decision frameworks, and a migration playbook that won't destroy your operations. Time to score your vendor.

Fortinet's Security Crisis: Why Does Nobody Care That Your VPN Is a Nation-State Playground?

Here's a question that should keep every director awake: what happens when the device meant to protect your network becomes the primary way attackers get in?

Between 2023 and now, Fortinet's SSL VPN has been exploited three separate times using the same type of vulnerability. Chinese intelligence services stole configurations from 20,000 organizations worldwide.

Cyber insurers charge double the premiums for businesses using Fortinet kit. Yet Fortinet posted 50% revenue growth and continues to dominate the enterprise firewall market.

This isn't a technical problem. It's a market failure that puts your business at risk while nobody gives a damn.

⚠️ Full Disclaimer

This is my personal blog. The views, opinions, and content shared here are mine and any contributors and ours alone. They do not reflect or represent the views, beliefs, or policies of:

Our Day Job employers
Any current or past clients, suppliers, or partners
Any other organisation We affiliated with in any capacity

Nothing here should be taken as formal advice — legal, technical, financial, or otherwise. If you’re making decisions for your business, always seek professional advice tailored to your situation.

Where we mention products, services, or companies, that’s based purely on our own experiences and opinions — We are not being paid to promote anything. If that ever changes, we’ll make it clear.

In short: This is my personal space to share my personal views. No one else is responsible for what’s written here — so if you have a problem with something, take it up with me, not my employer.