Every day, the news is dominated by security breaches that affect global corporations, governments, institutions and millions of ordinary people. The legions of security professionals that are fighting to stay one step ahead of these evolving threats need more than just access to their peers, thought leaders, experts, and the latest solutions. They need a break and some camaraderie.
That's where InfoSec networking groups come in. Whether you're looking for insights on overcoming common GDPR compliance challenges, combating a rise in phishing scams plaguing your organization, or effectively communicating with the board of directors about security, odds are a few of your peers are dealing with (or have successfully dealt with) similar concerns. Like information security conferences, networking groups provide an easy way to get to know, learn from, and collaborate with your fellow information security professionals. Active participation in networking groups allows InfoSec pros to stay ahead of the curve and even discover the latest threat trends before they impact their organizations, allowing them to better prepare their companies for the future.
To help you find the best networking groups to join, we've rounded up this list of 50 of the most valuable, informative, and active InfoSec networking groups around. The following 50 InfoSec networking groups, organizations, and meetups represent a cross-section of opportunities that range from the local to the global and are geared to everyone from students to seasoned InfoSec professionals and IT leaders and engineers. We look at what they have to offer and some of the reasons why you should consider joining.
Professional Associations & Groups
1. AEHIS (Association for Executives in Healthcare Information Security)
@AEHISecurity
The Association for Executives in Healthcare Information Security caters to CIOs and other senior healthcare IT leaders. The AEHIS Live event provides security insights focused on healthcare systems/devices and policy developments around patient privacy, telehealth, cyber threat management. With numerous speakers and educational opportunities for security experts in healthcare, the organization provides CISOs with sessions on regulatory health data security changes affecting CMS and ONC interoperability rules and provider implications.
2. AISP (Association of Information Security Professionals)
This organization focuses on the interests of information security professionals in Singapore. They regularly bring together leading technical and business information security professionals to share insights on recent cybersecurity research and methodologies in pen testing, incident response, and similar areas. A deep roster of training, education and certification opportunities for everyone from security novices to experts is at the heart of the organization. The AISP cybersecurity career track offerings also include robust mentoring, education, networking and support framework geared to women in the professional cybersecurity space.
3. CSA (Cloud Security Alliance)
@cloudsa
The Cloud Security Alliance focuses on establishing and promoting best practices in cloud security across its 90,000 members, 80 chapters and 400 corporate members. It primarily accomplishes this by providing its corporate and individual members with an extensive source of leading cloud security-specific research, education, certifications, events, and products. The organization boasts an extensive network across all sectors and offers its members extensive education and certification programs as well as consulting programs that offer qualified professional services based on CSA best practices.
4. Cyber, Space, & Intelligence Association
This association seeks to bring together thought leaders in Government and Industry to discuss and share information on cyberspace and Intelligence challenges and opportunities. They self-identify as a 'small, niche' trade association, but includes quite a few members plugged into the latest knowledge and efforts around cybersecurity affecting and coming from the Department of Defense, the Intelligence Community, Congress, and Industry.
5. Executive Women's Forum (EWF)
@ewfusa
EWF is focused on providing women in the InfoSec profession with an educational networking and thought leadership forum aimed at increasing participation of women professionals in the information security, risk management and privacy industries. As the largest organization serving women in InfoSec, they also focus on mentoring programs for women new to security as well as leadership tracks for more senior professionals. The organization's more than 6,000 female security professionals representing nearly every Fortune 100 company have access to everything from national conferences to symposiums, webinars, and a host of other regional and local events.
6. Forum of Incident Response and Security Teams (FIRST)
@FIRSTdotOrg
This organization focuses on incident response effectiveness among its members, comprised of computer security incident response teams from government, educational, and commercial organizations. FIRST members have access to peer-reviewed best practice documentation, hands-on classes, incident response conferences, and special interest groups among more than 400 members, spread across Africa, the Americas, Asia, Europe, and Oceania.
In addition to thought leader and expert discussion forums, members have access to a variety of technical tools and collaboration channels to better respond to security incidents. The organization has hundreds of events across the world each year where they share information about the latest tools, incidents, vulnerabilities, and other concerns that affect incident response and security teams.
