Cybersecurity threats are constantly evolving so it's only natural that cybersecurity professionals need the latest skills, research, and knowledge to address existing and emerging security threats. Here, we'll examine six of the best-of-the-best U.S. cybersecurity conferences available to executives, government entities, hackers, and other cybersecurity professionals.
There are many others geared to specific industries such as healthcare, or banking and finance, or vendor-specific conferences such as Microsoft's invitation-only BlueHat Conference. For purposes of this article, we chose not to focus on industry- or vendor-specific conferences, seeking instead to provide an overview of some of best training- and research-centered gatherings available that might appeal to cybersecurity professionals across a range of skill levels and disciplines.
Most 2024 conferences are not yet open for registration, so remember to check in at conference websites for full details (including pricing) closer to the event:
β
Black Hat USA 2024
Since its inception in 1997, Black Hat has become a well-respected and globally recognized cybersecurity conference provider. For 26 years, Black Hat has been instrumental in providing training to cybersecurity professionals along with the opportunity to directly interact with new tools, network with vendors and other cybersecurity professionals, and access information related to cutting edge research, risks, and future industry trends.
Black Hat offers annual cybersecurity conferences in the United States, Asia, and Europe which generally last six days, four of which are focused on training. Black Hat USA 2023 was attended by almost 23,000 participants representing nearly 20,000 in-person registrants and another 3,000 attending via online or on-demand access.
Conferences include live, on-site technical training ranging from two to four days in length. Courses cover topics such as AppSec, Crypto, IoT, Malware, Defense, Forensics, PenTest, Wireless and more. At Black Hat USA 2023, course fees ranged from $4,300 to $5,900.
The conference includes open source tool demonstrations in the Arsenal, Briefings, sponsored sessions, and the Business Hall. ISC2 credential holders may apply conference attendance and trainings to their Continuing Professional Education (CPE) requirements.
Black Hat USA 2024
When: August 3-8, 2024
Where: Mandalay Bay Convention Center, Las Vegas, Nev.
Format: Trainings (in person); Main Conference (hybrid)
Pricing:
Trainings
$4,300 to $5,900
Main Conference
Option 1 β In-person, $2,495 (early registration) to $3,095 for onsite, late registration
Option 2 β On-demand, various options priced from $1,195 to $1,695
β
RSA Conference
Recognized globally for its dedication to cybersecurity and combating emerging threats, RSA Conference (RSAC) has been a staple of cybersecurity for 31 years. RSAC provides cybersecurity practitioners opportunities to experience hands-on training, networking, cutting-edge innovations, and thought-provoking sessions.
RSA USA 2023 featured more than 650 speakers, 25 tracks, and more than 350 sessions. It was attended by more than 40,000 cybersecurity professionals. In addition to its annual keynote address, RSAC highlights include
RSAC Sandbox β Interactive sandbox experiences of targeted cybersecurity disciplines
RSAC Innovation Sandbox β Recognition of the winner of RSAC "Most Innovative Startup"
RSAC Launchpad β Three selected start-up companies pitch their product ideas to investors for funding
College Day β Free program allowing college students to explore cybersecurity career options
The theme for the RSAC 2024 is "The Art of Possible."
RSAC partners with ISC2, IAPP, ISACA, and other industry associations/groups to offer CPE credits. RSAC participants should check with their credentialing organization to understand how to apply for CPE credits.
RSA Conference 2024
When: May 6-9, 2024
Where: Moscone Center, San Francisco, Calif.
Format: In person; select sessions available via on-demand pass
Pricing:
Full conference pass β $1,845 to $2,945
Expo Pass β $50
Expo Plus Passes β $250 to $495
On-Demand Pass β $395 to $795.
β
Gartner Security & Risk Management Summit
Technology analysis and consulting firm Gartner is not only well-respected in the world of cybersecurity but is also known for its cutting edge research, thought leadership, trends, expertise, and much more across a variety of industry-related disciplines. Each year, more than 80,000 professionals participate in various Gartner conferences across the United States, Japan, India, Europe, Latin America, Australia, and Africa.
With respect to cybersecurity, one of my peers referred to Gartner's Security & Risk Management Summit (the "GSRM Summit") as the "holy grail" for cybersecurity professionals. GSRM Summits focuses on issues and challenges facing risk and cybersecurity professionals. In 2023, the GSRM Summit offered more than 150 sessions focused on five priority cybersecurity disciplines including: Infrastructure Security, Application and Data Security, Cybersecurity Leadership, Market Dynamics, and Operations.
