With the world drowning in ransomware hacks — shutting down everything from meat packers to fuel pipelines—the timing couldn’t be better for security pros to hit the conference circuit and learn the latest tips and tricks (around issues like endpoint security, incident response, and proper IT hygiene) from their peers.
In these half-open, possibly final days of the pandemic, many security conferences remain fully or partly virtual. A good number, however, are inching back to “in real life” events.
You remember in-person conferences, right? The endless miles of booths, the useless schwag, the bad food, the copious opportunities to booze and schmooze. (Oh and the sometimes insightful panels.) Sounds heavenly at the moment.
In that spirit, Endpoint has scoured the conference calendar through the end of the year and is bringing you what you need to know to make the most of this year’s offerings, whether you’re joining from the comfort of your laptop or from the uncomfortable seats of a hotel ballroom.
June 10 (virtual)
Target audience: Security professionals in the public sector
What’s on tap: Hear from the chief information security officers (CISOs) and chief risk officers (CROs) of the states of Washington, Colorado, North Carolina, and Texas, as well as the cities of New York and Los Angeles and universities like Princeton. SecureWorld unites information security professionals from government and higher-ed. to share up-to-the-minute insights into ransomware attacks and other cyberthreats.
Why attend: Mingle with other security professionals in government and education who can share their real-world lessons in a focused setting.
June 21–23 (in person in Denver); June 21–July 2 (virtual)
Target audience: Digital identity and privacy professionals
Price: $1,395–$1,695 (in person); $129 (virtual)
What’s on tap: The keynoters at this conference will focus on leadership, diversity, and inclusivity in the IT and security industry. Featured speakers include Kimberly Sutherland of LexisNexis Risk Solutions, Kay Chopard of Women in Identity; physicist and futurist Dr. Michio Kaku; and award-winning innovator Mick Ebeling of Not Impossible Labs.
Why attend: It’s two conferences in one. The virtual program includes more than 120 sessions and 100 hours of content. But only the in-person event offers live music, campfire treats, and robot wars in the Rocky Mountains.
June 24 (virtual)
Target audience: DevSecOps leaders and other professionals
What’s on tap: The tagline of this one-day conference is “Rebound. Re-Balance. Re-Imagine.” DevSecOps professionals will certainly need to do all of those things and more as they bounce back from a year of mass remote work. At this event, you’ll learn from security leaders at Apple, the U.S. Air Force, Honeywell, Splunk, and others.
Why attend: After a difficult year, the conference organizers are spot-on in saying that it’s time to regain one’s equilibrium.
July 20–22 (virtual)
Target audience: IT executives
What’s on tap: Over three days, IT professionals will learn from top executives and journalists about major topics in the news, including the SolarWinds and Microsoft Exchange hacks, zero-day vulnerabilities, the dark web, and the Colonial Pipeline ransomware attack.
Why attend: The event offers high-level networking opportunities when you’re not watching the sessions with top CISOs and leading consultants.
July 31–Aug. 3 (virtual); Aug. 4–5 (in person in Las Vegas)
Target audience: Information security executives and hackers
Price: $1,595-plus (in person); $995-plus (virtual)
What’s on tap: Black Hat comes roaring back with some of the most hands-on and intensive security training sessions and briefings found anywhere. Advanced courses cover topics such as Active Directory (AD) attacks, infrastructure and whiteboard hacking, and applied cryptocurrency hardware. Attendees who forgo the glitz and heat in the desert will get real-time access to the full menu of sessions and keynotes, sans the crowded escalators and dinging slot machines.
Why attend: The Las Vegas Strip fully opened Memorial Day weekend, the clearest sign yet that the pandemic’s grip on conferences and events is finally loosening.
Aug. 5–8 (virtual and in person in Las Vegas)
Target audience: Techies and hackers
Price: $0–$85 (virtual); $300 (in person)
What’s on tap: Defcon always offers a wide range of intensive tech seminars and presentations, and this year promises to be no different. The event will have a hybrid format: a virtual component on Discord and an in-person conference once again in Las Vegas. The in-person event will have caps on registration and other changes to the format, such as fewer villages and contests, as well as other hybrid digital and in-person events to be announced soon.
Why attend: Defcon is run by and for techies and hackers. If you plan on going to Black Hat, odds are you’ll stop in at Defcon and have been doing so for years.
Aug. 17–18 (virtual)
Target audience: Financial-services security professionals
What’s on tap: Top speakers at this event from the Information Security Media Group (ISMG) include executives from PayPal, the Federal Reserve, Mastercard, Schneider Electric, and the U.S. Secret Service discussing the fraud and threat landscape in banking and payments, including insider risk, phishing, payments fraud, new-account fraud, and emerging fraud controls. The award for the best session title goes to Adam Wehrenberg of the Federal Reserve Bank of Boston: “Fake Person, Real Losses: How Are You Combatting Synthetic Identity Fraud?”
