In this post we are going to tell you ‘must attend’ cyber security conferences and events that take place in the United States each year.
This post is a ‘work-in-progress’; i.e. meaning that we will be add events to this page over the coming months and years – so don’t be fooled by the original published date of this post! If you are interested in learning about Cyber Security Events that take place throughout the United States.
This is not a list of ‘upcoming events’, rather, this is a list of regular (typically annual) InfoSec events that take place throughout the US. We select these Conferences on two criteria: firstly, is the conference reputable?; does it attract professional Cyber Professionals? And, secondly, does the conference take place on a regular basis? If the answer to these two questions is ‘yes’ then it is very likely that we will add the event to this page.
Of course! Please do! All you need to do is submit a form by visiting our main conference directory listing page here. We will happily add your event to all our resources including our weekly email that goes out to thousands of cyber security professionals.
Join our newsletter and receive ticket discounts, Call For Papers, news and much more!
Unsubscribe anytime | 50K Cyber Pro Community Strong!
Black Hat, along with DEF CON (also in this list) are, in our opinion, the two best known cyber security conferences that are in existence, particularly because of their longevity in the industry and their legacy. In fact, it’s pretty unlikely that you haven’t heard of these conferences if you’ve been working in cyber for any decent amount of time.
In the US, you can think of “Black Hat” as being one of the most prestigious conferences within the IT security world. “Black Hat” is a huge brand within the industry and its’ name can be associated with pioneering research within the cyber security space. As well as the private sector, agencies and hackers, “Black Hat” is an industry premier for government agencies too with their “briefings” (a sub-set of talks) considered as playing a pivotal part in the formation of future US government cyber security policies and arguably contributes to the overall US National Cybersecurity Initiative.
Jeff Moss founded both Black Hat and DEF CON. DEF CON (two words) is basically a rite of passage. If you are a hacker (and you’d be best to define that whichever way you wish) then DEF CON is an initiation into the cyber security world. What’s the difference between Black Hat and DEF CON? Well, think of DEF CON like a “hacker-con” in the traditional sense, and think of Black Hat like a commercial vendor-related event. DEF CON attracts a type of person that would only buy stuff with Bit Coin and is pretty good and breaking into anything.
DEF CON can be considered as one of the biggest hacking meet-ups in the world, and like Black Hat, also takes place in Las Vegas.
DEF CON has been bringing together n00bs/ expert hackers and other interested parties together since 1993 and the conference always attracts some of the industry’s most advanced thinkers that exhibit their achievements in cracking and being able to connect all different types of computer systems. The net result and major benefit of DEF CON is that it always explains how computer security breaches occurred and how they can be avoided.
Going to DEF CON is a ‘must’ if you’re a pentester or if you’re involved with practical ‘hands-on’ hacking. Network and system administrators are also professions that would benefit from attending as would anyone with an interest in breaking and fixing computer systems DEF CON always has a bunch of awesome activities such as the now infamous DEF CON CTF events.
DEF CON has been a part of the hacker community for over two decades and as mentioned above, it really is woven into the underlying “fiber” (optics) of cyber security. With its’ active community which gives help to organizations and government agencies in researching and coping with cyber threats, you’d be foolish not to try and attend this event.
The convenience of being connected in a digital world, has, as well all know, come with some real world threats – the cyber threats. RSA, like all the other cyber security conferences mentioned throughout our blog, is about coping with those cyber threats, which are being faced by leading businesses, organizations and agencies.
The RSA is a popular name not only in the USA but also all around the world. It’s known for being one the largest information security summit that takes place annually. Last year, the RSA conferences attracted more than 30,000 people, however, the RSA say that their real value is not in the numbers, but in the strong efforts they are putting into research. The efforts for preventing network attacks and removing the footprint of hackers from systems are the real values of the RSA event.
If you’re a vendor selling cyber security related products then RSA is the event to attend. Period.
OWASP is a hugely influential organization within the remit of cyber security. It would be surprising if you have worked in security for a while and have never heard of OWASP (Open Web Application Security Project) which is an online community dedicated to web application security. If any aspect of your career spans or is involved with online web apps then you’ll have to immerse yourself with everything that OWASP has to offer. We interviewed Michael Coates a while back and we regularly post updates on OWASP, not least with regards to their Top Ten OWASP threats.
The OWASP Annual AppSecUSA Security Conference is the world’s premier application security (app sec) conference for developers and security experts. Past speakers include Alex Stamos Facebook’s CSO, Phyllis Schneck DHS’s Chief Cybersecurity Official, Twitter’s TISO and Microsoft’s MVP for Developer Security. The organization has a very vibrant community that also release and update a bunch of security hacking tools and labs.
ISACA serves 140,000 IT security professionals in 180 countries. The organization, in their own words: “engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems”. If you aren’t a member of ISACA then why aren’t you? You can learn more about become a member here.
ISACA recently launched their “Cybersecurity Nexus (CSX)” program which is a learning framework aimed at cyber security professionals to “empower them to elevate their work, take control of their career paths and earn their place among the best.” The Nexus CSX program also includes an annual conference which is a superb event for networking for skilled computer security workers. The conference is a great source of developing and knowing cyber security solutions.
There are literally hundreds of cyber security conferences in the US. We’ve tried to establish that ‘5 must-go-to’ cyber events of the year but please feel free to chime in with a meeting or conference that you feel ought to be in this top ten. If you’ve attended any of these events we’d love to hear from you, please drop a comment below.