I'm already looking to 2019 for conferences to attend. ISC2 is already on the books. What other conferences would be recommended to attend?
What kind of conferences are you looking for? Just general suggestions to fulfill continuing education requirements? Or do you want to learn more about a certain area of IT security?
I'm a jack of all trades unfortunately, but would like to focus on physical and information security. I've been to RSA and ISC2 so far.
Take a look at local Security BSides Conferences. These are local organized and run conferences.
See if local chapters of ISSA and ISACA have conferences, they would be of interest.
There are other conferences like Hacker Halted, Derbycon, ShmooCon, etc. And you have Black Hat, BSides, and Defcon in Las Vegas. Various vendor run conferences like RSA.
I would consider the Cloud Security Alliance conferences, Secure360 in various regions of the country, OWASP,
This may seem like a silly question, but as an ISC2 member, are you also part of any other organizations? ISACA, ISSA?
> JimmyD (Newcomer II) posted a new reply in Tech Talk on 10-29-2018 02:04 PM in the (ISC)² Community :
> This may seem like a silly question, but as an ISC2 member, are you also
> part of any other organizations? ISACA, ISSA?
Don't see why it's silly. I don't pay membership for any others, but I've just started writing a column for ISSA and I support the local BCI Forum meetings. We've had an (unaffiliated) security group in Vancouver for over 35 years now. I also go to quarterly meetings with a group in Seattle (when I can). I also try and support and promote the BC Security Day meetings that our provincial government started up a few years back.
I'd say it's normal to be involved with other organizations. I'm also OWASP member. Our local ISC2 chapter also work with ISACA.
As for conference, I usually use the below website to see what's on the calendar.
https://infosec-conferences.com/
I'd suggest you think about what kind of conference interest you more and what do you want to gain from these conferences? Do you want to learn from diverse lecture topics? Browse vendor booth to see solution demo? Participate in activities such as hack village, CTF...etc? Or just get CPE? Do you prefer larger conference such as RSA with many things to do? Or do you prefer smaller conference with focused track/lecture with in-depth discussion and workshop?
I'm sure you can google and read about the top 10, top 20 cyber security conferences. But you can make the conference experience more beneficial to you if you know your passion/interest
@JimmyD asked what conferences to consider beyond (ISC)2, and Alexander
@Cousy14 wrote:What kind of conferences are you looking for? Just general suggestions to fulfill continuing education requirements? Or do you want to learn more about a certain area of IT security?
Going further, consider why you want to go to any conference. Remember there are many reasons folks attend security conferences. Most of us go for multiple reasons, including the following:
1. Update current knowledge in fast-moving fields.
2. Gain new knowledge in a different field not previously studied, such as cloud or AI or IoT or healthcare.
3. Network with professional colleagues for collaboration and learning.
4. Network with potential employers for future employment or contract opportunities.
5. Scout out venues to submit papers and talks for future professional contributions.
6. Meet with vendors to learn about new products and services that may help with current and future job tasks.
7. Have fun playing games and competitions.
8. Build a base for contributing to the organization as a volunteer, leading to running for elective office in the organization.
9. Combine a professional conference with a location-focused short vacation.
If #6 is high on your list, go to the biggies like RSA, ASIS, (ISC)2, ISSA International.
For #8 look at the national and regional hack cons like Blackhat, Shmoocon, BSIdes, DerbyCon, etc.
For #1 & 2, look for topic-focus conferences like FloCon, Cloud Alliance, and industry-focused with security content instead of security focused, like HIMMS.
For #3 & 5, with my interest in higher education, I've found the EDSIG conference of AITP a small, welcoming and rewarding gathering.
For #9 I've used ISSA International to see Nashville, Dallas, and Chicago for a great time with my wife being along for the vacation. She, by the way, hit it off with one of the well known ISSA Board Members as they discussed murder mystery books.
I've been to RSA and ISC2 Security Congress. Both have their pluses and minuses. I would like to find one that is balanced between learning/lecture and vendor exhibition. RSA had 2 exhibit halls and it was a little overwhelming to be honest.