Why attend: Top financial services and regulatory executives promise to share how to “best adapt and balance productivity, accessibility, and security.”
Sept. 8–10 (in person in Aurora, Colo.)
Target audience: Women in cybersecurity
What’s on tap: WiCyS helps organizations recruit, retain, and advance women in cybersecurity. The event is known for creating a supportive and inclusive community for women, including students, and male allies, and for scholarships are awarded to female cybersecurity students.
Why attend: WiCyS bills itself as the “world’s only international cybersecurity conference with equal representation of students and professionals.” Count on top talent networking their way to jobs in cybersecurity.
Sept. 20–22 (in person in Orlando, Fla.)
Target audience: CISOs and other security and risk professionals
What’s on tap: The event features 10 tracks, ranging from a CISO Circle to those on infrastructure protection, digital risk management, business enablement, and diversity, equity, and inclusion (DEI).
Why attend: Gartner’s security conferences are highly rated and highly focused events. Very much worth the trip.
Sept. 29–30 (virtual)
Target audience: CISOs, CIOs, and other security professionals
What’s on tap: The conference brings together top executives from large companies across a wide range of industries, tackling real issues that CISOs and other security professionals face in securing the modern enterprise, including endpoint and cloud security, governance and risk, identity and trust, and privacy and data protection. The event promises to showcase the most innovative and important developments in the security solutions market, as well as to facilitate collaboration within the security community.
Why attend: Event organizers expect 10,000 virtual attendees, so this is the virtual event to attend if you want scalability in your networking.
Oct. 18–21 (virtual)
Target audience: Women executives in security, risk, and privacy
What’s on tap: This year’s conference will focus on securing the digital ecosystem. More than 500 business decision-makers around the world are expected to attend this event.
Why attend: The event promises a “powerful community and caring sisterhood of women professionals.” The peer-to-peer networking is highly rated, as are the Women of Influence Awards.
Oct. 25–27 (in person in Lake Buena Vista, Fla.)
Target audience: Cybersecurity executives and practitioners
What’s on tap: This year’s show from the CyberRisk Alliance focuses on “rescoping risk and driving growth.” It will offer sessions on supply chain attacks, deep fakes, the dark web, AI model security, threat hunting use cases, emerging technologies, and “how to be a hacker.” Joining InfoSec World in 2021 will be more than 200 healthcare infosec executives participating in the Association for Executives in Healthcare Information Security’s (AEHIS) annual meeting.
Why attend: Billed as a top learning opportunity for more than 1,500 cybersecurity professionals. Plus, you’re going to Disney World.
Oct. 25–28 (virtual)
Target audience: Senior global executives
Price: Members only
What’s on tap: More than 3,000 senior global executives and business leaders will share experiences and offer best practices in a confidential peer-group setting of Information Security Forum members only.
Why attend: Gain practical advice from peers and leading industry experts from around the world.
Nov. 9–10 (virtual and in person in Washington, D.C.)
Target audience: Security and risk professionals
What’s on tap: The conference focuses on the critical importance of customer trust. You’ll hear from Forrester analysts and leading figures in the security industry about emerging cyberthreats, new regulatory requirements, and the latest technologies and strategies needed to keep enterprises secure.
Why attend: Highly focused sessions are geared to security and risk professionals, and a bonus this year is “enhanced access” to analysts via live chats and small groups.
Nov. 9–10 (virtual)
Target audience: Security and risk professionals
What’s on tap: Soak up thought leadership and best practices from IT executives at Google, Microsoft, the Federal Reserve, and the U.S. Cybersecurity and Infrastructure Security Agency. You’ll also hear from the “world’s first CISO,” Stephen Katz, former CISO at Merrill Lynch and Citi. This year’s summit from ISMG focuses on fraud and breach prevention, zero-trust security, and connected devices, as well as on key verticals such as finance, government, retail, energy, and healthcare.
Why Attend: A deep, executive-level focus on all things cyber.
Nov. 15–16 (virtual)
Target audience: European CISOs
What’s on tap: This year’s all-virtual conference focuses on the CISO of the future and the evolution of digital trust as a business-critical issue that connects financial, ecosystem, and sustainability metrics. CISOs are crucial in managing and orchestrating trust metrics across their companies.
Why attend: IDC emphasizes helping CISOs understand how to demonstrate that their organizations are worthy of customer trust.
Nov. 29–Dec. 1 (in person in London)
Target audience: U.K. and European security and risk management (SRM) leaders
What’s on tap: The summit will cover a broad range of topics, including cloud security, risk management, threat and vulnerability management, and DEI. Hear from Gartner analysts and leading industry experts while networking with other CISOs.
Why attend: Gartner conferences are solid and typically offer laser-focused information and the latest research from the firm’s analysts. This event is right for companies based in Europe, or U.S. companies interested in the view beyond the American market.