Related Posts
Today’s #InfosecLunchHour session brought together cyber security professionals from across the UK and Ireland, and although we planned to talk about the latest ChatGPT caricature craze and the bias that it demonstrated, as a result of a few regular attendees being at London Tech Week today and not being able to attend, we ended up exploring a question that is becoming increasingly prominent across the industry: is the cyber security events landscape becoming oversaturated, and if so, what does that mean for community, professional development, and the value of speaking?
The conversation ranged widely, touching on the economics of speaking, the purpose of community events, the geographic distribution of the scene, and the future of national cyber infrastructure.
The Central Question
The session opened with a candid acknowledgement that the volume of cyber security events across the UK has grown substantially in recent years, to the point where many practitioners are questioning their value. Participants noted a feeling of saturation, with some having deliberately reduced the number of events they attend. The recurring concern was not simply the quantity of events but their homogeneity: too many conferences are covering the same themes, often dominated by vendors, and offering little that is genuinely new.
One of the underlying tensions in the discussion was between events that exist to serve the community and those that exist primarily to generate commercial revenue. This distinction, participants felt, is often blurred in ways that are unhelpful for practitioners trying to decide where to invest their limited time.
Community Events versus Commercial Events
A clear consensus emerged that community events serve a fundamentally different purpose from commercially driven conferences, and that this distinction matters enormously. Community events were praised for their role in skills development, talent pipeline building, and enabling genuine peer-to-peer knowledge sharing. The B-Sides model was cited as an example of community-led events that successfully attract those new to the field and create meaningful connections.
Commercial events, by contrast, were characterised as often prioritising revenue generation over knowledge exchange. The tendency towards repetitive content and vendor-heavy programming was a point of frustration for several attendees. One view expressed was that events run for profit should operate by different rules from those run purely to serve the community, including in how they treat and compensate speakers.
A notable point raised was that practitioners working within organisations sometimes face additional constraints when it comes to speaking at events, including requirements to seek internal approval and restrictions on how they discuss their employer publicly. This adds complexity to participation decisions, particularly for those in larger or regulated organisations.
The Question of Speaker Payment
One of the most spirited threads in the discussion concerned whether speakers should be paid, and the broader implications of a culture in which many professionals routinely speak for free. The position articulated by several attendees was that whilst community events can reasonably operate on volunteer contributions of time, events organised for profit should compensate their speakers appropriately.
The argument was made that the prevalence of unpaid speaking across the industry has a distorting effect, undermining the perceived value of expertise and creating a race to the bottom in content quality at commercial events. When speakers with genuine expertise are not compensated, the incentive structure shifts in ways that can damage the quality of professional discourse. As one participant put it, exposure is something people die of, not get paid in.
The distinction between a keynote and a standard session was also raised, with the observation that the term ‘keynote’ is frequently misapplied. A genuine keynote implies a specific position and profile; an event with multiple keynotes dilutes that meaning. Being paid to speak at an event is not simply payment for the duration of a talk, but for one’s presence and contribution across an entire engagement.
Participants shared varied personal approaches. Some noted that community events offer genuine value as a testing ground for new material and as a means of contributing to the profession, making volunteer participation worthwhile. Others acknowledged a tension between maintaining personal integrity around self-promotion and the need to demonstrate commercial value. The suggestion that even covering expenses represents a meaningful acknowledgement of a speaker’s contribution was broadly supported.
Geographic Distribution and Regional Disparities
The conversation highlighted significant geographic inequalities in the distribution of cyber security events across the UK. Participants observed that events are disproportionately weighted towards the North and that London’s scene is predominantly commercial, with limited community-focused provision. Outside these areas, particularly in the Southwest and parts of Wales, practitioners noted that meaningful community events are rare.
Scotland was discussed as a case study in community event evolution. The Cyber Scotland Week programme was noted to have seen a significant decline in events over recent years, with participation having fallen considerably from its peak. The reasons offered included changes in the ecosystem and concerns about the culture of certain events, which led some experienced practitioners to withdraw their participation.
Ireland was highlighted as a geography where community events remain limited, with a small number of notable exceptions. The observation that university-hosted events have declined due to funding pressures was a recurring theme, with several participants recalling periods when student groups had driven particularly active and valuable local communities.
