Cybersecurity Made Practical For Every Business

Show Notes

We share why every business has a digital footprint worth defending and how simple layers turn chaotic risks into manageable routines. Ray maps recent UK breaches to practical fixes and explains the path from corporate engineer to founder building end‑to‑end protection.

• value of defence in depth across devices, networks, cloud and people
• why social engineering and phishing still drive most breaches
• practical steps for strong passwords and multi‑factor authentication
• staff as the human firewall and how to build healthy pause‑and‑verify habits
• synergy from community, chambers and office neighbours in the tech ecosystem
• growth story of Secure Nexus and what scales in a fast‑changing threat landscape
• services that matter for SMEs, from SOC to penetration testing
• short planning horizons and rehearsed incident response for resilience

Contact: support@securenexus.co.uk or securenexis.co.uk

Chapters

• 0:00: Meet Ray And Secure Nexus
• 0:57: What End-To-End Cybersecurity Means
• 2:06: Why Security Matters To Every Sector
• 3:36: Recent High‑Profile Attacks
• 5:17: Social Engineering And Phishing Tactics
• 5:54: Ray’s Path Into Cybersecurity
• 9:04: From Corporate To Founder
• 10:08: Building Community Through Chambers
• 12:01: Office Synergy And Partnerships
• 14:20: Services: SOC And Pen Testing
• 14:46: Growth, Clients And Expansion Plans
• 16:47: Practical Security Tips For Teams
• 19:57: Where To Find Secure Nexus
• 20:37: Closing Thoughts

Transcript

SPEAKER_00: 0:15

Welcome back to the Sterling Business Podcast from Studio King Street in the heart of Sterling. I'm Neil Munda, your host, and today I've got a fantastic guest that I've known now for a couple of years. We met through the Chambers of Commerce, the Fourth Valley Chambers. Mr. Raymond Setchfield, founder and CEO of Secure Nexus. Thank you very much for having me. You're very welcome. So Ray's got the most interesting job in the world. He talks to businesses about security. I'm sure every business wants to have a conversation about security, or not, as the case may be. It's definitely the case. So Ray, why don't you tell us a little bit about what you do and um and and your business Secure Nexus?

SPEAKER_01: 0:57

So Secure Nexus uh has been going, funny enough, uh just two years since September 2023. We we we founded a company and we've uh yeah, we've been kind of going strength for strength from there. Um certainly the uh the chamber meeting yourself uh has been uh very valuable to the company and we've yeah we've just kind of grown uh from there. Um the business itself, the services that we provide uh excuse me, is uh essentially that end-to-end kind of service. We do that defence in depth aspect of of cybersecurity. So from your laptop and protecting that laptop and monitoring um the ongoings um of that um right up to um the uh your office space and protecting firewalls, looking after your networks, um to websites, uh uh software as a service applications, things like that. So yeah, we kind of give that proper end-to-end uh service for cybersecurity.

SPEAKER_00: 1:53

Okay, so it kind of makes a lot of logical sense for a uh an office-based business or an organization that has lots of employees, road warriors with lots of laptops or um mobile devices. Um why would this apply to every business, um, whether you're a retailer, a manufacturer, or even a f uh you know, a bank?

SPEAKER_01: 2:16

So great question. I mean the the the thing is as soon as you put any kind of footprint down, uh you will have some kind of digital footprint. Um and that doesn't matter what kind of business you are. So if you're a bank to uh you know to maybe just a a printer or something on those lines, something that you might think is a bit low tech, you're still collecting data in some way, shape or form, um in which that could be your client's details, how you bill someone, or just the data that you're collecting for like, for instance, uh flyers, really for a printer side of things. That data is uh very valuable to you, it's very valuable to uh how you run your business, and ultimately it the the you know it's it's effective for um those uh threats, I suppose those actors that come in or try and attempt to break into your environment to gain access to that information to move supply chain-wise and things like that. So yeah, it's uh it's extremely valuable to every business to uh uh have this type of cybersecurity.

SPEAKER_00: 3:23

So what might be quite useful is just to give a couple of examples of different indust industry sectors that have seen some pretty high profile attacks of late. Um just to try and put what you said into context there with regards to different industries.

SPEAKER_01: 3:36

Yeah, so I mean the the uh the the latest couple that we've had recently, co-op, for example, um they supply they they suffered uh quite a quite a uh a well-recognised uh cybersecurity attack. Mark Suspenser's, I mean, if anybody was a Mark Suspenser's customer over the last few months, they've certainly known the pain of um not being able to use their rewards or uh online services, things like that, delays in their deliveries, etc. Um right up to what's what's currently present at the moment, which is a Jaguar Land Rover uh situation where they have physically stopped production of their cars at the moment to try and resolve what is currently going on within that uh cybersecurity attack that uh so how were they attacked?

