In this episode of Your Business, Your Next Level, host Eunicia Peret is joined by Mike Fitzpatrick, founder and CEO of NCX Group, a leading cybersecurity consultancy. With over 25 years in cybersecurity and four decades in IT, Mike shares a no-nonsense breakdown of how businesses—especially small and mid-sized ones—are massively underprepared for cyber threats. He covers the evolution of cybersecurity from its infancy to today's AI-fueled threat landscape, the legislative roots of breach law, and how his early methodology became the standard used across industries. Mike also gives a deeply personal look at the emotional toll of cyberattacks, underscoring why cybersecurity is not just a technical problem—it’s a business survival issue.

Key Takeaways:

Cyber Risk is the #1 Business Risk: Most business owners are unaware of how vulnerable they are, often finding out only after a breach.

Secure Your Crown Jewels First: Mike’s methodology starts by identifying what’s most critical and building security from the inside out.

AI Has Changed the Game: Generative AI has dramatically increased the effectiveness of phishing and social engineering attacks.

Disconnect Between IT and Leadership is Dangerous: Too many CEOs assume IT has security handled—without ever verifying the risk.

Education is the Best Defense: From policies to employee training, proactive awareness is the single most cost-effective way to defend against cyberattacks.

Timeline Summary:

[00:01:00] Mike shares his 40+ year background in IT and the founding of NCX Group.

[00:03:00] His early work on cybersecurity legislation with Senators Feinstein and Bono Mack.

[00:06:00] Reflections on meeting Steve Jobs, Wozniak, and Bill Gates—and the impact of early tech culture.

[00:08:00] How the "people, process, technology" framework shaped modern cybersecurity risk assessment.

[00:10:00] The evolution of his Secure24 methodology into what is now the NIST standard.

[00:14:00] A real-world case: ransomware shutting down a company for over 30 days, costing millions.

[00:17:00] The launch of his CSO advisor program to educate professionals serving CEOs.

[00:20:00] Why small businesses are primary targets, not exceptions, in cybersecurity attacks.

[00:22:00] How AI-driven phishing campaigns have pushed successful breach rates up to 50%.

[00:26:00] The emotional and relational impact of a cyberattack—on families, teams, and business survival.

[00:29:00] What business owners must do: policy, training, assessments, and better IT communication.

[00:33:00] Mike’s biggest business lesson: misplaced trust and the need to pause before making key decisions.

Links & Resources:

https://www.linkedin.com/in/ncxgroup/