Microsoft officially ends support for Windows 10 today. Your computer won't suddenly stop working but local IT firm ICS warns that outdated systems create vulnerabilities that cyber criminals actively hunt for.
What changes on Tuesday, 14 October
After Tuesday, 14 October, businesses still running Windows 10 lose four critical protections. Free security updates disappear entirely. New software may refuse to install. And Microsoft technical support ends – no more help desk, no more patches, no more fixes.
"Your computer won't suddenly stop working, but using old software after 14 October could leave your system open to security risks and potential compliance issues," says Tim Goulding, founding director at ICS.
Outdated systems are one of the first things cyber attackers look for. Without regular updates, it becomes easier for attackers to gain access to your data, and even shut your systems down.
Banking websites and accounting software should continue to work initially, though browser issues may emerge over time. The real risk is more insidious: unpatched vulnerabilities that attackers can exploit months or years after they're discovered, with no fixes coming.
When the big names fall
2025 has delivered stark reminders. M&S suffered an estimated £300 million in lost profits after attackers gained access via a third-party contractor. The Co-op predicts a £120 million hit to its full-year profits as a result of its cyber attack. Jaguar Land Rover halted production for over a month, bleeding an estimated £50 million per week.
"Recently in the media, we have seen stories about cyber attacks at Harrods, M&S and even Jaguar Land Rover," Goulding notes. "If large organisations with big budgets can be attacked, smaller businesses are also at risk. Being cyber secure is no longer optional, it is essential."
But smaller Ipswich businesses face a different threat landscape. They're less likely to be specifically targeted, but far more vulnerable when attacks succeed. Government statistics show that over four in ten UK businesses (43%) experienced some form of cyber breach in the last year. For smaller firms, 2018 research suggested average breach clean-up costs around £25,700 – a figure likely higher today.
The myth that leaves businesses exposed
Cybercrime costs the UK economy an estimated £27 billion annually, with data breaches – where company information is held for ransom, leaked, or sold – representing the most significant threat.
Yet one of the biggest obstacles ICS encounters isn't technical. It's psychological: many Ipswich SMEs simply don't believe they're at risk.
"The most common misconception we hear about cyber attacks is that small businesses believe they will not be targeted," says Goulding. "In reality, most cyber attacks are not aimed at specific companies. They are mass produced and designed to reach as many people as possible. For example, a phishing email might be sent to a thousand businesses at once. The attackers are simply hoping that someone clicks the link and takes the bait."
Industry research from 2018 suggested UK small businesses face tens of thousands of attempted attacks daily, with thousands succeeding – one successful breach roughly every 19 seconds. The scale has likely increased since then.
How ICS is helping local firms transition
ICS has already reached out to all its clients about the impending deadline, prioritising practical solutions that keep costs down.
"Wherever possible, we've recommended updating existing software to minimise costs and disruption, rather than upgrading to new hardware," says Goulding. "When that hasn't been an option, we've worked closely with our clients to find the right solution for their needs."
The approach centres on cutting through jargon. "Our aim for all of our clients is to make them feel as though we have taken something off of their plate. We handle all the jargon so you can focus on what you do best."
ICS offers no-obligation consultations to help businesses work out what they're running and what their options look like. Industry estimates suggest a five-person office might budget anywhere from a few hundred pounds for software updates to several thousand for new hardware.
The alternative that Microsoft doesn't shout about
Microsoft does offer one alternative for businesses that can't upgrade immediately: Extended Security Updates. This paid programme provides security patches for up to one year after 14 October, buying time for firms to plan transitions without leaving systems completely exposed.
The consumer ESU programme costs $30 (approximately £24) for the first year – a modest sum that could give businesses breathing room to plan upgrades properly rather than rushing into costly decisions.
What should businesses do?
The sensible approach depends on your circumstances. Businesses handling sensitive data – financial records, health information, legal documents – face greater urgency than those with minimal digital exposure.
Security experts generally recommend that organisations review their systems now and plan transitions before support ends, though views differ on how urgent the Tuesday deadline is. The consensus is that risk increases over time as new vulnerabilities are discovered with no patches coming.
For businesses still uncertain, the calculation comes down to this: what does upgrading cost you now, versus what might not upgrading cost you later?
The bottom line
Today's deadline won't crash your Windows 10 computer. What it will do is stop the security updates that patch newly-discovered vulnerabilities. Whether that's an immediate crisis or a slowly-accumulating risk depends on your business, your data and your sector.
What's certain is that the gap between 'still working' and 'still secure' will widen with every month that passes. On day six, your computer will still boot. But the safety net disappears, and every newly-discovered vulnerability from that point forward becomes a permanent hole in your defences.