SPEAKER_00: 4:23

What happened in that particular instance?

SPEAKER_01: 4:25

Um I th the details are still uh I I wouldn't like to speculate too much, the details are still quick sketchy on that one, so um I'll I'll remain quiet uh quite quiet until those details come out. But certainly if we go back and have a look at the co-op um and the um uh the Marcus Spencer's ones, certainly what appears to have taken place there is it was it started from a simple phone call and it was a social engineering attack. So it was someone impersonating to be someone else.

SPEAKER_00: 4:55

Yeah, which is becoming very common here. I mean I don't know. In the last two weeks I've probably had multi uh three or four phone calls from complete random sources um trying to, you know, discuss my bank details and other things. So I'm I'm not in I'm I'm I I am the norm, I think, is what I'm saying. Everybody seems to be getting hit on a regular basis by by these types of uh types of things.

SPEAKER_01: 5:19

Yeah, the the st the the main common attack still at the moment is phishing. So when I'm when I'm talking about that, it's an an an email that's either uh being impersonated by someone or it's got a sense of urgency or it has some kind of link on it and where if you click that give some kind of details or you know provide um or just click on something, it might give you a virus, or it might do something like ask you for your details or s or something on those lines of speculating. But um you know they are still very much very common attacks, very very common attack factors for us.

SPEAKER_00: 5:54

Scary stuff. So I don't think I've ever asked you this, Red, but why on earth did you decide to get into security and tech technology security in in particular?

SPEAKER_01: 6:04

So well, how how long you got to talk about that one?

SPEAKER_00: 6:08

Um why why didn't you become a mechanic or get a trade?

SPEAKER_01: 6:12

So I mean I uh this the my my journey with computers started back in eighty-four. Now this is me showing my age now. I mean um as edic Spectrum appeared at my my house and I just became enamoured by them straight away. Loved what they did, you know, learned different languages, um played computer games on them, just learned how they ticked. And that love just continuously grew throughout my childhood, throughout um uh my high school business. Pretty much, yeah. And yeah, I started uh I started cutting my teeth back in '98, working at some microsystems in Lunlift. Um doing very well. Yeah. Used to compete with them when I was teaching. Yeah. So yeah, we were um very much there, but it was um um yeah, so that's kind of where I cut my teeth. The dot com bubble burst, as you're well aware, in the early 2000s, and uh I started working at NCR, you know, doing um internal services, fixing uh credit card machines and things like that. And ATMs as well though? No, it was just uh credit card machines. So they were uh they were kind of subcontracted by RBS or Netwest at the time, um, to basically do merchant services, so we're fixing credit card terminals, etc., over the phone, um and things like that. And then I moved into working in internet service providers and basically built up my career from there. Uh about 15 years ago, um I saw a shift in in in the market. I was at a I think it was a uh it was some kind of event down in London, and uh and you know, you know, you kind of see common trends or you're starting to see what's going on in the market, um, and it it gives you an idea or it gives you a good indication of what's going on. Um and I saw a shift at that point in where a lot of people were moving to kind of code software development, um, but cybersecurity was starting to become an extremely big thing. And because I was very much interested in that when I was younger, um my teenagers um and things like that, I thought I'll move into cybersecurity, and that's basically how it's kind of came about. I've been in IT for 25 years plus, um but it started off with infrastructure and now it's growing into the cybersecurity.

SPEAKER_00: 8:30

So when when did you eventually uh decide to make the move from a corporate environment working within the tech and security space into setting out on your own as a as a business owner?

SPEAKER_01: 8:42

Um It's always it's always been in an interest to do so. Um the the you know, it's a bit like everything else, so you know, you grow up, you have a family, and obviously the the family becomes priority. Um family's a little bit older now, um the kids are a lot grown up, granted they are still very you know, they are still young kids, um, but they you know there's not that greater dependency on them anymore. So decided that it would be a good idea uh now to kind of start that business. Um, you know, I kind of joke about it, you know, fed up making other people money. It's about time I made my cell phone money some money. So yeah, the the business um was started then.

SPEAKER_00: 9:21

Okay. And uh your kids are there tech geeks as well? Uh following dance one step, so that's that's a good question.

