With the 2010s now over, the infosec industry is now fully invested in 2020 and beyond. The 2020s will no doubt present their fair share of challenging digital security threats. But they will also enable security professionals to discuss shared difficulties at conferences and summits. To help promote these collaborative events, we at The State of Security are proud once again to assemble a list of the top information security conferences that are planned for the year ahead. We hope you’ll consider attending at least one of the following 19 events, which are alphabetically sorted and not ranked in any way. If we missed a conference, please let us know on Twitter!
19. AWS re:Inforce
When: June 30, 2020 through July 1, 2020 Where: George R. Brown Convention Center, Houston, Texas, United States Website: https://aws.amazon.com/about-aws/events/reinforce/ AWS re:Inforce is a conference launched by Amazon Web Service that revolves around cloud security, identity and compliance. At the event, attendees will learn about the latest approaches to security best practices and risk management utilizing AWS services, features and tools. The conference will present hundreds of sessions across two different event tracks. The technical track will help security engineers and developers learn how to build a proactive security posture. Meanwhile, the business enablement track will help CISOs and other C-level executives with their strategic migration decisions.
18. Black Hat Conference Series
When: Variable Where: Variable Website: http://blackhat.com/ The Black Hat conference series is a favorite among infosec professionals for its technical emphasis. Black Hat USA, for example, has been in operation for the past 21 years; each of its iterations promotes a vendor-neutral environment and offers up top research that’s selected by a board of the industry’s most esteemed infosec professionals. This year’s Black Hat USA will take place on August 1-6, 2020 at the Mandalay Bay Resort and Casino in Las Vegas, Nevada, USA. Black Hat events are held annually in the United States, Europe and Asia.
17. BSides Series
When: Ongoing Where: Worldwide Website: http://www.securitybsides.com/ Security BSides is a community-driven framework that builds events for the information security community. Each meeting incorporates discussion, demonstrations and interaction into most of its technical presentations, thereby promoting collaboration and conversation among security professionals. As of this writing, more than 60 BSides events are planned for the year across six continents.
When: March 18-20, 2020 Where: Sheraton Vancouver Wall Centre, Vancouver, British Columbia, Canada Website: https://cansecwest.com/ CanSecWest is a three-day conference that boasts a single-track of one-hour presentations prepared by an infosec professional and educator. The event prides itself on bringing attendees together into a relaxed environment where they can collaborate and network. Interested parties can reserve a room under a discounted conference booking rate by clicking here. Alternatively, they can click here to view a speaker lineup for this year’s event.
15. Chaos Communication Congress
When: December 27-30, 2020 Where: Leipziger Messehalle, Leipzig, Germany Website: https://events.ccc.de/ Chaos Communication Congress is an annual conference sponsored by the Chaos Computer Club, Europe’s largest association of hackers. The event features lectures and workshops on diverse topics ranging concerning computer security, privacy and freedom of speech. The Chaos Computer Club first hosted its Chaos Communication Congress in 1984. Since then, it’s held its event in December each and every year.
14. DEF CON
When: August 6-9, 2020 Where: The New Caesars Forum, Harrah's, Linq & Flamingo, Las Vegas, Nevada, United States Website: https://www.defcon.org/index.html DEF CON started out in 1993 as a gathering among 10 small hacker networks. It’s expanded over the last 27 years; today, it’s one of the oldest and largest security conferences in the world. DEF CON 26 (2019) attracted over 30,000 attendees alone. Each year, DEFCON offers an exciting roster of speakers who present on computer hacking.
13. The Diana Initiative
When: August 6-7, 2020 Where: Westin, Las Vegas, Nevada, United States Website: https://www.dianainitiative.org/ The Diana Initiative is an organization that supports women interested in pursuing a career in information security, promoting diverse workplaces and helping to change workplace cultures to become inclusive of all employees regardless of gender. The theme for The Diana Initiative’s 2020 conference is not yet known. But as with previous years’ events, attendees at this year’s session will have a chance to take advantage of numerous networking opportunities. They’ll be able to “meet a mentor” and attend presentations where speakers share their stories, experiences and insights.
12. FIRST Annual Conference
When: June 21-26, 2020 Where: Fairmont The Queen Elizabeth Hotel, Montréal, Quebec, Canada Website: https://www.first.org/conference/2020/ This five-day annual conference features incident response, management and technical tracks, keynote presentations, lightning talks and plenty of networking opportunities. In addition to learning the latest security strategies in incident management, attendees can earn up to 25 continuing professional education (CPE) credits and gain insight into analyzing network vulnerabilities. The event is sponsored by the Forum of Incident Response and Security Teams (FIRST), an international confederation of more than 500 members spread over Africa, the Americas, Asia, Europe and Oceania.
11. FS-ISAC Annual Summit
When: May 17-20, 2020 Where: Boca Raton Spa and Resort, Boca Raton, Florida, United States Website: https://www.fsisac.com/events/ Each FS-ISAC Annual Summit is hosted by the Financial Services Information Sharing and Analysis Center, which helps members of the global financial industry share and analyze intelligence on digital and physical threats. Attendees of this annual event have the opportunity to hear over dozens of expert sessions and talks on the newest threats facing the global financial services sector spread across four days. Everyone from CEOs and Heads of Threat Intelligence to Payment Operations Directors and Payment Line of Business Managers are encouraged to attend.
