As the first month of the year comes to a close it is time for those of us in the IT Security field to decide what we will do to fulfill our CPEs for the certifications we hold. This is exciting because it means that it is time to start considering which conferences you plan to attend this year. It’s not too early to start planning, since getting time off and applying for possible company reimbursement can take time and need to be planned well in advance.
If you were planning on going to SchmooCon, it is too late since that just happened last month. However, there are plenty of others coming down the pipe. The conference likely to be most noted, most well-attended, and potentially most fun this year, as every year, is Defcon. Defcon was a blast last year when it marked twenty-two years since its inception, a fact that makes me and many hackers feel old. Last year was also the final year for this conference to be held at the famed Rio Hotel and Casino, a blessing in disguise as it has clearly outgrown the facility. This year and, according to the website (https://www.defcon.org), for several years to come, the conference will be hosted by both The Paris and Bally’s Casino and Hotel, right there on the luxurious Las Vegas strip. These double locations should provide the conference with ample space to serve attendee needs. If you can only go to one conference this year I would recommend Defcon. Tickets cannot be purchased in advance but were only $220 cash at the door last year. You can, however, book your room with a special discount as of this week. If you want to stay at Bally’s or Paris and be right in the thick of it, it would behoove you to book your room now.
There are plenty of other conferences that happen later this year. Just before DefCon is Blackhat (https://www.blackhat.com), which is very expensive. Therefore, many people only go if their employer foots the bill. If they will pay I recommend this conference as it has many interesting talks and is a bit more professional and organized than Defcon has been in the past. This does not necessarily mean it is more fun, but if you are able to get company cost coverage why not spend an entire week in Vegas and attend both conferences? There is also the B-Sides Las Vegas Conference (http://www.securitybsides.com/w/page/12194156/FrontPage), which takes place just before Blackhat. You could easily spend a week and a half in Vegas attending these three conferences. B-Sides also has a plethora of other conferences all over the US and Europe, these are listed on their website.
DerbyCon (https://www.derbycon.com/) takes place this September (according to the website tickets may already be sold out). There are several good conferences that take place in Europe as well. In Amsterdam there is the Hack-in-the-Box (http://www.hitb.org/) conference that has not been officially announced yet but often has some really great speakers, and the fact that it is in Amsterdam is a bonus. One last conference that has been popular in the past and as I have been told by some that have attended is a very fun experience is the Chaos Computer Club (CCC) Congress (http://www.ccc.de/en/). This takes place in Koln (Cologne, for Americans) Germany and is one of the things on my bucket list.
The conferences I have mentioned are not even the tip of the iceberg, there are hundreds of choices all over the world. There may even be one in your local area that does not necessitate travel and an expense account. This site (http://www.concise-courses.com/security/conferences-of-2015/) has a fairly comprehensive listing of conferences. There are different conferences that cater to professionals of every specialty. Take a look at the list, decide where you want to go this year, and start making your plans. If you are looking to get your company to send you it would be a good idea to start asking now. We all know how slow corporate bureaucracy can be, better start those wheels turning now so you don’t miss the boat.