First Cyber Resilience Conference

Mansfeld-Südharz, Germany - November 8, 2025

What worked, what wobbled, and what we will redesign before 2026

The original plan was a cosy workshop: forty people in the glass-walled atrium of the old Buna power station, coffee made from an urn that looked salvaged from a 1950s cruise ship. By the time online registration closed we had four hundred confirmed seats, a waiting list longer than the county council’s Christmas card roster, and a fire officer who insisted we cap occupancy at three hundred. That mismatch became the first lesson: if you offer free admission, breakfast, and a TÜV-certified red-team demo inside a decommissioned chemical plant, word travels faster than any LinkedIn campaign. We spent zero euros on advertising; the event sold itself through the WhatsApp groups of local engineers and the Slack channels of the Mittelstand guilds. The takeaway is not that marketing is obsolete, but that credibility in this region is still transferred person-to-person, and nothing accelerates word-of-mouth like the promise of watching a live ransomware simulation inside a cathedral of steel that once produced synthetic rubber for half of Europe.

Budget discipline was the second revelation. Total cash outflow was 47 300 €, of which 28 000 € came from the county’s economic-development reserve and the rest from in-kind sponsorship: a regional bakery supplied brotchen for three days, a craft brewery provided 1 200 litres of pilsner, and the local fibre operator lit up a 10 Gbps temporary drop so delegates could tether without touching the hotel Wi-Fi. The largest single line item was portable toilets—6 400 €—because the heritage-listed site has no sewage connection. We had budgeted 5 000 € for speaker honoraria but every academic accepted travel-cost-only, and the two industry keynotes waived fees in exchange for exhibition space. The net cost per delegate worked out at 118 €, roughly one tenth of the cheapest commercial cyber summit in Germany this year. The lesson is not that money is irrelevant; it is that rural venues trade social capital for financial capital, and if you design the event to amplify local pride, the community will fund it through means that never appear on a spreadsheet.

Content architecture was the third learning curve. We scheduled 38 sessions across 48 hours, a density that felt reasonable on paper but violated the physics of corridor chatter. On day one the red-team demo ran fifteen minutes long, which cascaded into a delayed coffee break, which compressed the panel on OT security, which in turn forced the county mayor to wait outside because the previous speaker refused to yield the microphone. By lunchtime we had lost 35 minutes and the networking zone was half-empty because delegates were still queuing for coffee. That evening we deleted six presentations, merged two panels, and instituted a hard stop rule: every microphone is muted after 20 minutes, no exceptions. Day two felt calmer, conversations lingered, and the feedback forms show satisfaction jumping from 3.8 to 4.6 on a five-point scale. The insight is that rural audiences value breathing space more than celebrity speakers; they come to meet peers they see only at funerals and football matches, and if the agenda denies them that oxygen, the best technical content will still feel like a chore.

Stakeholder balance produced the fourth lesson. We had invited the usual alphabet soup—BSI, BfDI, chambers of commerce—but overlooked the Gewerkschaft, the church council and the volunteer fire brigade. The absence became visible when a question about 24/7 SOC staffing turned into a whispered debate on shift-work burnout among chemical-plant operators. We hastily added a sunrise round-table titled “Human Resilience” moderated by the local union head; 120 people showed up at 07:30, and the discussion generated three concrete commitments: a joint apprenticeship programme, a rotating on-call roster that respects German working-time rules, and a mental-health hotline funded by the Alliance. The takeaway is that cyber resilience is inseparable from labour resilience; if the conference does not seat the worker representative next to the CISO, the resulting plan will be technically elegant and socially brittle.

"A rural conference succeeds when the hallway track becomes the main track and the coffee break outlives the keynote."

The fifth and most humbling insight came from the survey question: “What was missing?” The top answer—40 % of responses—was “more farmers.” Precision agriculture is the county’s second largest source of GDP after chemicals, yet only two tractor dealerships had received invitations. During the closing plenary a third-generation sugar-beet grower stood up and said, “You guys talk about ransomware on factory lines; I face the same malware when my harvester uploads yield maps to the cloud, but nobody here speaks axle grease.” The room went quiet. We have since created a rural outreach fund that pays the membership fee for any agricultural SME that owns more than ten smart devices, and we booked a 200-metre exhibition stand at the 2026 Agritechnica fair in Hanover. The lesson is universal: every region has an invisible constituency whose livelihood depends on the same stack you are pitching to factory managers; if you forget them, they will remember you—by not showing up.

Financially the event broke even on the second day, thanks to a last-minute decision to livestream the keynotes on YouTube and monetise the chat via a pay-what-you-want donation button that pulled in 8 700 € from remote viewers. That accident taught us the sixth lesson: hybrid participation is not a gimmick; it is a revenue model. Next year we will reserve 20 % of seats for virtual delegates, offer them moderated breakout rooms, and sell sponsorship banners inside the streaming interface, turning the geographic constraint of a heritage site into a scalable digital auditorium.

The final takeaway is about memory. We recorded every session on open-access servers, but we also asked a local historian to interview twenty attendees in a pop-up oral-history booth. Those recordings will be stored in the county archive under Creative Commons, creating a time-capsule of how a rural community talked about digital risk in 2025. The feedback tells us that delegates felt heard not because they were quoted on stage, but because their voices will outlive the coffee stains on the lanyard. That is the template we will carry into 2026: a conference that measures success not by headcount but by how many stories can be replayed in five years’ time and still sound prescient.

The Cyber Resilience Alliance is a public-private partnership established 2025, led by CypSec, Validato and the County of Mansfeld-Südharz. The Alliance operates a sovereign private-cloud security stack, a shared SOC and an cyber academy, aiming to make Mansfeld-Südharz the reference site for rural cyber resilience by 2030.

Media Contact: Daria Fediay, Chief Executive Officer at CypSec - daria.fediay@cypsec.de.