Top cybersecurity conferences to attend in 2025

Love networking or find it challenging? Either way, certain conferences are too good to miss. They're not just about mingling but also about learning from the best security professionals. Think RSA Conference or Gartner Security Risk Management Summit for networking and the latest in cybersecurity. For a real-world feel of cyber threats, DEF CON is a must-attend event.

We've handpicked a list of global events that stand out. NordLayer will be at some of these in 2025, eager to connect and grow.

1. RSA Conference (Join us there!)
2. Black Hat USA
3. DEF CON
4. Gartner Security & Risk Management Summit
5. SANS Cyber Threat Intelligence Summit & Training
6. Infosecurity Europe (Let's meet there)
7. Pax8 Beyond (We’ll also be there)
8. AWS re: Inforce
9. IT Nation Connect
10. UK Cyber Week

Let's explore unique aspects, 2023 highlights, and the locations of each conference to help you decide which one to attend.

RSA Conference

Website: https://www.rsaconference.com/usa

The RSA Conference in San Francisco hosts over 40,000 attendees each year. It stands out for its networking and deep dives into cybersecurity topics. Attendees engage in discussions ranging from AI to cloud security and listen to panels featuring industry leaders.

At the RSA Conference, 44% of the participants are top executives: the event is really important as a venue for influential decision-makers.

The event also attracts a global audience, with 20% of visitors coming from outside the US.

The RSA Conference 2024 focused on AI, ransomware, and growing cyber threats from nation-state actors. Experts warned that attackers are using AI to launch faster and more complex attacks. Security leaders stressed the need for AI-driven defenses to keep up with evolving threats. The rise in DDoS attacks, especially targeting APIs, was a major concern.

Government officials highlighted cyber risks tied to geopolitical conflicts. CISA Director Jen Easterly warned that China-backed threat actors are infiltrating critical infrastructure. Kevin Mandia from Mandiant emphasized that ransomware is now a multi-layered extortion tool. Cryptography experts debated the future of quantum threats but agreed the industry must prepare. The conference also showcased Reality Defender, which won "Most Innovative Startup."

The event featured over 425 sessions covering security, AI, and policy shifts. Over 750 students and teachers joined College Day to explore careers in cybersecurity. The conference wrapped up with a concert by a GRAMMY®-winning artist. RSA Conference 2025 will return to San Francisco from April 28 to May 1.

Black Hat USA

Website: https://www.blackhat.com/upcoming.html#usa

Black Hat USA 2024 focused on AI-driven threats, Zero Trust, and supply chain security. Experts warned that AI-powered attacks are getting faster, smarter, and harder to stop. Zero Trust was a major theme, reinforcing the need for stricter identity controls. Security leaders stressed that companies must secure not just their own systems but also their vendors.

Moxie Marlinspike (Signal) and Jeff Moss (Black Hat) discussed the future of privacy vs. security. New technologies like Generative AI, blockchain, and quantum computing raised both opportunities and risks. Employee training was a big focus, as human error remains a leading security weakness. Rapid7 launched Surface Command and Exposure Command to improve attack surface visibility.

The event showed that attackers are evolving, and defenses must keep up. Black Hat USA 2025 returns to Las Vegas from August 2 to 7 with more insights.

DEF CON

Website: https://defcon.org/

DEF CON in Las Vegas, started in 1993, is one of the oldest and largest cybercriminal conventions. Initially a gathering for cybercriminal network members, it now draws 25–30k attendees, including threat actors and very reputable companies.

DEF CON 2024 focused on EDR bypassing, evolving command and control (C2), and AI in cyber-attacks. Researchers showed new techniques to evade EDR solutions, proving no system is 100% secure. Talks on Google-based C2 frameworks revealed attackers using everyday cloud services for stealthy communication. Living off the Land (LotL) tactics are growing, making attacks harder to detect.

AI is now a real weapon for both attackers and defenders. Large Language Models (LLMs) are helping Red Teams simulate AI-driven attacks. Blue Teams are using AI for faster detection and response, but attackers are evolving just as fast. Talks on prompt injection and data poisoning showed how AI itself is becoming a security target. DEF CON’s AI Village featured new ways AI can be exploited.