7. (ISC)2 - International Information Systems Security Certification Consortium
@ISC2
Often cited as the gold standard of certification bodies in the InfoSec community, (ISC)2 is positioned as a global leader in cyber and IT security certifications and training. The organization has more than 140,000 certified members working in all aspects of cyber, information, software, IT and infrastructure security. There are many offerings in addition to its core function of providing education, training, certification, and professional development opportunities. These include a broad list of resources, educational tools, networking opportunities, conferences and event discounts for members.
8. Information Security and Forensics Society (ISFS)
ISFS advocates best practices for InfoSec professionals focused on Information Security and Computer Forensics in Hong Kong and the surrounding region. The organization provides an internationally recognized training and accreditation program for information security and forensics professionals. This includes extensive training courses and seminars for professionals seeking to specialize in crime lab analysis, forensic engineering, and crime scene examinations.
9. Information Security Forum (ISF)
@securityforum
The Information Security Forum (ISF) is focused on best practice development for "investigating, clarifying, and resolving key issues in information security and risk management." ISF boasts many of the world's leading organizations featured on the Fortune 500 and Forbes 2000 lists. Members have access to in-depth knowledge and practical information sharing through a comprehensive library of reports offering practical guidance and solutions for common information risk challenges. ISF also provides a comprehensive program of workshops, meetings, and forums across the world to address regional and international issues.
10. Information Security Research Association (ISRA)
@I_S_R_A
ISRA is a leading security research organization providing the latest security awareness insights and information through seminars, conferences, and other events. It also provides a networking platform for professionals from corporate and government organizations, including investigation agencies, research organizations and academia, and other industry leaders. Members have unlimited access to a bunch of powerful and free open-source tools for penetration testing, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more.
11. International Association for Cryptologic Research (IACR)
@IACR_News
This scientific organization is focused on the furthering of research in cryptology and related fields among its members via three main annual international conferences in cryptology. The IACR also organizes four annual specialist conferences in various areas of cryptology as well as dozens of smaller events related to research in cryptology.
12. International Association of Privacy Professionals (IAPP)
@PrivacyPros
With more than 50,000 members to date, the IAPP is among the largest and most comprehensive global information privacy community and resource centers for data privacy professionals. In addition to conferences and events staged around the globe, members have access to a wealth of education, sharing, training, certification, and other resources as well as access to an extensive array of benefits.
13. International Association of Security Awareness Professionals (IASAP)
@IASAPgroup
IASAP is a corporate membership association dedicated to best practice education for its member companies regarding infrastructure and system security across the enterprise. With more than 46 member companies representing more than 34 industries, its member participants are responsible for day-to-day management of their awareness program. The organization provides NDA-covered information to its members.
In addition, they provide annual summits, webinars, conference calls and more filled with information. This is all geared to helping them "leverage the security awareness, training and educational programs of dozens of other like-minded companies for appropriate mutual benefit." In addition to attending some of the more prominent cybersecurity events across the country, it also holds several regional in-person events for its members.
14. Internet Security Alliance (ISA)
@ISAlliance
Founded by Carnegie Mellon University and others, ISA creates leading books, papers, and programs that guide cybersecurity practices across sectors. The members of this organization help define the intersection of advanced technology in cybersecurity, its economic impact, and the complex changes in public policy that it fosters. As a non-profit, vendor-neutral body, its membership provides access to cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press. Members range from corporate Fortune Global 500 critical infrastructure owners to full member companies that take a less active role to associate members.
The three membership tiers have access to a wide variety of voting, project group access, and educational opportunities affecting cybersecurity across the corporate landscape. Member organizations run the gamut from defense, insurance, financial sector, healthcare, power utilities, telecom, information technology, education, agriculture, and manufacturing.
As an advocacy-oriented group, ISA is involved in legislative, policy, public/private partnerships and much more.