SPEAKER_01: 9:28

Um kind of obviously that they've they've grown up with these the technology and things like that, and obviously that's gonna be a totally separate conversation about child how to protect the child on the internet and stuff, but yeah, they they grew up with it. Um they they'll you know they've got iPads, they've got mobile phones, they've got like electronic devices like every child's pretty much got nowadays. Um but the um but I d I I don't think so. I think my daughter's very much she wants to become a lawyer. My son, he's definitely going to be an engineer, but what I don't know yet. He's he's very he's very problem solvish. So uh I think it'll be a case of watch this space, you know, see what happens. Okay.

SPEAKER_00: 10:07

Good. So if we bring the conversation um you know back to the Fourth Valley, back to Sterling uh in particular. Uh as I said uh earlier on, we probably met what 18 months ago. I think you just just about started your business when we uh when we first met for the first time in the chambers. Um tell us a little bit about the value that you've uh as a business owner starting your business, the the what networking, what the chambers in particular has done for you so and your business.

SPEAKER_01: 10:36

Yeah, I mean uh starting off a business. I didn't I mean I s I still don't know what I'm doing, really, to be honest with you, running a business since things. But I mean the the chamber's been valuable, very valuable. Um you know, um Lynn Harris, as you're well aware, she's a friend of the chamber. Yeah, she's fantastic because she's absolutely uh absolutely fantastic. She really kind of helped uh made me feel welcome, right, at the first show. And as you probably aware, and you know, if you're starting up your own business, you're like as you've done, it's quite overwhelming and trying to meet new people and things like that, and not actually having that kind of network and uh um you know try it is yeah, it's a bit daunting. So um the the chamber's been absolutely fantastic, they've they've helped us kind of nurture um me and help me as a business, and obviously meet great people like yourself and and uh and others within uh the industry is is fantastic.

SPEAKER_00: 11:33

And you're now resident in one of our offices in the country.

SPEAKER_01: 11:36

I am indeed, I am indeed. Yeah, so I mean, um, you know, uh I kind of I show people around this building myself, um and uh and I I I had zero input into it, but I show it off like it's my own. It's it's absolutely fantastic, all of this building. Um and uh and obviously with us kind of working together um very closely, it made sense for me to be here. It made sense for me to try and um kind of spider out a lot about with the businesses that you have within this uh within this building. Totally made sense to me. Totally.

SPEAKER_00: 12:11

Yeah, and and I guess being part of that community of other small to medium-sized businesses, some are quite big businesses, but uh within the kind of same environment, have you seen that as a kind of benefit to your business in terms of developing or expanding your footprint, working with other sectors and other other industries as well?

SPEAKER_01: 12:30

Yeah, absolutely. I mean you've got as you quite rightly pointed out, you've got some kind of um multinational companies in here, you've got some other larger companies uh within the within the office spaces here. Yes, absolutely. It's allowed us to uh uh network at your minimum with those businesses, kind of showing that we are here to help them. And obviously, because we are part of your network, we're part of the the infrastructure, the IT infrastructure within this building. We have to interact with them on a day, you know, on a not on a daily basis, but on a quite a regular basis. So it allows them to see who's the face and things like that. So yeah, absolutely. It's it's really.

SPEAKER_00: 13:21

Yep. In full short corner of the building with your shorts on in the in the in the in the middle of uh middle of December. Absolutely. Um but um no, that's that's great, and and thanks for your kind words, and you know, and and and I think the feel feelings mutual, people get a lot of value from you being in the building. Yeah um, you'll pick up some business from time to time as well, which is great. Um, it helps your business, it helps theirs. I think the other complimentary thing as well is um we have other people within the tech space in the building, you know, website designers, you know, people who are developing software. Um, and there's a natural synergy between some of the services you can provide, not just to my business but to other businesses within the building and outside of the building. So hopefully that networking and and and that uh community will continue to flourish for you.

SPEAKER_01: 14:13

Yeah, you've you've you've hit the nail on the head there. I mean, as you quite pointed out, we've got some uh web developers, application developers there. Um, you know, part of the service that we do provide is penetration to the services, we provide uh security operation services 24-7. So, yeah, absolutely, these are you know key instruments to these businesses that are having these software as a service application or building these uh web applications um, you know, uh um uh f for their own businesses or even for their own clients. It makes total sense.

SPEAKER_00: 14:46

So, what's in the plan for the next 12 months where are you looking to take the business and and uh you know what uh priorities have have you got?

