Dan Thornton is the Co-founder and CEO of Goldphish. He is a former Royal Marine Commando who channeled his operational expertise into cybersecurity. Today, Dan leads a security awareness training company, helping organizations turn their people into their strongest defense with over 2.1 million learners trained worldwide.
Threat actors don’t just target large corporations. Small and medium-sized businesses (SMBs) are finding themselves in the crosshairs of attackers who use automation, AI, and social engineering to cast a wide net of cyber threats. From convincing phishing scams that capture credentials to AI deepfakes that mimic trusted voices, the methods used to manipulate and exploit unsuspecting employees are becoming more sophisticated. So how can organizations protect themselves when even the most vigilant staff can be fooled?
Organizations that believe they are too small to be targeted by threat actors often learn the hard way that one single mistake can have devastating consequences. Yet improving cybersecurity posture and building awareness doesn’t have to be overwhelming or costly. SMBs can take simple steps, such as enabling multifactor authentication (MFA) for all business accounts, updating software and systems, and maintaining regular backups. Security training is also critical because it helps employees recognize threats and avoid mistakes that often lead to incidents. By combining basic security measures with security awareness training, businesses can foster a culture that strengthens their defenses against cyber threats.
In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with Dan Thornton, Co-founder and CEO of Goldphish, about how small and medium-sized businesses can enhance their cybersecurity defenses. Dan emphasizes that attackers do not discriminate based on company size and that common blind spots, such as over-relying on technology, neglecting incident planning, and staying silent after mistakes, can leave organizations vulnerable. He explains why steps like enabling multifactor authentication, performing regular backups, and conducting employee security training make a big difference in reducing risk. Dan also shares insights on how companies can counter the growing threat of AI deepfakes and why business email compromise (BEC) remains one of the most effective scams.
Published on 15 hours ago
If you like Podbriefly.com, please consider donating to support the ongoing development.
Donate