Not going to the RSA 2019 Conference or MWC Barcelona? Maybe it’s sticker shock or the crowds or schedule or whatever. Late winter and spring are usually great times for conferences and a good time to take a break from cooler weather and head to someplace warm. However, if you are like me you may be looking for something that is closer to home, not budget-busting, not so high brow and partisan like those analyst conferences, and not salesy but still highly informative. If some of those criteria sound like you, then check out the list below for some conferences I highly recommend, especially if you are in the DC/Baltimore MD area. [Yes – living in the DC/Baltimore area offers some advantages as there tends to be lots of reasonably priced and even free cyber conferences.] Many of these conferences are sponsored by standards groups or government agencies with a focus on emerging technology and research. So if you want to keep your fingers on the pulse of what is going on in cyber without a biased twist, I think you will find these conferences to be right in your wheelhouse.
28 February – NIST webinar on NIST Risk Management Framework update by Dr. Ron Ross and others at NIST. OK, this is not a conference but a good way to get started on your winter/spring 2019 cyber education journey. This webinar is a 2-hour overview and deep dive of the recently released NIST Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. It includes mapping to the Cybersecurity Framework as well. You should also check out my recent interview with Dr. Ross at this link.
2-9 March – SANS Baltimore – If you are looking for high quality, immersive style training, then SANS is the way to go. This Baltimore event offers 15 different courses. They are a bit pricey but you don’t have to necessarily travel to get there – even if you are not in the DC/Baltimore area as they offer event simulcast for some of the courses.
11-12 March – NIST Threshold Cryptography Workshop. NIST is the US center for cryptography standards. For example, they recently announced the downselect on post-quantum crypto algorithms. This particular workshop is a deep dive in threshold crypto algorithms and only the bravehearted or expert should probably venture. But some of the use cases, such as block chain, cloud computing and IoT, should be of interest to many. So if crypto is your thing, you should try to be there. Also, check out some of the interviews with crypto leaders I have done here, here, here, and here.
18-20 March – DHS S&T Cybersecurity and Innovation Showcase. This is one of my favorite conferences and I try to attend each year. This unique event for the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) introduces its funded cyber research projects to government and industry technology implementers including chief information security officers, pilot and testing partners, investors, angel funders, and other potential market transition partners. Over 130 different projects will be represented across a wide range of research and technology topics. You can see some previous interviews that i conducted with researchers from this conference here and here.
18-25 March – SANS ICS Security Summit and Training 2019. The 18th and 19th are summit days with talks by leading practitioners and researchers in ICS security. The 20-25 March dates are for SANS-style training for ICS security practitoners. You can attend the Summit only if you like. I think ICS security is one of the hottest areas of cybersecurity today and I definitely recommend this conference if ICS applies to your job or interest.
1-4 April – NIST Model-Based Enterprise Summit (digital twin), no fee. I attended this conference a couple of years back and the subject matter continues to interest me. Not strictly a cybersecurity conference, the concept of a digital twin is the main subject point for this conference. I believe the digital twin concept has application in the area of mod-sim for cybersecurity attacks and protection models [see my article here]. The summit also covers topics such as trusted cyber-physical systems (CPS), Industrial Internet of Things (IIoT), and artificial intelligence (AI) which are some of the enablers for advanced configuration management of the product lifecycle and key cybersecurity areas of interest.
4-5 April – First Annual Executive Cybersecurity Summit sponsored by UMD’s MaGIC at The Hotel in College Park, MD. This should be an interesting event given the keynoters and featured speakers that have been identified to date. The venue is nice too. It looks to be a combination of policy and technical security talks. I highly recommend checking this summit out. Recent Active Cyber™ interviews with a couple of the organizers and speakers for this event can be found here and here.
23-24 April – (ISC)² Secure Summit. I was very impressed with the listed agenda and speakers for this event so I plan to be there for this 2 day summit. Check it out and I think you will agree that this is a “must attend” event in DC. Early bird rates expire March 10 so get your registration in soon. Click on the banner ad on right side of this page to go to the registration web site. Also note that students get a special discount as the banner below indicates.

2-3 May – JHUAPL IACD’s Integrated Cyber: The Evolution of Security Automation – This free 2 day event provides a forum for collaboration and technical exchange to support the adoption of integrated, automated cyber defense and information sharing. It showcases government, industry, operations, and critical infrastructure perspectives. I try to make each of these events by JHUAPL as they focus on active cyber defenses or SOAR technologies. Check out my article on SOAR technologies and my chronicle on advancements made by IACD to learn more.
7 May – Cloud Security Alliance Federal Summit. I am enjoying the CSA DC Chapter meetings as they have had first class speakers and innovators in cloud security. I look forward to learning even more about cloud security at this full day 6th annual federal summit.
14-16 May – Technet Cyber 2019. I believe that AFCEA always puts on great conferences and this one is one of my favorites because it really does a good job in pulling together speakers from industry and government, including agencies like NSA, NIST, and Cyber Command. It has also expanded now to
include civilian agencies as well to cover a broad spectrum of mission sets. The exhibit hall is always full of interesting products and demos as well.
27-29 May – 5th IEEE International Conference on Big Data Security On Cloud. This conference looks at big data based technology such as artificial intelligence, cloud computing, and Internet of Things. Providing security and privacy for big data storage, transmission, and processing have been attracting much attention in all big data related areas. IEEE BigDataSecurity 2019 addresses this domain and aims to gather recent academic achievements in this field. There are also a couple of co-located events going on with this conference.
So that sums up my recommendations for conferences for the 2019 winter/spring – especially if you are local to the DC/Baltimore MD area. Let me know what your preferences are so I can check them out as well.
And thanks for checking out ActiveCyber.net! Please give us your feedback because we’d love to know some topics you’d like to hear about in the area of active cyber defenses. Also, email marketing@activecyber.net if you’re interested in interviewing or advertising with us at ActiveCyber.