Ep.81 A Business Owner’s Guide to Cybersecurity
With Peter Andrijeczko
Episode Description:
This episode features Peter Andrijeczko, a Reading-based cyber security expert and Information Security Manager. The conversation delves into the human side of security, defining it as the essential practice of protecting valuable data from “bad actors”. Peter emphasises that employees serve as a business’s first line of defence and highlights the importance of education in spotting threats like phishing.
We also discuss the evolution of security models, moving from traditional “bastion” defences to the modern Zero Trust approach—a “verify, don’t trust” philosophy that constantly monitors network activity. The role of AI is examined as a “Cold War” tool used by both defenders to monitor systems and attackers to launch more sophisticated breaches.
Finally, the conversation covers practical strategies for both large organisations and “the little guy,” including the use of cloud technology and password managers. Peter concludes by offering five immediate privacy tips—such as disabling email preview panes and stripping photo metadata—to help individuals protect their digital footprint.
Contact Peter Andrijeczko: peter.andrijeczko@posteo.uk
Peter Andrijeczko’s Social Channels:
Listen to the episode
Episode Time Codes
00:00 Introduction and welcome to Peter
00:42 What is Cyber Security?
03:10 What problems do companies face when it comes to Cyber Security
06:18 How can businesses minimise problems on the front line of defence
07:12 How has AI impacted cyber security
12:37 Process for applying Cyber Security
16:02 How do you communicate difficult subjects for CEOs
16:44 How do you communicate difficult subjects for employees
19:10 What problems do smaller companies face
20:55 Peter’s planned cyber security talks at the Ukrainian centre
24:24 Change resistance | How do you get people to take on board changes
26:65 Peter’s final advice for individuals
Videos
What is Cyber Security?
Implementing Cyber Security Processes
Cyber Security Problems Companies Face
How Businesses Reduce Cyber Problems
How to Overcome Change Resistance
Key takeaways
Employees are Your “First Line of Defence”
Technology alone cannot secure a business, as the human element is the most critical factor. Peter emphasises that educating staff on how to spot reconnaissance activity is essential, as most attacks—like phishing—rely on human error to succeed. Rather than reprimanding staff for mistakes during simulations, businesses should focus on training them to be the primary alert system for unusual activity.
Move Toward a “Zero Trust” Model
The traditional “bastion” or “castle” defence—where everyone inside the office network is automatically trusted—is no longer sufficient in an era of remote work. Business owners should consider a Zero Trust approach, which operates on the principle of “verify, don’t trust”.
Use Risk Analysis to Balance Cost and Protection
Cybersecurity is about mitigating risk, not achieving absolute perfection. Peter advises business owners to categorise their data by sensitivity—for example, a client database is far more valuable than general sales documentation—and apply protections accordingly. Instead of spending infinite amounts of money, owners should use a cost-benefit ratio to invest in tools (like firewalls or cloud services) that provide the highest reduction in risk for their most sensitive assets.
Episode References
Peter’s 5 Cyber security tips
Close the Email Preview Pane: Peter recommends disabling the preview pane in clients like Outlook to prevent “tracking pixels” from loading. These pixels alert show that your email account is active the moment you view the message.
Use Multiple Web Browsers: To stop data-collecting companies from tracking your entire digital life, Peter suggests using different browsers for different tasks. Use a primary browser for general accounts, but switch to a privacy-focused third-party browser for sensitive activities like banking.
Adopt a Password Manager: Use a tool like KeePass to manage your credentials across all platforms. This allows you to maintain a unique, complex password for every single site you visit without having to memorise them all.
Strip Metadata from Photos: Before posting images to social media, use an application to remove the “EXIF” metadata. This hidden data can contain exact GPS coordinates of your home or reveal when you are away on holiday, leaving you vulnerable to burglary.
Avoid Public Wi-Fi: Public hotspots can lead to bad actors using small computers to intercept your data. Peter advises using your mobile phone’s data allocation whenever possible, as it is much harder to compromise.
What is a CISO (mentioned during the podcast)?
A Chief Information Security Officer (CISO) is a senior executive responsible for overseeing an organisation’s information security strategy and ensuring that its data and technology are protected from cyber threats. The CISO develops and implements security policies, manages risks, and collaborates with other executives to safeguard the organisation’s information assets.
Large Enterprises tend to have their own CISO and security teams beneath them, small and medium businesses might rely on third parties to cover some or all of the CISO role if they don’t have one themselves.
Password Manager | KeepassXC
Let KeePassXC safely store your passwords and auto-fill them into your favorite apps, so you can forget all about them.
We do the heavy lifting in a no-nonsense, ad-free, tracker-free, and cloud-free manner. Free and open source.
Alternative Web Browsers
Mozilla Firefox Browser | https://www.firefox.com/en-GB/
Brave Browser | https://brave.com/download/
Cyber Security Links
UK Cyber Essentials Web Site
ncsc.gov.uk/cyberessentials/overview
UK Government Cyber Security Guidance For Business
gov.uk/government/collections/cyber-security-guidance-for-business
Ransonware attach on KNP
Peter mentioned a UK transport business that was put out of business by a ransomware attack in 2025. You can read about the incident on the BBC website.