SPEAKER_01: 14:53

So uh it's very difficult. I don't really try and plan too far ahead when it comes to the 12 months. Especially wise in the security. Yeah, because I mean the the the fret landscape changes pretty much on a monthly basis, well not on a monthly basis, pretty much on a day-to-day basis, I would probably say. Um because you know there's always something that comes out like a zero day, which obviously means that you're um a piece of software vulnerable to to attack without being patched and things like that. Um so I try not to plan too far into the future. I do I do with my business just what I'm trying to kind of achieve over the next six months at least. Um so it's just uh it's essentially, you know, we're in we just completed year two, you know, um to give you an idea, because you know, the the information will be publicly readable, but we've we've grown from a a business that you know um was kind of roughly turning about£47,000 for the first year, and we've travelled that this year, which is fantastic, and obviously turned a profit, which is you know, which is absolutely fantastic. You know, the idea is to still continue that momentum and and obviously that changes. Is that coming with bigger contracts or um more complex contracts? Both to be honest with you, Neo. Um the uh some of the contracts, because we we have won some big names, um, which uh I would love to tell you who they are, but can you probably have to kill me? Exactly, exactly. But you know, we we are um you know we are top and bottom of the UK, you know, that's where our clients are based. If we do have possible opportunities to even go further south and head down to South Africa, which we hopefully should be touched, you know, when we're having that uh you know, win very, very soon on that. But uh but yeah, I mean that that aspect of it is just about keeping the momentum going, keeping that business growing and and ultimately, you know, there's the the a a lot of it we've of the business that we want is either been through business reputation or fantastic people like yourself that say, hey, you know, have you thought about Secure Nexus for your IT support or your network services or you know cyber security, that type of thing? And that's you know, that that's totally valuable to me. Totally valuable.

SPEAKER_00: 17:07

Good. So do you have any tips and tricks for the listeners? Um you know, some pretty basic fundamental things that they should be doing and doing in their businesses to keep them safe.

SPEAKER_01: 17:17

So yeah, I mean it it sounds really quite silly, but to be honest with you, it's um cybersecurity is about defence and depth. So when you when I when I when I'm meaning that, it's think about of of an onion and those layers right down to the core. Um so we start off with a password, but we try and make sure that that password's strong enough. So what I would always recommend is is that you try and follow what's known as the National Cybersecurity Centre's guidelines, and where that you have a password that's uh approximately 12 characters in length. Um or if I remember correctly, forgive me because I'm doing this from memory, it's about eight characters long if you're using multi-factor authentication. I would always recommend to use multi-factor authentication to anybody. Well, multi-factor authentication is um is token-based, it's a one-time password, so that could be in a form of a text message, uh, an application that g that will give you a number code, or um an email that will send you a code or a password or something along those lines. So not only you're using your password to gain access to a website or your your applications, you're then using that that one-time password or that one-time code to then uh verify that you are that person. So I would always recommend that you use multifactors uh as and where you can. Another aspect in it again, this goes back to pretty much what we were talking about earlier, which is about fishing, is that the vigilance side of things um it needs to kind of, you know, that you as a as a business, we have employees or we we have people that work for a company, and they are always the what we call the human firewall. Um and they uh ultimately uh need to be vigilant on what they're looking at and clicking on and things like that. So what we'd always recommend is if you get an email and you are unsure about the origin of that email or if there's a sense of urgency behind that email or something on those lines or they're asking you to pay something, uh is take a step back. Pause and reflect on that email. If it doesn't look right to you, there is no shame in calling that person from a valid number that you're aware of or contacting them and saying, Hey, did you send me this? Um and usually you know there'll be some kind of validation at that point. Um but yeah, f phishing emails is still very much a primary target and it would always be something I would tell people to be very vigilant on.

SPEAKER_00: 19:56

Okay. Brilliant. Well, thanks for your time, Ray. It's been very informative. Uh where can people find you and uh if they want to talk about kind of protecting their businesses?

SPEAKER_01: 20:05

So they can find me here at working Flexysfaces at 48. Even in the winter. Even in the winter, I'm sure. Absolutely. Um they can reach us at support at secure nexus.co.uk um or alternatively they can contact us through our website as well, which is securenexis.co.uk.

SPEAKER_00: 20:25

Okay, well, thank you very much, Ray. And uh good luck with the business in the next two years. I appreciate it. And hopefully hopefully you'll go from strength to strength. Yeah, fingers crossed. Thank you very much. Appreciate it. Cheers. Well, that's another episode of the Sterling Business Podcast. Uh come to a close. Had a fantastic guest this week, uh, Raya Setchfield from Secure Nexus. So um some things to think about for sure, um, to protect your business. So until next time, um keep safe and we'll speak again soon.