In addition to these five priority disciplines, additional 2023 tracks addressed Cyber and IT Risk Management, Application and Data Security, Technical Insights for Security Practitioners, Cybersecurity Market Dynamics for Product Leaders, the CICO Circle, Midsize Enterprise, and Diversity, Equity and Inclusion.
Gartner Security & Risk Management Summit
When: June 3-5, 2024
Where: National Harbor, Md.
Format: In person
Pricing:
Early bird β $3,925
Standard β $4,300
Public Sector β $3,650
Group discounts available
β
Security BSides
If you're interested in a more budget friendly cybersecurity conference, or seeking a smaller more intimate conference experience, then Security BSides may be the right event for you. According to its wiki page, Security BSides is the "first grass roots, DIY, open security conference in the world."
BSides offers four primary conferences each year, three of which are timed to coincide with other security conferences or events which contain a technology component. The four core conferences are located in Washington D.C. (Autumn), Las Vegas (Summer; coincides with Black Hat USA), San Francisco (Spring; coincides with RSAC) and Austin, Texas (Spring; coincides with SxSW).
According to the event page, timing events to coincide with other security conferences allows cybersecurity professionals the opportunity to network in other forums and to present their ideas to additional audiences. In addition to the core regional events, BSides events may be organized at the local level. BSides conferences are free of charge although a nominal fee may be charged to cover conference expenses.
Security BSides
When: TBA (Dates vary)
Where: Austin, Texas; Las Vegas, Nev.; San Francisco, Calif.; and Washington, D.C.
Format: In person
Pricing: Free or nominal cost
β
DEF CON 32
If hacking is your passion, then look no further than DEF CON 32. According to its website, DEF CON is the oldest running hacker convention. It's well attended by more than 25,000 participants representing private individuals, government agencies (FBI and NASA, for example), security practitioners, and hacking enthusiasts of all persuasions.
DEF CON events include training events, contesting, speakers, music, movies, and of course, socializing! My first exposure to DEF CON came a number of years ago when the 16 year old son of a good friend attended DEF CON. He apparently participated in a "challenge" and did quite well, resulting in a visit from the FBI at 3:30 in the morning with a business card, job offer (when he turned 18), and a warning not to do "it" again! He is a legit cybersecurity professional today.
DEFCON 32
When: August 8-11, 2024
Where: Ceasar's Forum, Las Vegas, Nev.
Format: In person
Pricing: $440 (Must pay cash at the door)
β
Infosec World
Offered by the CyberRisk Alliance (CRA), Infosec World is now in its 29th year. Billed as the conference focused on the "Business of Security," Infosec World offers cybersecurity practitioners and industry executives information and insights on emerging industry changes and challenges with a focus on enabling security practitioners to "better prevent, detect and respond to today's security challenges."
Infosec World 2024 is still in the planning stage but Infosec World 2023 covered topics including:
Threats β Cybercrime, Insider Threat, Malware, Physical Security, Ransomeware, and Security Engineering
Strategy β Careers, Cyber Liability/Insurance, Email Security, Emerging Technology, Incident Response, Leadership, Managed Services, Security Awareness, Social Engineering, Threat Intelligence, Vulnerability Management, and Zero Trust
Risk Management β Asset Management, Backup and Recovery, Breach, Business Continuity, Cybersecurity Asset Management, Data Security, Identity and Access, Remote Access, Security Audit, and Third-Party Risk
Policy β Critical Infrastructure, Governance, regulation and Compliance, and Privacy
Architecture β Application Security, Automation (Artificial Intelligence/Machine Learning, Cloud Security, Device Security, DevOps, Network Security, Quantum Computing
Infosec World 2024
When: TBA (likely September 2024)
Where: TBAΒ (2023 event held at Disney's Coronado Springs Resort, Lake Buena Vista, Fla.)
Format: In person
Pricing: $1,595
β
Mary Kyle is a full-time freelance writer, editor and project manager based in Austin, Texas. Formerly employed in various positions at IBM, Mary has more than 10 years of project management experience in IT, software development and IT-related legal issues.
Important Update: We have updated our Privacy Policy to comply with the California Consumer Privacy Act (CCPA)