15. ISACA
@ISACANews
Formerly known as the Information Systems Audit and Control Association, ISACA engages in the "development, adoption, and use of globally accepted, industry-leading knowledge and practices" for IT system governance. They provide practical guidance, benchmarks, and other effective tools for all enterprises that use information systems. In addition to well-respected certifications in the COBIT framework with CISA, CISM, CGEIT, and CRISC, the organization focuses on defining the roles of information systems governance, security, audit, and assurance for its worldwide membership.
16. ISSA International
@ISSAINTL
The Information Security Systems Association (ISSA International) is a network of 10,000 information security professionals and practitioners that support the management of technology risk and protecting critical information and infrastructure. They provide their members with chapter meetings, ISSA Web Conferences, educational forums, publications, and peer interaction opportunities. All of this is focused on enhancing the knowledge, skill, and professional growth of its members. A primary example is their Cyber Security Career Lifecycle (CSCL) approach to providing career development and certifications support to its members. In addition, the organization caters to executives in the InfoSec sector through its CISO Executive Forum, which is a peer-to-peer event.
17. National Council of ISACs
@NCI_ISACs
The national council of Information Sharing and Analysis Centers (ISACs) provides operational services for risk mitigation, incident response, and information sharing intended to protect critical infrastructures. ISACs collect, analyze, and disseminate actionable threat information to their members and provide them with tools to mitigate risks and enhance resiliency. The organization holds several cyber intelligence workshops across the country throughout the year that focus on cybersecurity and infrastructure protection best practices. Most ISACs have 24/7 threat warning and incident reporting capabilities and may also set the threat level for their sectors.
18. The Open Web Application Security Project (OWASP)
@owasp
OWASP boasts more than 46,000 participants, more than 65 organizational supporters, and even more academic supporters. This vendor-neutral organization is focused on improving the security of software by providing impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. The organization also provides software tools and knowledge-based documentation on application security as well as disseminates information and networking opportunities via global, regional and local AppSec events for its members across all sectors.
19. SANS Institute
@SANSInstitute
The SANS Institute is a for-profit company that stands as the largest source for information security training and security certification in the world. This bears out with programs reaching more than 165,000 security professionals. Members share security lessons and solutions among its many security practitioners in varied global organizations from corporations to universities via the most extensive collection of research documents about various aspects of information security. The SANS certification offerings are designed to help InfoSec professionals "master the practical steps necessary for defending systems and networks against the most dangerous threats." In addition to the training events across the country, the organization holds an annual national conference as well as a series of summits across the country throughout the year.
20. The Credit Union Information Security Professionals Association (CUISPA)
The industry's leading organization for peer-to-peer, IT security and risk management knowledge-sharing, the Credit Union Information Security Professionals Association is a worthy networking group for any credit union security professional. The CUISPA also holds an annual summit, which has become one of the foremost information security conferences for credit union information security professionals. The CUISPA Summit provides CU technologists with opportunities to share information, learn, and discuss industry challenges with peers and industry thought leaders.
LinkedIn Groups
21. Banking IT Security Professionals (BISP)
This is a networking group for IT Security professionals working for banks and financial institutions where members can share experiences, skills, solutions and other around banking IT security. While this is one of more than a hundred cybersecurity and InfoSec groups on LinkedIn, many of the others are targeted to much broader InfoSec areas or are offshoots of many of the organizations on this list.
22. Business Continuity, Information Security Assurance and Compliance Management
With current membership hovering around 5,000, this group caters to professionals in information security, compliance management, and information security. The objective is to provide security professionals with a common platform to interact and share opportunities and sell their services to the group.
23. Certified Information Systems Security Professional (CISSP)
This LinkedIn group has nearly 14,000 Certified Information System Security Professional members and is the first to hold ANSI ISO accredited credentialing in the field of information security.
24. Chief Information Security Officer (CISO)
This LinkedIn networking group is designed for a diverse group of Information security professionals ranging from CISO, Senior IT security, operations, assurance, and systems professionals to security managers, assurance officers, risk officers, and various cybersecurity consultants. The group discusses and shares knowledge and information surrounding all infrastructure, cloud, and IT systems as they relate to security.
