The governance gap: why more AI adoption means more security incidents
Research from 687 IT and security leaders shows that deeper AI adoption leads to more incidents, making governance a critical cybersecurity priority.
Read More
It’s an industry focused on digital interactions – but cybersecurity still relies on human connection to enable knowledge-sharing and innovation.
Every year, thousands of practitioners, researchers, vendors, CISOs and students travel to conferences around the world. They could learn through webinars, online networking events, and the endless stream of product announcements that flood the internet every day – but they choose to invest time and money in physical events.
So why make the journey?
When we spoke to cybersecurity practitioners at Black Hat MEA 2025, they made it clear that the real value of these events is connection.
As Gary Hayslip (CISO at Halcyon) said:
“You come here and it's education. You're learning about new things that are happening within the community, within the field.”
Information has never been more accessible. Knowledge, however, is something different.
You can absorb a solid explanation of a new attack technique from a technical presentation, or by reading a research paper. But if you want to really understand how another organisation handled a ransomware incident or built a security culture, you need to engage with people.
Which is why cybersecurity conferences have become the industry's largest classrooms. You come to compare experiences and learn from the people who have already solved the problems you’re facing.
Tim Lee (CISO for the City of Los Angeles) described the process like this:
“We share, exchange knowledge. I share my challenge, my pain point; they share their solutions.”
As a cybersecurity professional, you often work in environments where you can't openly discuss incidents, internal processes or strategic decisions. Many of you operate in small teams. Others are responsible for protecting critical infrastructure, government services or global enterprises with unique challenges.
Events like Black Hat MEA create invaluable opportunities to step outside those environments and discover that many of the problems keeping you awake at night are shared by others.
The cybersecurity industry is facing no shortage of complex challenges – and no single organisation has all the answers.
That reality was reflected throughout conversations at Black Hat MEA.
For Yassir Abousselham (CISO at Calendly), the value of the event lies in bringing together professionals from different regions and backgrounds.
“This is the place to be if you want to stay up to date on your knowledge, connect with like-minded professionals and share experiences.”
The word ‘share’ came up again and again in our conversations with speakers. Not ‘sell’, but ‘share’ – which helps explain why in-person events continue to thrive despite the availability of virtual alternatives. Cybersecurity is a profession built on trust, and people are often more willing to discuss what worked and what didn’t when those conversations happen face-to-face rather than through a webinar chat window.
Stefan Baldus (CISO at Hugo Boss) highlighted the importance of bringing together perspectives that might not otherwise meet.
“Those international events which bring together North America, Europe, Middle East, Africa – this is really a great exchange that will help the overall cybersecurity community to be more resilient in the end.”
It’s a timely observation – because more and more, we’re seeing that cybercrime doesn’t respect borders. So defenders need to reach across those borders to connect with each other too.
The ability to learn from practitioners operating in different industries, regions and threat environments gives security leaders a broader perspective than any single organisation can provide on its own.
Jameeka Green Aaron (CISO at Headspace) said:
“When you come to Black Hat, you meet people who can do the job.”
Behind every security framework, AI tool, threat report and keynote presentation are practitioners solving real-world problems every day. Their experiences often provide lessons that can’t be captured in a slide deck or training module.
And that's incredibly important for younger professionals entering the industry. Seeing how experienced practitioners think, communicate and solve problems provides a different kind of education entirely.
Cybersecurity will continue to embrace AI, automation and digital collaboration – as it should.
But Black Hat MEA will continue to remind the global cybersecurity community that some of the most valuable learning still happens the old-fashioned way: through shared experiences and the willingness of practitioners to learn from one another.
Join the newsletter to receive the latest updates in your inbox.
Research from 687 IT and security leaders shows that deeper AI adoption leads to more incidents, making governance a critical cybersecurity priority.
Read More
Modern cybercrime is powered by specialist providers, from Initial Access Brokers to ransomware affiliates. Explore the Crime-as-a-Service ecosystem and its impact on defenders.
Read More
Researchers are tracking new ransomware programmes that rely on a legacy of expertise, and a business model that attracts threat actor talent.
Read More