Conferences and events

Although numerous cyber security events are held every month around the world, this guide is referencing, in alphabetical order, what we see as being the industry’s most popular events. Many of the events listed are free to attend and can be useful places for networking as well as professional development.

AISA National Conference (Australia) – is organised by the Australian Information Security Association (AISA), a not-for-profit organization formed in 1999 to advance the cyber-security and safety of all sectors of Australian life; public, corporate, and government.

They have a vision of a world where all people, businesses and governments are educated about the risks and dangers of cyber-attack and data theft, and to enable them to take all reasonable precautions to protect themselves against it. They hold an annual conference, which is in its 9th years and attracts about 1,000 attendees.

AUSCERT Conference (Australia)is the largest and oldest information security conference in Australia. Each year, we attract in the vicinity of 1000 participants and approximately 60 sponsors. The conference is held on Australia’s beautiful Gold Coast where the weather is fine and warm, even in winter. The conference is a great opportunity to discuss IT security issues, network with industry peers, see the latest in IT security products and services, and enjoy 5-star accommodation, good food, wine and entertainment, and good company.

AusCERT is the premier Computer Emergency Response Team for Australia and provides computer information security advice to the Australian public, its members, including the higher education sector. We are a single point of contact for dealing with computer security incidents affecting or involving Australian networks.

Black Hat (USA, Europe, Asia) – is the most technical and relevant global information security event series in the world. For more than 16 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and Trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.

From its inception in 1997, Black Hat has grown from a single annual conference in Las Vegas to the most respected information security event series internationally. Today, the Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, providing a premier venue for elite security researchers and trainers to find their audience.

The Black Hat Briefings – were created more than 16 years ago to provide security professionals a place to learn the very latest in information security risks, research and trends. Each year, internationally leading security researchers take the stage to share their latest work and exploits in a friendly, vendor-neutral environment. Vulnerabilities are often exposed that impact everything from popular consumer devices to critical international infrastructure and everything in between. Black Hat seeks ground breaking research to fill both 25 and 50-minute speaking slots for each annual show.

The Black Hat Trainings – offer attendees individual technical courses on topics ranging from the latest in penetration testing to exploiting web applications and even defending and building SCADA systems. Often designed exclusively for Black Hat, these hands-on attack and defense courses are taught by industry and subject matter experts from all over the world with the goal of defining and defending tomorrow’s information security landscape.

BSides (events worldwide) – BSides is a framework for organizing and holding security conferences. The concept began in the US in 2009 with Mike Dahn, Jack Daniel, and some others because the CFP for Black Hat Vegas or DEF CON was oversubscribed and those unable to present decided to hold their own conference on the ‘b side’. Now, many have been arranged in several countries throughout the world.

BSides has come to be known as a ‘conference by the community for the community’. Events are generally free to attend and rely on sponsorship to pay for the venue and other costs and are run as not-for-profit. Because the events of B-Sides offer smaller, more intimate networking atmospheres and breakout discussions, they foster strong audience participation and overall group interaction.

CanSecWest (Canada) – is the world’s most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices.

Cybercamp (Spain)is the major cyber security event that INCIBE organises with the aim of identifying, attracting, managing, and, in short, helping to generate cyber security talent that can be transferred to the private sector, in line with its demands. The conference has three main objectives:

  • Identifying professional careers for young talent.
  • Involving families, through cyber security awareness-raising and outreach activities for parents, teachers, and children.
  • Detecting and promoting cyber security talent through workshops and technical challenges.

Over the four days of the event, people enjoy educational and fun activities related to the world of cyber security, and attend lectures and workshops given by important figures and experts of the cyber security community. Likewise, the companies and organizations most representative of the world of cyber security and communication networks provide activities aimed at promoting interest in studies, professional specialisation, and entrepreneurship in the sphere of cyber security.

Cybertech (Israel) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. It provided attendees with a unique and special opportunity to get acquainted with the latest innovations and solutions featured by the international cyber community. The conference’s main focuses are on networking, strengthening alliances and forming new connections. Cybertech also provided an incredible platform for Business to Business interaction.

Cybertech Conference & Exhibition presents commercial problem solving strategies and solutions for the global cyber threat that meet the diverse challenges for a wide range of sectors: finance transportation, utilities, defense, R&D, manufacturing, telecommunication, health and government. The conference also provides the exhibition of different innovative technologies, which are key to fighting these threats.

CRESTCon & IISP Congress (UK) – is a unique event that brings together leading technical and business information security professionals. Now in its fourth year, the event has become a key date in the industry calendar, attracting an impressive line-up of speakers and over 350 senior delegates. In 2016 we are building on this success to make the event even bigger and better. As part of this we are introducing a third speaker track, a larger demo area and a bookshop. Delegates will include senior security, risk and compliance managers from a wide range of public and private sector organizations, along with security consultants and business directors working in the technical information assurance and response industry.

IP Expo (UK & Sweden) has IP EXPO Manchester, IP EXPO Europe and IP EXPO Nordic. They position themselves as being the UK & Europe’s number ONE cloud computing and IT Event Series and include a cyber security event.

Chaos Communication Congress (CCC) (Germany) – is Europe’s largest association of hackers. For more than thirty years they’ve been providing information about technical and societal issues, such as surveillance, privacy, freedom of information, hacktivism, data security and many other interesting things around technology and hacking issues. As the most influential hacker collective in Europe they organize campaigns, events, lobbying and publications as well as anonymizing services and communication infrastructure.