The event highlighted why visibility is crucial in modern cybersecurity. Attackers are adapting faster than traditional defenses, making network monitoring and anomaly detection essential. DEF CON 2025 will return to Las Vegas from August 7 to 10, pushing security knowledge even further.

Gartner Security & Risk Management Summit

Website: https://www.gartner.com/en/conferences/na/security-risk-management-us

The Gartner Security & Risk Management Summit in National Harbor, MD, draws over 2,400 CISOs and cybersecurity executives. It features roundtable discussions, peer conversations, and case studies for meaningful engagement and networking.

Gartner Security & Risk Management Summit 2024 focused on AI in cybersecurity, cyber resilience, and evolving security strategies. Experts stressed that cyber resilience is about response and recovery, not just prevention. AI is reshaping both attacks and defenses, making adaptive security strategies essential. Zero Trust and Cybersecurity Mesh Architecture (CSMA) were highlighted as key frameworks for modern security.

CISOs were urged to rethink cloud security skills, adapting existing knowledge to new cloud risks. Security leaders warned that identity threats, insider risks, and misinformation are growing challenges. Understanding human behavior in security is critical, requiring better-designed security controls. Creative conflict was encouraged as a way to drive cybersecurity innovation. AI-driven security tools must support human expertise, not replace it.

The event reinforced that cybersecurity must evolve with growing complexity. Gartner Security & Risk Management Summit 2025 returns from June 3 to 5, promising deeper insights into security’s future.

SANS Cyber Threat Intelligence Summit & Training

Website: https://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2025/

The SANS Cyber Threat Intelligence Summit & Training caters to all levels of cyber threat intelligence. It provides practical education and new viewpoints, welcoming both beginners and experts.

Sessions include detailed talks on cybersecurity tools and strategies with real-life examples, expert panels where professionals discuss and debate key topics, and practical workshops for hands-on experience with real scenarios. Finally, there are sharing forums to promote idea exchanges and peer learning.

Overall, the learning experience is quite comprehensive, so the event is a meeting place for thousands from around the world. SANS Cyber Threat Intelligence Summit 2025 will return with even deeper insights. The key takeaways of keynotes from 2024 events are summarized in a pretty and visual way on this page.

Infosecurity Europe

Website: https://www.infosecurityeurope.com/

Infosecurity Europe in London gathers over 13k information security professionals, from engineers to innovators. It's an essential event for staying informed about cybersecurity.

The conference features over 380 exhibits and more than 200 hours of talks by industry leaders. Attendees can learn a lot and earn over 90 hours of CPE credits for professional development.

Infosecurity Europe 2024 focused on AI-driven security, risk management, and compliance challenges. The expo showcased AI tools for threat detection, vulnerability analysis, and automated response. Experts emphasized that AI enhances cybersecurity but requires strong data governance and human oversight. Poor data quality can lead to unreliable AI decisions.

Speakers warned about AI amplifying risks like bias, privacy issues, and insider misuse. Collaboration is key—industry leaders must share knowledge and set ethical AI standards.

Meet NordLayer at Infosecurity Europe 2025! Find us in the Nord Security B2B suite.

Pax8 Beyond

Website: https://www.pax8beyond.com/

The event, obviously hosted by Pax8, offers three days of sessions with security and risk leaders. It caters to MSP business owners, service managers, engineers, and security experts. It also focuses on the future of cloud-based businesses and channels.

Pax8 Beyond 2024 covered MSP growth, security challenges, and AI’s impact on the industry. Experts said MSPs were expanding faster than ever. Managed IT, cybersecurity, and AI services are seeing double-digit growth.

AI took center stage. Pax8’s CEO predicted autonomous MSPs and billion-dollar providers will emerge soon. Security remained a major concern. Sessions on compliance, cyber insurance, and evolving threats drew large crowds.

Pax8 launched new tools to simplify billing and vendor management, making operations more efficient. Pax8 Beyond 2025 will bring deeper insights into the future of managed services.

