If you could only choose five security conferences to attend in 2015, which would they be? The following are some of the top conferences in the security industry this year that you should consider putting on your calendar:

IBM InterConnect

A good place to start the year is at IBM InterConnect 2015, which will be held from Feb. 22 to Feb. 26 in Las Vegas. This event brings together three annual IBM conferences — Impact, Innovate and Pulse — and focuses on cloud, security, service and asset management. Of particular interest to security professionals will be the security intelligence track, which features application and data security strategies, identity and access management for the enterprise, mobile and cloud, infrastructure protection, security analytics and fraud protection.

Infosec World

Infosec World 2015, held from March 23 to March 25 in Orlando, hosted by the MIS Training Institute, is considered to be a flagship event of the year for information security professionals. The U.S. event features a conference and expo, as well as three summits on the themes of cloud security, executive security for chief information security officers and IT audit management. This conference is unusual because of its focus on IT audit professionals and offers sessions with varying levels of technical content and hands-on sessions for lab-driven learning.

RSA Conference

The annual RSA Conference is considered by many to be a top security conference, with more than 28,500 attendees in 2014 and 400 companies showcasing their wares at the associated RSA Expo. The 2015 conference will be held from April 20 to April 24 in San Francisco and will feature 15 keynote speeches from a diverse range of speakers.

Every year, the conference is organized around a particular theme. This year’s theme is “Change: Challenge Today’s Security Thinking.” The idea behind this premise is that organizations need to find new ways to respond to sophisticated security incidents in light of an increasingly complex threat landscape by sharing insights. This is essential for continuing to innovate and creating opportunities for business improvement.

Black Hat USA

Black Hat USA 2015 is being held from Aug. 1 to Aug. 6 in Las Vegas. In 2014, there were more than 9,000 attendees and nearly 150 sponsors. The conference is not for the fainthearted: It is renowned for the security limitations and vulnerabilities that are exposed, and it even highlights the lax security practices of its attendees. Previous conferences have exposed how many things can be hacked, from enterprise security systems to smartphones, ATMs and even insulin pumps. A core focus in 2014 was around the security of the Internet of Things (IoT), encompassing all manners of devices from medical equipment and devices to power systems such as home automation, smart cities and transport systems. This year’s conference promises to be just as insightful.

Gartner Symposium and ITxpo

Perhaps the most general event of these recommended security conferences is the Gartner Symposium and ITxpo 2015, which will be held from Oct. 4 to Oct. 8 in Orlando. This event brings together executives from the IT industry and features a number of themed tracks. Of most interest to security professionals will be the security and risk management track, which presents new opportunities for challenging traditional security models to counter the risks that accompany the growth of digital business and rapid innovation. Among the themes within this track are security and risk management responses to the challenges posed by digital business, the need for more trusted identities and the security challenges of the IoT.

Security conferences provide an ideal venue for information sharing, networking with peers and learning about the latest technological innovations affecting the security market.

More from Intelligence & Analytics

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…