All Posts

2025 was a loud year for small businesses and technology, not because of shiny new tools, but because the basics  got harder to ignore. Across the themes we kept coming back to on Hudson (aging tech driving costs, security threats getting more “human,” vendor risk showing up in real ways, and AI moving from curiosity to daily workflow), one message became clear: SMBs don’t need more tech, they need clearer priorities and better control. So as we head into 2026, the goal isn’t

AI Sprawl: the SMB problem nobody planned for A year ago, most small businesses were asking, “Should we use AI?” Now the more common reality is: you’re already using it, you just don’t know how many. That’s AI sprawl  (and increasingly AI agent sprawl ): a fast-growing collection of AI tools, copilots, plugins, and “agents” adopted by different people for different tasks… without a clear owner, standard process, or consistent guardrails. It usually starts with good intention

The rise of token theft + “Approve Access” scams hitting small businesses If you’re a business owner, you’ve probably heard the standard advice for years: Use strong passwords Turn on Multi-Factor Authentication (MFA) Train employees not to click suspicious links That advice is still good. But here’s the uncomfortable update: Attackers are increasingly bypassing passwords (and even MFA) by stealing “login tokens” or tricking users into approving access. In plain English: the

A simple SMB guide (with guardrails so it doesn’t bite you later). Agentic AI is most valuable when it’s pointed at repeatable work  that steals time, causes delays, or slips through the cracks. The trick is to start with workflows that are: High volume Low-to-medium risk Easy to measure Easy to roll back Below are 5 workflows many SMBs can stand up in 30 days, if you start in “recommendation mode” first, then graduate to supervised execution. Before you start: the 3 rules th

A simple guide for owners who want the upside, without the surprises. You’ve probably used “AI” as a helper already: write an email, summarize a document, generate an ad, draft a policy. Agentic AI is the next step.  Instead of only suggesting  work, it can plan + take actions across your tools  (email, CRM, accounting, ticketing, calendars, procurement) with limited supervision. Think: AI that can do the work , not just talk about it. What is Agentic AI (in plain business te

Artificial intelligence is no longer just a productivity tool. It has quickly become a force multiplier for fraud , and small and mid-sized businesses (SMBs) are firmly in the blast radius. From deepfake voices impersonating executives to AI-generated phishing emails that look indistinguishable from real communications, fraud tactics are evolving faster than many organizations’ defenses, and faster than many insurance policies were originally designed to handle. For SMBs, the

Cyber insurance applications and renewals have changed.  What used to be a simple questionnaire has evolved into a technical, sometimes overwhelming review of your security posture, data handling practices, and operational maturity. Insurers are asking tougher questions, requiring proof of controls, and in many cases, denying or limiting coverage when submissions are incomplete or inaccurate. At Hudson, we’ve seen firsthand how frustrating this process has become for business

Cyber insurance renewals aren’t what they used to be. The days of a one-page application and a quick signature are gone. Carriers now require detailed security documentation, ransomware supplemental forms, and proof that your business meets minimum cybersecurity standards. This guide walks you through how to prepare , what information you’ll need , and how to avoid surprises  so your renewal goes smoothly. Before You Start a Cyber Insurance Renewal: Know What the Insurer Is L

If you’re a small or mid-sized business owner, nothing makes your stomach drop quite like an email from your insurance broker that says: “Please fill out this ransomware supplemental application." You click the attachment, and suddenly you’re staring at pages of technical questions about MFA, backups, endpoint monitoring, patching cadence, privileged accounts, and terms you may have never heard before. So, what is this questionnaire, and why are you suddenly responsible for u