The 2023 conference feedback report is here

We had a very successful 10th edition of Swiss Cyber Storm. Shortly after the conference ended, we sent out the feedback forms and received 43 responses, which is 10-15 % return rate, which is in line with previous years. We send more or less the same questions every year, so we get consistent responses and we can identify trends and compare the individual editions. We also included two questions on the catering for the first time.

As usual, we make the feedback transparent to a certain extent. Apparently, we are not publishing the scores that the speakers received. But you will find the mean rating below.

So let’s dive right in:

Overall impression of the Swiss Cyber Storm conference

This is the first question, also meant to break the ice.  It’s a multiple choice question and we stick to the same wording every year. This gives us some baseline of the quality of the event:

54 % (2022: 59 %) – It was a very interesting and cool event, keep it up and I’ll be there next year
39 % (36 %) – It was quite good – I consider attending next year
7 % (5 %) – It was ok but I probably won’t be there again
0 % (0 %) – Bad, I won’t be there again

With visitor numbers being more or less on par with the previous edition, we can see a slightly less bright look of the conference. When we group the top two categories into positive and the other two categories as negative, and then compare with previous years, we get the following:

2023: 93 % positive / 7 % negative
2022: 95 % positive / 5 % negative
2021: 96 % positive / 4 % negative
2020: no conference
2019: 91 % positive / 9 % negative
2018: 91 % positive / 9 % negative
2017: 89 % positive / 11 % negative

So you could read this as going back to pre-Covid levels and thus a more realistic perspective of the event. Or we did slightly less good than in previous years. Maybe a mix of both.

Average speaker rating

We are asking our audience to rate all the speakers individually. We are not sharing that information in public for obvious reasons but we’re open to recommend speakers to other conferences (-> just get in touch). What we also do, though, is to calculate the average or mean speaker rating which gives us a pretty good idea of the quality of the work of the program committee.

The rating goes from 1 – bad to 2 – average to 3 – good to 4 – very good. Our speakers came in at 3.02, which is still good, but less good than the previous editions.

2023: 3.02
2022: 3.19
2021: 3.34 (a fanboy audience with less attendees than usually)
2020: no conference
2019: 3.04
2018: 3.04
2017: 2.96

We had 1-2 speakers that really did not leave much of an impression with the audience and the two remote presentations seemed less interesting than the on-site ones. 

I’m inclined to say our focus theme was about as un-technical as a security conference can possibly be. This made it a bit more difficult to appreciate some of the speakers for their very good content. This is also visible in the free form feedback.

But either way, the average 2023 speaker was rated slightly lower than the one from previous years.

Choice of the focus theme “The Human Factor”

93 % of our audience thought we had picked a good focus theme (“Good choice”) and 5 % did not like it. Another 2 % was not aware there was a focus theme at all.

These numbers are even better than previous years, with the positive feedback as follows:

2023: 93 % (“The Human Factor”)
2022: 92 % (“Digital Identities and How to Secure Them”)
2021: 88 % (“Securing the Supply Chain”)
2020: no conference (but it would have been “E-Health” 🙂
2019: 83 % (“Embracing the Hackers”)
2018: 78 % (“Trust”)
2017: 67 % (“E-Voting”, but not very prominent)

I would argue that almost everybody agrees the human factor is key for IT security. But as discussed with the speakers, it’s more difficult to relate with the speakers, since so much sounds like common sense and things you seem to have heard before somewhere.

Where did you hear about Swiss Cyber Storm                                            

59 % (2022: 58 %) – I’ve attended before
30 % (16 %) – Colleagues
2 % (15 %) – Via communication by a sponsor
2 % ( 3 %) – Via a partner organisation (InsomniHack, SATW, Area41, etc.)
2 % ( 8 %) – Online articles in the media or blogs
2 % ( 0 %) – Social Media
3 % ( 0 %) – Other

We see the regular returning audience and colleagues took the position the sponsors had last year. Partnerships and social media does not play a big role for selling tickets. In fact we did an experiment with LinkedIn ads the first time this year. With almost no effect. We’ll continue to discuss this internally, but advertising for a security conference is very hard in Switzerland.

Did you like the Raffle?

The raffle is a way to get the audience engaged with the sponsors. A detailed explanation is here.

54 % – Yes, that was fun
43 % – Neutral
2 % – What raffle?

This is very good feedback for the raffle. It’s been more negative in the past, so I think we found a decent balance between making it known it exists and getting on everybody’s nerves with a prominent position for the raffle.

Was there enough food & beverages served?

We asked this question for the first time. The responses vary, but not as wild as we feared. The difficulty is to make enough food and drinks available at the right moment and in a way everybody has access to them. In a hall crowded with hundreds of people it may easily look like there was not enough food when it’s in fact just on the other side of the hall. I think the numbers mean we did ok (with quite a few desserts being left behind in the evening).

14 % – Way too much
80 % – Enough for everyone
4 % – Barely enough
2 % – Way too little

How was the selection and quality of the food & beverages?

Another new question, and again one with favorable responses:

 2 % – Bad
11 % – Okay
27 % – Good
59 % – Great

After yearlong problems with the catering, things ran smoothly in 2022 for the first time and I get the impression the kitchen was equally successful this year. I think this noteworthy, also since we had a vegan option that was displayed on par with the meat dish at lunch.

Speaker proposals

We’re going fully circle with previous keynote speaker Troy Hunt being proposed as future speaker. Brian Krebs was mentioned the way he usually is and a first vote for Meredith Whittaker from Signal: Great choice, she’s on our wishlist.  Also two nominations for Lisa Forte. Duely noted.

Freeform Feedback

The freeform feedback always adds color and perspective to the numbers presented above. We had people being very thankful for the vegan and vegetarian options with the food and other people complain bitterly about the lack of these options.  (As explained above, it’s very much a question of making the right food available to everyone at the right moment.) And also thank you for the positive feedback for the wine: Much appreciated, the anniversary champagne and wine were selected in a diligent process and we see this paid off.

Several people note they were tired by the repeated tech problems with the live demos. That feedback is warranted. We have never done much live hacking at SCS and when several speakers approached us with their plan, we did not anticipate the problems enough. Critical feedback accepted.

A noteworthy response was that the venue did not provide a cyber security atmosphere, unlike CCC for example. If you think a security conference needs to be dark and red and hackerish, then I fear we are not on the same page on how good security looks. After listening to our Human Factor speakers
this is even more true.

Summary

We had a very successful conference. We are happy most of our audience plans to return in 2024 and when the feedback forms were extremely positive in 2021 and 2022, it all feels more realistic again. Thank you for bringing us down to earth again. SCS audience is the best!