Cyber Hubs, Clusters, and National Infrastructure
A significant portion of the discussion addressed the role of formal cyber infrastructure in shaping the events landscape. The West Midlands Cyber Hub was shared as an example of a community space that has successfully attracted SMEs and built a physical presence for the local cyber ecosystem. However, the honest assessment was that the establishment of the Hub had also contributed to event saturation in the region, with the wider ecosystem responding by creating a significant multiplier effect of additional events.
The practical response being considered was to reduce the cadence of Hub-led events, focus on quality over quantity, and allow the market to reach a natural equilibrium. The intent to pursue specific strategic initiatives, including improving the representation of women and neurodiverse professionals in the sector, was noted as a more targeted way to deploy community resources.
The closure of UKC3, the national cyber cluster support body previously funded by DSIT, was raised as a significant development. This leaves the UK’s cyber cluster network without dedicated national coordination, at a time when the two principal national networks, one police-funded and one previously DSIT-funded, are navigating their futures independently. Participants expressed concern about what this means for the sustainability of the cluster model, particularly for regions that rely on it most heavily.
Scepticism was voiced about whether cluster models have yet demonstrated meaningful value for SMEs. One view offered was that until there is clearer evidence of clusters helping small businesses to grow and succeed, confidence in the model remains limited. A possible future direction suggested was a shift towards more distributed and autonomous approaches to community building, rather than reliance on top-down governance structures.
Events as Talent Pipelines
An important thread concerned the role of community events in attracting new talent into cyber security. Participants noted that community-led events, particularly those hosted at or in partnership with universities, have historically been effective at introducing students to the field and inspiring career choices. The decline of such events, driven by budget pressures on higher education institutions, was therefore seen as a concern for the long-term talent pipeline.
The challenge of balancing the needs of experienced practitioners with the need to welcome and develop those at the start of their careers was acknowledged. Community events serve both purposes but require a deliberate effort to design for inclusivity across career stages. When events become too homogeneous or oriented towards a particular audience, they risk losing their capacity to refresh and diversify the community.
Useful Resources Shared
Participants shared several useful resources during the session. The infosecmap.com website was highlighted as a practical tool for anyone wishing to track cyber security events across the UK and beyond. Several regional B-Sides events were mentioned as examples of well-regarded community conferences, including BSides Wales (bsides.cymru) and BSides Stoke-on-Trent (bsidesot.uk). The HackGlasgow event (hackglasgow.live) was also noted as a Scottish community event worth awareness. The Southwest Cyber Security Cluster was flagged for practitioners in the South West seeking regional community connections.
Conclusions and Ongoing Questions
The discussion concluded without a neat resolution to the saturation question, which perhaps reflects the genuine complexity of the challenge. A marketplace of events is not easily corrected by any single actor; it requires a collective re-evaluation of purpose, quality, and value.
What emerged clearly is that the community’s instinct to gather, share, and support one another remains strong. The question is how to channel that instinct into events that genuinely serve the profession, rather than contributing to a landscape so crowded that practitioners struggle to identify where their time is best spent.
The conversation highlighted the need for:
- A clearer shared understanding of the difference between community and commercial events, and what obligations each carries
- Fairer treatment of speakers at profit-making events, including appropriate compensation for expertise and time
- More deliberate investment in events that serve as talent pipelines, particularly for those entering the profession
- Honest evaluation of whether cyber hub and cluster models are delivering tangible value, particularly for SMEs
- Strategies for improving the geographic spread of quality community events, particularly outside London and the major cities
- Continued focus on diversity and inclusion, including representation of women and neurodiverse professionals, as a specific goal for community-building efforts
As the cyber security profession continues to grow and mature, the events ecosystem will need to evolve with it. The challenge is ensuring that growth in quantity does not come at the expense of quality, and that the community remains a genuinely welcoming and valuable space for practitioners at every stage of their careers.
_______________________________________________________________________________
#InfosecLunchHour takes place on the first Wednesday of every month on Zoom. Founded and hosted by Lisa Ventura MBE FCIIS, it aims to bring together infosec and cyber security professionals to provide a valuable forum for discussions on key topics and trends in the industry. It operates under Chatham House Rules and offers security professionals a space to share experiences, debate approaches, and build the community connections that help navigate an evolving field.
To join in with #InfosecLunchHour please email lisa@csu.org.uk.