Related Posts
A Breath of Fresh Sea Air for the Cyber Security Industry
By Lisa Ventura MBE FCIIS
What a brilliant day I had on Friday 3 October 2025 at the Grand Pier in Weston-super-Mare! When I first heard about CSIDES back in May, the UK’s first coastal cyber security conference earlier this year, I knew it was going to be something special. I planned to go and spend not just the day of the conference in Weston-Super-Mare but the weekend too, get some sea air, catch up with some amazing cyber professionals and learn some new things. But then my circumstances meant I wouldn’t be able to go after all, and I was beyond gutted.
Fast forward to a couple of weeks ago, and those circumstances changed, meaning I would be able to go after all, as well as go to the National Cyber Awards and the International Cyber Expo. Then it occurred to me that I’d be able to make CSIDES as well, and I was amazed to find there were still a handful of tickets available.
Originally, I was going to travel there on the train and stay for the weekend, but it turned out there were rail engineering works on my route. So, I decided to go there and back in one day, but when I was talking to my friend Simon about CSIDES, he loved the sound of it and said he would like to go, so I managed to get him a ticket too and he drove us to Weston-super-Mare.
Lisa Ventura MBE with Simon Rodway at CSIDES Weston-super-Mare
For too long, our industry has been centred around London and the big cities, leaving coastal communities feeling left behind. CSIDES has changed that narrative completely. Organised by the wonderful team at Defend Together CIC Hazel McPherson and Jess Matthews, this wasn’t just another cyber conference. It was a statement: cyber security belongs to everyone, everywhere.
Why CSIDES Matters
Standing on the iconic Great Pier, looking out at the Bristol Channel, I couldn’t help but feel emotional about what this event represented. Coastal towns like Weston-super-Mare have historically been underinvested in when it comes to tech and cyber opportunities. But here we were, bringing world-class cyber security expertise directly to the community with accessible pricing, inclusive content, and a genuine commitment to making cyber security understandable for everyone from school children to small business owners to career changers.
This is exactly what our industry needs more of. Not another exclusive, expensive conference in a fancy London hotel but a grassroots community-driven event that puts people first.
Gary Hibberd: What Star Wars Can Teach Us About Cyber Security
Gary Hibberd’s talk was an absolute masterclass in making cyber security engaging and accessible. Using Star Wars to explain security concepts? Genius! And as someone who loves sci-fi, I was hooked and couldn’t help but recite some of the franchise’s most famous lines.
Gary brilliantly demonstrated how the Empire’s spectacular security failures from the Death Star’s exhaust port vulnerability to their complete lack of access controls mirror the real-world security mistakes organisations make every single day. Social engineering? The Jedi mind tricks showed us exactly how attackers manipulate us into compliance. Insider threats? Darth Vader’s betrayal was the ultimate case study.
What I loved most was how Gary made these concepts stick. People will remember the Death Star when they’re thinking about single points of failure. They’ll remember “these aren’t the droids you’re looking for” when they encounter phishing attempts. That’s the power of good security awareness training, you need to make it memorable, relatable, and dare I say it, fun!
Holly Foxcroft: The C Word – Culture as a Vulnerability
Holly Foxcroft delivered one of the most important talks of the day, and I’m so pleased this topic was given the platform it deserves. Holly, who is a leading voice on neurodiversity in cyber (and someone whose work I deeply admire), tackled how cyber security culture can become our biggest vulnerability.
She didn’t pull any punches. Too many organisations treat security as a tick-box exercise, a compliance burden, or something that’s “IT’s problem”. This creates a culture where people feel disconnected from security, where reporting incidents feels like admitting failure, where asking questions is seen as a sign of weakness.
Holly’s insights on neurodiversity in cyber were particularly powerful. Our industry needs neurodiverse minds – they often spot patterns others miss and think creatively about problems. But if our culture doesn’t support them, if our security awareness training isn’t accessible, if our incident response processes assume everyone communicates in the same way, we’re not just failing people – we’re weakening our security posture.