10. Gartner Security & Risk Management Summit
When: June 1-4, 2020 Where: Gaylord National Resort and Convention Center, National Harbor, Maryland, USA Website: https://www.gartner.com/events/na/security Each of Gartner’s Security & Risk Management Summits attracts CISOs as well as top risk management and security professionals for the purpose of helping them build resilience and hone their security strategy across the enterprise. Attendees gain those insights via end-user case studies, workshops and one-on-one meetings with a Gartner analyst. This year’s conference will discuss key topics like anticipating new digital security threats, dealing with disruptive technologies like artificial intelligence and building digital resilience. It will also highlight how security and risk leaders can work together to enhance their organization’s approach to vulnerability management.
When: April 20-24, 2020 Where: Hotel NH Collection Amsterdam Grand Hotel Krasnapolsky, Amsterdam, The Netherlands Website: https://conference.hitb.org/hitbsecconf2020ams/ Hack in the Box Security Conference (HITBSecConf) is an annual event held in Amsterdam, The Netherlands. In fact, this year’s iteration marks the 11th anniversary of Hack in the Box (HiTB) in the Netherlands. Those who regularly attend HITBSecConf value it for all the networking opportunities and the chance to stay current with critical computer security issues. This year’s CFP is set to take place on April 23-24. The competition will feature a maximum of 20 teams consisting of up to three players each.
8. Infosecurity Europe
When: June 2-4, 2020 Where: Olympia, London, United Kingdom Website: http://www.infosecurityeurope.com/ InfoSecurity Europe is an annual conference that’s evolved into one of Europe’s largest and most highly regarded information security events. Its reputation is bolstered by the conference’s free rate of admission. Last year, nearly 20,000 visitors came out to see hundreds of speakers present on security-related topics and visit over 400 different exhibitors’ booths. This year’s conference will feature 200+ free-to-attend speaker sessions led by industry influencers.
7. InfoSec World
When: March 30, 2020 through April 1, 2020 Where: Disney’s Contemporary Resort, Lake Buena Vista, Florida, USA Website: http://infosecworld.misti.com/ Every year, InfoSec World attracts attendees with its diverse line-up of speakers and an exhibition hall filled with some of the most impressive information security technologies and solutions in the industry. MIS Training Institute, a leader in IT auditing and infosec training, organizes the event every year. Each iteration of InfoSec World consists of seminars, conferences, e-learning workshops, in-house training sessions and executive programs.
6. OWASP Global AppSec Dublin
When: June 15-19, 2020 Where: The Convention Centre Dublin, Dublin, Ireland Website: https://dublin.globalappsec.org/ Formerly known as AppSec EU, Global AppSec Dublin is an annual conference hosted by the Open Web Application Security Project (OWASP), a non-profit organization that strives to raise the visibility of software security worldwide. Each iteration of Global AppSec Dublin welcomes developers and security experts alike to its technical talks, debate panels, training sessions, hands-on learning workshops and keynote addresses from industry leaders. Each iteration of the Global AppSec Dublin begins with three days of training before moving onto a two-day conference.
5. RSA Conference
When: February 24-28, 2020 Where: Moscone Center, San Francisco, CA USA Website: https://www.rsaconference.com/usa When a security event gives rise to multiples conferences that draw tens of thousands of attendees a year, it’s hard not to take notice. Last year’s conference in San Francisco drew over 42,500 attendees alone. Besides its size, RSA, including RSA Conference USA, prides itself on providing a venue where both established and new security professionals can present their research to conference attendees and prepare themselves for future challenges in information security
4. SANS Series
When: Ongoing Where: Worldwide Website: https://www.sans.org/ The SANS Series is sponsored by the SANS Institute, a research and education organization that promotes infosec training and certification around the world. Its programs consist of intensive training usually spread out over several days. One of the biggest events planned for this year is SANS 2020. It’ll feature more than 20 hands-on, immersion-style information security courses taught by leading experts. This training conference is scheduled for February 1-8, 2020 in New Orleans, Louisiana, United States. Learn more here.
When: January 31, 2020 through February 2, 2020 Where: Washington Hilton Hotel, Washington District of Columbia, USA Website: https://shmoocon.org/ ShmooCon is an annual hacking conference that takes place on the east coast of the United States every January. The first full day of the conference features a single track of speed talks called “One Track Mind.” This is followed by two full days of four event tracks: “Build It,” “Belay It,” “Bring It On” and “BoF It.” The conference’s major themes include exploiting technology as well as using hardware and software solutions to address critical issues in information security. Attendees can also enjoy several events that run concurrent to the conference including the Lockpick Village, ShmooCon Labs and Hack Fortress.
When: May 8-9, 2020 Where: TBA, Chicago, Illinois, USA Website: https://thotcon.org/ THOTCON is a non-profit, non-commercial conference that will feature three tracks over two days. Included speaker sessions will focus on a range of topics including the Internet of Things, medical devices and industrial control systems. This event is unique in that speakers and attendees won’t learn of its location until the week before the conference. That being said, THOTCON will occur somewhere in the city of Chicago.
1. USENIX Security Symposium
When: August 12-14, 2020 Where: Boston Marriott Copley Place, Boston, Massachusetts, United States Website: https://www.usenix.org/conference/usenixsecurity20 Now in its 29th year, the annual conference of the USENIX Association (otherwise known as the Advanced Computing Systems Association) brings together researchers, practitioners, sysadmins and other individuals who are interested in staying abreast of important computer security and privacy developments. The event consists of invited talks, panel discussions and Birds-of-a-Feather sessions. All researchers are invited to submit a paper for consideration of presenting at USENIX’s Security Symposium 2020 until February 15, 2020.