We recently joined co‑operative leaders from across the UK in sunny Glasgow for the Co‑op Retail Conference, an event that continues to be one of the most important gatherings for the movement. But for us at Longwall Security, one moment stood out above all others: our Managing Director, Mat Cornish, taking the stage at the Gala Dinner to deliver a message that resonated deeply with the room.

His speech wasn’t about technology. It wasn’t about tools, dashboards, or jargon. It was about something far more fundamental: the shared trust that binds the co‑operative movement together, and the shared responsibility to protect it.

“When one society is hit, the whole movement feels it.”

Mat opened with a powerful acknowledgement: some of the people in the room had lived through the kind of cyber incident that keeps every board awake at night. Not in theory. Not in tabletop exercises. In real life.

And that experience reveals a truth the sector can’t ignore:

A cyber attack on one society is a risk to all. Because the brand is shared. The values are shared. And the public trust behind them is shared too.

This idea framed the rest of the evening, a reminder that cyber resilience is no longer an isolated organisational concern. It’s a collective one.

The threat has changed, and so must the response.

Mat highlighted the reality facing co‑operative retailers today:

• Attackers don’t care which society they hit, they care about disruption and leverage.
• Highly connected environments mean a breach in one area can ripple across many.
• Public trust is fragile, and a single incident can impact the entire movement.
• Boards can no longer delegate cyber risk, regulators and the public expect visible oversight.

Cyber resilience is no longer optional. It’s a leadership issue.

A movement built for collaboration

One of the strongest themes in Mat’s speech was the unique strength of the co‑operative model itself.

Co‑ops are independent organisations, but they share a brand, a set of values, and a reputation built over generations. That shared identity means shared risk… and shared responsibility.

Mat drew a parallel with the NHS, where thousands of independent trusts operate under one identity. Their guiding principle is simple: Defend as one.

It’s a mindset the co‑operative movement is perfectly positioned to adopt, and one that will define the next chapter of cyber resilience.

The reality of incidence response

Mat spoke candidly about what really happens during a cyber incident, the 2am calls, the pressure on boards, and the gap between what organisations think they have in place and what actually works.

His message was clear:

• Plans must be real, tested, and rehearsed.
• The first hour matters more than anything.
• Attackers often exploit people, not systems.
• Calm execution beats complexity every time.

In a crisis, clarity and preparation matter more than any tool.

The Co-operative Cyber Alliance

This is exactly why Longwall launched the Co-operative Cyber Alliance, a space for CIOs, CISOs, and risk leaders across societies to share intelligence, suppliers, lessons learned, and practical support.

Not as isolated organisations, but as a movement protecting a shared reputation.

The impact so far has been significant:
greater openness, faster awareness of threats, and a stronger collective understanding of risk.

And this is only the beginning.

What good looks like

Mat closed with a simple framework for what “good” cyber resilience looks like:

• Clarity: a clear view of what matters most at board level.
• Control: fewer surprises, stronger supply chain governance, and tested response plans.
• Credibility: confidence with regulators, members, and the public.

Because cyber resilience isn’t just about protecting individual organisations. It’s about protecting the Co‑operative brand as a whole.

A lighter moment

In true Gala Dinner spirit, the evening also included a LEGO raffle, a playful nod to the idea that cyber resilience is about putting the right building blocks together in the right way. All proceeds went to Childnet, a charity doing vital work to help children stay safe online.

Looking ahead

As Mat reminded the room, the regulatory landscape is shifting quickly. Government departments like DEFRA are already moving toward compulsory cyber assessments for retailers, and more regulators will follow.

The days of “security theatre” are over. What matters now is simple: Does it work when it counts?

The co‑operative movement has something powerful at its core, a natural instinct to work together. Applied to cyber resilience, that instinct becomes a strategic advantage.

At Longwall Security, we’re proud to support that journey, helping societies build clarity, control, and credibility in a world where cyber threats don’t respect boundaries.

To learn more, schedule a free 30-minute consultation with one of our cyber security experts.