Culture isn’t soft. Culture is security. Holly made that crystal clear, and every CISO in the country needs to hear this message. My only gripe is that Holly ran out of time and had to cut her talk short, but I’m looking forward to getting hold of the presentation deck. It was so relevant to the work I’m currently doing for a global utilities organisation who supplies gas and electric to business customers, not consumer ones (I can’t say the exact name here).
Nikki Webb: Shame as a Service – How Sextortion Is Breaking People, Not Systems
This was the hardest talk to sit through, but definitely the most necessary one. Nikki Webb’s presentation on sextortion was raw, honest, and absolutely vital.
As someone who cares deeply about the wellbeing of individuals affected by cybercrime, I was grateful that Nikki approached this topic with such sensitivity whilst still conveying the urgency of the threat. Sextortion isn’t just a technical problem, it’s a deeply human one that preys on shame, fear, and vulnerability.
What struck me most was Nikki’s emphasis on how victims are people, not systems. Our industry talks about “threat actors” and “attack vectors”, but behind every sextortion case is a real person in genuine distress. The talk came with a trigger warning as it covered that some have taken their own lives from the shame, guilt and embarrassment of being caught up in sextortion, thinking there is no way out. The psychological impact is devastating, and too often, victims suffer in silence because of the shame attached to these crimes. It is a talk that everyone should listen to.
Nikki challenged us all to think about how we support victims, how we communicate about these threats without victim-blaming, and how we can create spaces where people feel safe to report what’s happened to them. Cyber security has to be about protecting people, not just systems. This talk was a powerful reminder of that fundamental truth.
Scott Eggins: What Is Cyber Threat Intelligence (CTI) and Why You Need to Know About It
It was standing room only for this talk and Scott Eggins did an excellent job of demystifying cyber threat intelligence for an audience that ranged from complete beginners to seasoned professionals. CTI can sound incredibly intimidating and “enterprise-only”, but Scott broke it down brilliantly.
He explained how threat intelligence isn’t just for organisations with massive security budgets, even small businesses can benefit from understanding who might target them, why, and how. By knowing the threat landscape relevant to your sector and location, you can make much smarter decisions about where to invest your limited security resources.
What I particularly appreciated was Scott’s emphasis on community intelligence sharing. We’re stronger together, and when organisations share threat information responsibly, everyone benefits. This collaborative approach is exactly what CSIDES – and our industry as a whole – should be championing.
Joseph Ross: Shadow Artificial Intelligence (AI): Impact on Organisational Resilience
Joseph Ross delivered a timely and essential talk on one of the most pressing yet overlooked cyber security challenges facing modern businesses: Shadow AI. Drawing on his extensive credentials as a Chartered Fellow of the BCS and Chief Technology and Finance Officer of the Cyber Resilience Centre for the Southwest, Ross effectively highlighted how the ubiquity of AI tools from ChatGPT to Grammarly and built-in email summarisers has created a blind spot for organisations. His central question, “do you know all the AI platforms in use at your place of work?”, struck at the heart of the matter, exposing how easily unsanctioned AI usage can proliferate without IT oversight, creating significant vulnerabilities in data security, compliance, and operational resilience.
What made this presentation particularly valuable was Ross’s ability to translate complex technical and governance challenges into practical guidance accessible to SMEs and non-technical audiences. His background spanning both academic research (including a PhD in Digital Transformation and AI with the Royal Navy) and hands-on experience in law enforcement cybersecurity lent real-world credibility to his warnings. Rather than simply fearmongering about Shadow AI risks, Ross emphasised the balance between harnessing AI’s productivity benefits and maintaining robust governance frameworks, a message perfectly aligned with CSIDES’ mission to build cyber resilience in underserved communities. It gave me food for thought and I’ll be raising whether we need to conduct an AI Data Protection Impact Assessment at the global utilities organisation I’m currently doing some security training and awareness work at.
Cyber’s Got Talent: A Celebration of Community
And then came the entertainment! Cyber’s Got Talent, hosted by the amazing and lovely Jemma Davies from Culture Gem was such a wonderful, unexpected addition to the conference. Who knew we had so much creative talent in our industry?