Find NordLayer in the Nord Security B2B suite.

AWS re:Inforce

Website: https://reinforce.awsevents.com/

AWS re:Inforce in Philadelphia centers on cloud security, identity, and compliance. It draws over 50k people: the event is quite crucial for cloud tech professionals. The attendees range from industry experts to smaller companies focused on cloud security.

AWS re:Inforce 2024 covered cloud security, zero trust, and AI-driven protection. AWS stressed the importance of security culture, automated reasoning, and provable security. Experts discussed AWS Nitro, Graviton, and Rust adoption to strengthen system security. AWS also unveiled new IAM Access Analyzer features to help organizations enforce stricter security policies.

Automated reasoning took center stage. It enhances verification for cryptographic protocols and IAM permissions. Zero trust architectures gained new AWS tools for access control and secure API management. Generative AI’s role in security sparked discussions about its risks and benefits.

AWS re:Inforce 2025 will return with more insights into the future of cloud security.

IT Nation Secure

Website: https://www.connectwise.com/theitnation/secure/cybersecurity-conference

IT Nation Secure 2025 is the top cybersecurity event for managed service providers (MSPs). Attendees get hands-on training, expert insights, and networking opportunities to strengthen cybersecurity skills.

Sessions dive into AI in cybersecurity, SOC analyst training, compliance, governance, and incident response. Experts share proven risk management strategies and leadership development insights. Sales and marketing tracks help MSPs promote cybersecurity solutions and increase revenue.

MSPs can explore new security technologies from top vendors in the exhibit hall.

UK Cyber Week

Website: https://www.ukcyberweek.co.uk/

UK Cyber Week 2025 brings together cybersecurity professionals, IT teams, and business leaders to strengthen cyber resilience. The event focuses on collaboration, expert insights, and advanced security strategies to combat cyber threats.

Key topics include AI, ransomware, cloud security, and security culture. Sessions also cover governance, risk management, and diversity in cybersecurity. Over 2,000 professionals and 80 expert speakers joined in 2024.

Live demos, networking events, and vendor showcases offer practical solutions for businesses of all sizes. The post-event reception helps attendees build stronger industry connections.

UK Cyber Week helps organizations secure supply chains, infrastructure, and cybersecurity teams against modern threats. Businesses leave with actionable insights to stay ahead of cyber risks.

How to network at cybersecurity conferences

Nervous about rubbing elbows? Don't worry, here's a concise roadmap from Tyler Wagner's 'Conference Crushing' for successful mingling:

• Know yourself. Start by defining your role and goals. This clarity guides your interactions.
• Do your homework. Look up the event and who's going. You'll know whom to seek out.
• Stay engaged. Pay attention to discussions: that builds respect and connections.
• Step beyond. Push past your usual limits. New contacts could mean new paths.
• Get involved. Dive into the activities. The more you do, the more you benefit.
• Lay groundwork. Early chats could lead to lasting professional friendships.
• Note it down. Write key points from the talks. You'll remember them longer.
• Keep in touch. Reach out after the event.
• Cultivate connections. Keep up with your contacts. A strong network supports your career.

Strategic approach for optimal conference participation

For smart conference planning, focus is essential.

Ever heard the phrase 'less is more'? That applies to choosing conferences. It's tempting to fill your calendar, but selecting fewer relevant conferences can be more beneficial. This focus allows for deeper involvement and enriches your learning and networking.

Now: early birds. Registering early for conferences isn't just about saving money, although that's a big plus. Early planning leads to better travel deals and more prep time, letting you easily approach the conference and get the most out of it.

Finally, after the conference ends, the real work begins. Reflect on what you've learned and how it applies to your job. Don't forget to follow up with new contacts. This ensures the conference benefits you long after it's finished.

Conclusion

It's clear that cybersecurity conferences are more than mere meetings; they're where growth happens. These events are perfect for deepening your cybersecurity knowledge and broadening your professional network.

These conferences will shape the future of cybersecurity, uniting industry leaders and experts under one roof.