On Thursday 27 November we were back at Barnham Broom Hotel for our annual cyber security conference.
This years conference continued to build on how AI is changing the cyber security landscape, and why the essentials of security are still key to fighting back.
We were joined by three expert speakers: Sasha Roshan, Sales Engineer at Huntress; Mostyn Thomas, Senior Director of Security, Pax8 EMEA; and Jake Moore, Global Cybersecurity Advisor at ESET.
The morning begun with an introduction from our Co-CEO, John Gostling. John highlighted some high profile attacks this year, including breaches at JLR, M&S, Heathrow Airport, Co-Op and Harrods. These attacks were later references by Mostyn, showing those behind the attacks and how they are regular people who live and walk among us.
A key point John made in his opening was that around the shame businesses and individuals feel when they are breached. “One thing I personally feel is lost on society is the shame. There is shame around being hacked. If you’ve lost money, been hacked, experienced ransomware, had compromised accounts or experienced downtime & or business loss…..then you are a victim of crime. This is not shameful, and you did not ask for this to happen.”
Sasha Roshan took to the floor following John. Sasha spoke about the importance of fully managed security. This includes protecting your endpoints through endpoint detection and response, securing your identities through detection of unwanted access, training your employees, and enhancing your compliance with a managed SIEM.
Next up was Mostyn Thomas. Mostyn spoke on the explosion of credential theft. “Over half of incidents now involve valid credentials, often stolen through phishing or malware. In the first half of this year alone, 1.8 billion credentials were compromised—a 160% increase from last year.”
His advice was enabling multi-factor authentication everywhere, enforcing strong password policies, and monitoring for compromised accounts.
A resource Mostyn highlighted for SMEs was the National Cyber Security Centre. Their website is full of guidance and resources. Visit the site.
You can view Sasha and Mostyn’s slides further down.
Last, but certainly not least, Jake Moore was up as our keynote speaker. Jake spoke about the rise of cloning, sharing stories of his previous (authorised) escapades, including a SIM swap attack, voice cloning, deep fake LinkedIn posts and CCTV feeds, and the cloning of banks cards and gym memberships.
Whilst entertaining, these stories are a reminder of the importance of verification, especially when requests involve access, information, or money. Nowadays, zero trust is a strategy that must be adopted to keep your business safe.
One other tip we felt should be shared from Jake was training your staff from day one, or before if possible. Many attacks, such as phishing, deep fakes, or voice cloning, are exploiting new employees who want to impress management or business owners early in starting. If you aren’t doing this already, now is the time to start.
Thank you to all our speakers, sponsors, exhibitors, attendees, and the Breakwater team. We’ll see you in 2026.
Event Sponsors
The Norfolk Cyber Conference would not be possible without the support of our incredible sponsors:
Archive-Vault is an ISO-accredited, independent, family-run records management company based in Norfolk.
Since 2006, we’ve been a trusted partner for businesses across East Anglia and nationwide, delivering secure, reliable document storage and scanning solutions. We take security seriously — our services are designed to help your business stay data compliant, protected, and efficient. From legal and medical to education, insolvency, and property sectors, organisations rely on us to safeguard their most critical information.
Whether you need to streamline your document management, ensure compliance, or simply free up space, we’re here to help — get in touch to find out how we can support your business.
We provide impactful recruitment, finding exceptional talent for our client’s businesses.
Delivering quality and knowledgeable solutions, our relationship-led approach empowers our reputation as a leading recruitment specialist in our region. Led by a passion to continually improve quality, we build trusted relationships with businesses and nurture career-long relationships with candidates.
Dropsuite, a NinjaOne company, is an award-winning cloud software platform enabling businesses and organizations globally to easily backup, recover and protect their important business information. Dropsuite’s commitment to advanced, secure, and scalable cloud technologies keeps them at the forefront of the industry and makes them the preferred choice of leading IT Administrators and Managed Service Providers globally.
Huntress provides managed security services that protect your business from cyber threats. They use automation and human monitoring to detect suspicious activity patterns on your accounts.
Their purpose-built solutions platform includes managed EDR, managed ITDR, security awareness training and managed SIEM.
Event Exhibitors
In addition to our sponsors, the following businesses are joining us as exhibitors at the conference:
From AI to Leadership: Tailored Learning Across Multiple Sectors
Whether you’re just starting your AI journey, bolstering cyber security defences, make sure you enable great customer experiences, elevating hotel hospitality, empowering frontline workers, navigating finance complexities, or cultivating leadership, our elearning courses span a vast array of industries.
Need something different? Our custom content is designed and developed to meet the unique challenges and opportunities of your sector.
The Norfolk Cyber Conference hosted by Breakwater IT was an excellent event. The keynote speakers were fantastic, offering insightful and thought-provoking presentations about various different subjects from security, to legal compliance to the emotional effect of Cybercrime. Their expertise and engaging delivery made the conference both informative and enjoyable. I highly recommend attending this event to anyone interested in the latest trends and developments in cybersecurity.- 2024 Attendee