The event has taken place regularly at the end of the year since 1984 and is considered one of the largest events of this kind, alongside DEF CON in Las Vegas. In 2015 it attracted 13,000 attendees.

A wide variety of speakers are part of the scene and volunteers, called Chaos Angels, do organizational work. An important part of the congress is the assemblies, semi-open spaces with clusters of tables and Internet connections for groups and individuals to collaborate and socialize in projects, workshops, and hands-on talks. These assembly spaces, introduced at the 2012 meeting, combine the hackcenter project space and distributed group spaces of former years.

Cyber Security Summit (UK)brings together a mixture of the industry’s academics, cyber security professionals and government officials and policy makers to share their knowledge. Each year this free to attend conference provides the latest developments, strategies and technologies available to defend your organization online.

DEF CON (USA) – is one of the world’s largest annual hacker conventions, and has been held every year in Las Vegas, Nevada since 1993. Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, and hackers with a general interest in software, computer architecture, phone phreaking, hardware modification, and anything else that can be “cracked.”

The event consists of several tracks of speakers about computer- and cracking-related subjects, as well as social events and contests in everything from creating the longest Wi-Fi connection and cracking computer systems to who can most effectively cool a beer in the Nevada heat.

Other contests include lock picking, robotics-related contests, art, slogan, coffee wars, scavenger hunt and Capture the Flag. Capture the Flag (CTF) is perhaps the best known of these contests. It is a hacking competition where teams of crackers attempt to attack and defend computers and networks using certain software and network structures. CTF has been emulated at other cracking conferences as well as in academic and military contexts.

HITBSecConf or the Hack In The Box Security Conference (Netherlands and Malaysia) – is an annual must attend event in the calendars of security researchers and professionals around the world. Held annually in Kuala Lumpur, Malaysia and Amsterdam in The Netherlands, HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. Our events routinely feature two days of training and a two-day multi-track conference featuring cutting-edge hardcore technical talks delivered by some of the most respected names in the computer security industry. HITBSecConf is a place where ideas are exchanged, talent discovered and genius celebrated.

Infosecurity Europe (UK) – is the founding brand of Infosecurity Group – a business unit of Reed Exhibitions UK Ltd. It is Europe’s number one information security event, featuring the largest and most comprehensive education programme, and over 315 exhibitors showcasing the most diverse range of products and services to 12,000 visitors. 2016 marks its 21st year.

ISACA Cyber Security Nexus (USA) – was created as a result of ISACA’s commitment to address the urgent global need for skilled cyber security professionals. CSX is a knowledge platform and professional program designed to be a single source for all things cyber security that will help you through every step of your career, no matter what your level of experience. In the same spirit, we are proud to introduce our inaugural cyber security conference and premier industry event, CSX 2015 North America.

They hold the event in Washington, DC during National Cybersecurity Awareness Month and bring together some of the leading experts in the industry for an exciting event designed to give the knowledge, skills and tools you need to help protect and defend your organization. You have the opportunity to learn hands-on how to incorporate industry best practices, with over 70 sessions – each tailored to individual levels of cyber security expertise and experience.

IT WEB Security Summit (South Africa)this event has consistently ranked as the premier infosec conference in southern Africa. The ITWeb Security Summit is the only event in southern Africa that provides a full, 360-degree view of current and future critical infosec issues and has been running for 11-years. It provides an essential annual update, and an invaluable platform for both strategic and practical advice.

International and local keynote presentations, interactive panel discussions, a world-class exhibition and social networking opportunities provide opportunities for delegates to discover, learn, share and engage with leading IT security experts and solution providers.

Nordic IT Security – is the largest IT Security conference in northern Europe. For the last 8 years Nordic IT Security brings together business, government and technology in a Scandinavian focused Business platform. Meet cross vertical IT Security thought leaders from Sweden, Denmark, Finland, Norway and the Baltics engaging leaders of various profiles into 300+ minutes of structured commercial networking and get maximum exposure to your solutions, brand and expertise.

OWASP’S AppSec Conference (Global locations)OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C. Presentations and videos are generally posted several months after each conference. The largest event is OWASP AppSecUS, which has been held for 12-years.

RSA Conference (USA, EMEA & ASIA-PAC Regions) has a mission to connect you with the people and insights that will empower you to stay ahead of cyber threats. They do this through their events in the US, the EMEA region and the Asia-Pacific region and through their digital outreach. On a regular basis, they deliver insights via blogs, webcasts, newsletters and more so you can stay ahead of cyber threats

RUXCON (Australia)is a computer security conference brings together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts. It’s widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape. It provides a provides a laid back environment for our delegates to engage and collaborate with a broad spectrum of like-minded students, enthusiasts, hackers, and security professionals.

SC Congress (Amsterdam, Canada, UK, USA) – is brought to you by SC Magazine, a brand of Haymarket Media. It’s a dynamic conference and expo experience amplifying the latest in cyber security for CISO’s, CTO’s, and industry professionals. Their keynote addresses and breakout sessions feature industry thought leaders who share their insights and analysis on best methods for safeguarding your organization. Their robust exhibit hall houses some of the most innovative brands in information security showcasing the newest technologies.

Shmoocon (USA) – is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues.  The first day is a single track of speed talks called One Track Mind.  The next two days bring three tracks:  Build It, Belay It, and Bring It On.

44Con (UK) – 44CON is an Information Security Conference & Training event that takes place in London. It’s designed to provide something for the business and technical information security professional.