When systems fail, command decides the outcome.

CYBERUK 2026 — Glasgow, 21–23 April. Mattermost is running a live test of incident coordination for senior security leaders. Unscheduled time at CYBERUK fills fast. The conversations worth having start before you arrive.

Secure a Meeting Before CYBERUK
Why Book Before the Event

CYBERUK runs for three days. The time that matters is booked in advance.

Unscheduled conversations at CYBERUK are brief, interrupted, and rarely reach the substance that matters. Pre-booked meetings have an agenda, the right people, and 30 minutes of protected time.

The tabletop exercise on Thursday 23 April has limited capacity. Seats go to those who arrive early. Book time with us before the event and we will walk you through what to expect.

CYBERUK attracts 3,000+ senior security leaders. The organisations you want to benchmark against will be in the room. The conversation you need to have will not happen by accident.

Walk in with an incident response plan. Find out if it holds.

One of six interactive workshops at CYBERUK 2026. The only one designed to test whether your incident response plan would survive contact with a real breach.

  • Session: When Communication Fails: Tabletop Exercise on Out-Of-Band Communication
  • Date: Thursday 23 April 2026 · 11:00–11:50 AM
  • Location: Carron 1 & 2, SEC Glasgow
  • Seats: 88 people max capacity. Arrive early.

You are the crisis management team.

Your identity provider has been compromised. Normal tools are untrusted. You must maintain operational command — with incomplete information, no safety net, and the clock running.

Using live polling, the room works through each decision in real time. The gaps it surfaces — unclear authority, untested fallback tools, coordination that depends on individuals rather than structure — are the same ones seen in post-incident reviews from real breaches.

You leave with a clear, practical view of where your incident response plan holds and where it would not survive.

Richard Preece

Richard Preece | Chief Training Officer, OSP Cyber Academy

Leads crisis scenarios; military resilience expert with UK and CNI experience.

Chris Square

Chris Fowler | Account Executive EMEA, Mattermost

Facilitates the live incident command environment.

James Square

James Mullins | VP, EMEA & APAC Sales | Mattermost

Injects live scenario updates. Operates the technical exercise backend.

The Resilience Bill is changing the accountability question.

The UK Cyber Security and Resilience Bill, expected to receive Royal Assent in 2026, requires organisations to demonstrate coordinated command throughout an incident — not just recovery after it. That means audit trails, decision lineage, and evidence of control from the moment an incident is declared. The organisations that will meet that bar are the ones already testing their command structure under pressure.

“In those first 60 minutes, leadership is still debating which messaging group to use, or which document to go to for the incident plan. The structure has to exist before the incident — not during it.” 

— James Mullins, VP EMEA & APAC Sales, Mattermost 

Meet the Team

James Mullins

VP, EMEA & APAC Sales
LinkedIn »

Chris Fowler

Account Executive EMEA
LinkedIn »

Neill Collie

Technical Account Manager
LinkedIn »

Leigh Dow

Chief Marketing Officer
LinkedIn »

Charlotte Brown

Director, EMEA & APAC Marketing
LinkedIn »

Resilience Isn’t Recovery

CYBERUK 2026 is putting operational command — not just recovery capability — at the centre of the UK’s cyber resilience agenda. Most organisations aren’t ready for the distinction. 

Read the Blog