I was incredibly nervous about performing my poem, “The Cyber Security Blues”, in front of everyone and the judges which I wrote the day before CSIDES especially for the occasion. Poetry is so personal, and putting yourself out there is scary. But the atmosphere was so supportive and encouraging. I poured my heart into those verses about password fatigue, phishing fears, and the constant battle to stay secure in an increasingly digital world.
Coming joint fourth with James Bore’s stand-up comedy routine? I’ll absolutely take that! James was hilarious, his dry wit and clever observations about our industry had everyone in stitches. Sharing that placement with someone as talented as James felt like winning. Holly Foxcoft was one of the judges, and her feedback to James was that she found it very funny and it held her attention all the way through. This is no mean feat because as she is autistic like me, she struggles to understand comedy and humour at times which I can absolutely relate to. James said he might relaunch his stand-up comedy routine as “Comedy for autistic people.”
But honestly, everyone who participated was brave and brilliant. Cyber’s Got Talent showcased something we don’t talk about enough: our industry is full of creative, multi-talented, fascinating people. We’re not just techies and analysts. We’re dancers, poets, comedians, musicians, and artists. Events like this remind us that we’re a community of humans first.
As much as I would have loved to have stayed for Cyber House Party’s after party, sadly my friend Simon and I hit the overload “wall” by the end of Cyber’s Got Talent. So, we decided to start making our way home, especially as Storm Amy was due to hit the UK. It was a good decision because we drove back on the M5 through very heavy rain and strong winds, but Simon was a driving pro and got us back safely despite the awful weather. I arrived home to #HubbyRuss and my Poppy at 8.45am, absolutely shattered, but with my heart full and my happy batteries well and truly topped up.
My Highlights of the First Ever CSIDES Event
There were so many stand out moments for me, but here are some of the best ones:
- Spending time and catching up with a myriad of people from the industry who I hadn’t seen for ages including Hazel McPherson, Jemma Davies, Manoj Bhatt, Holly Foxcroft, James Bore, Gary Hibbert, Dan Raywood, Nikki Webb, Natasha Harley, Scott Winchester, Matt Treadwell, Jess Matthews and SO many more amazing people, far too many to mention here.
- Cyber’s Got Talent – an inspired idea which was so much fun! My little trophy from the event has pride of place with my others on the shelves in my office.
- Having fish and chips for lunch on the Grand Pier with my friend Simon despite the awful weather. A chippy lunch or tea on Fridays is the law (according to the comedian Peter Kay).
- Ice cream which was given out in the afternoon break and getting my copy of “Access Denied” by Jemma Davies signed by her.
- The knowledge and learnings I took away from all the talks I heard. On Monday morning I will definitely raise whether we need to conduct an AI Data Protection Impact Assessment at work.
- The goody bags, stickers swag and name badges were some of the best I have ever seen at a conference. Included in the goody bags was a stick of Weston-super-Mare rock and a pen, and while I won’t eat the rock as I don’t want to lose any of my teeth, it was such a lovely touch. But I will use the Weston-super-Mare pen!
Final Thoughts: The Future Is Coastal
CSIDES was more than a conference. It was a movement, a statement, and a promise to coastal communities that they haven’t been forgotten.
The energy throughout the day was incredible. There was genuine curiosity, enthusiastic networking, and that sense of being part of something special. From students learning about cyber careers to local business owners getting practical security advice to career changers discovering new possibilities, CSIDES served its community beautifully.
This is what inclusive cyber security looks like. This is what happens when we take world-class expertise out of the usual venues and bring it directly to the people who need it most.
My heartfelt congratulations to the entire CSIDES team, and especially to Hazel McPherson and Jess Matthews at Defend Together CIC. You’ve set a brilliant example for the industry, and I sincerely hope this becomes an annual event that other coastal communities can replicate. It only remains for me to say to you both:
Bravo bravissimo
Bravo bravissimo
Bravo bravissimo
Jolly well done!
To everyone who attended, spoke, volunteered, or simply spread the word – thank you. You’ve proven that innovation, opportunity, and resilience can absolutely thrive beyond the usual urban centres.
Same time next year, CSIDES Weston-super-Mare? I’ll be there with bells on!