25. CISO Cyber Security Information Group (CSIG) - Information Security for Managers
With more than 18,000 members, CSIG is geared to sharing and discussing issues affecting its large global network of professionals ranging from security managers to CISOs. Members share their knowledge and experience in information security as well as provide and get support across the growing community regarding all aspects of InfoSec.
26. Computer Security Institute
Computer Security Institute is made up of Information Security Professionals that represent the entire spectrum of InfoSec. The group exists for its member to share the latest news and challenges within InfoSec across sectors. This includes updates and information about upcoming and past educational events, security surveys and awareness tools.
27. Cyber Intelligence Network
The Cyber Intelligence Network discusses the latest trends and challenges in open source intelligence through the sharing of information between its group member professionals involved in corporate security, information security, and the intelligence community. The topics cover a broad range across InfoSec including the utilization of open source data to protect physical assets and individuals, compromised sensitive data identification, malware, phishing, identity theft, and related subject matter. The group provides an ideal networking opportunity for its professional members to discuss and share new business, education and certification opportunities.
28. Cyber Security Forum Initiative (CSFI)
This LinkedIn group has more than 100,000 members and focuses on cyber warfare awareness, guidance, and security solutions across all sectors. The goal is to assist group members through collaboration, education, volunteer work, and training to assist the US government, US military, commercial interests, and international partners.
29. Cyber Security in Real-Time Systems
This group's nearly 11,000 professional security consultant members share their professional insights surrounding real-time security threats. These consultants have worked with countless organizations across numerous sectors where incident resolution, penetration testing and risk management have required deep sector knowledge as well as experience in complex threat detection and avoidance scenarios and systems.
This group focuses on cybersecurity, threats, vulnerabilities, risks, and countermeasures in commercial and government sectors. Their broad discussions on issues and solutions range from the device level to complex IT systems, the cloud and beyond. This includes sector challenges with the security of systems like health information systems, finance, defense systems that manage weapons, and much more.
31. CyberSecurity Law, Policy, and Technology
This group's more than 10,000 members discuss security in an open, collaborative forum for security professionals working with U.S. federal, state, local, and tribal government. This also includes those working with foreign government, international and non-government organizations, military, and private industry cybersecurity stakeholders of all disciplines. The group members discuss emerging threats and solutions, risk management, preventive measures, countermeasures, emergency response, recovery plans, resources, conferences, training, and education opportunities.
32. Financial Crime Risk, Fraud and Security
This group is for international senior management professionals involved in financial crime risk management, fraud, AML, due diligence, audit and compliance, IT/IS corporate cyber eCrime security investigation, prevention, and detection. It also includes group members focused on fin tech, law enforcement/police investigators with specialist interest in financial services. Discussions are focused on financial crime related subjects such as fraud, security, anti-money laundering, audit, and compliance.
33. Information Security Agency
The Information Security Agency group caters to professional Information Security Engineers working in the computer and network security field. While the general forum doesn't allow posting of promotional material such as press releases or other announcements such as member blog info and news articles, they do allow and encourage job postings if they meet the posting guidelines.
34. Information Security Community
With nearly a half million group members this is one of the largest Information security communities on LinkedIn made up of cybersecurity professionals in the industry. As an offshoot of the popular Cybersecurity Insiders Online publication, this group's discussion mandate is very broad and includes insights suggestions and knowledge sharing about purchasing, selling, designing, and deploying/using security systems, programs, and solutions. The topics broadly cover areas such as compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.
35. Information Systems Security Association (ISSA) Discussion Forum
As an offshoot LinkedIn group to the Information Systems Security Association (ISSA), this LinkedIn forum group welcomes ISSA members and non-members that are professionals working in the InfoSec field.
36. Information Technology Audit and Governance Group (ITAGG)
This is LinkedIn's largest group focused on all things related to all areas of IT audit and governance. This broadly covers things like information technology audit, compliance, quality assurance, business continuity, disaster recovery, IT governance, fraud, risk, and forensics. The areas of information center on regulatory compliance as it pertains to InfoSec across finance, health, and a score of other industries with specific data governance and audit needs. In addition to professionals from this sector sharing knowledge, insights, and support, the forum also provides a career and job board along with other networking opportunities.
37. Infosecurity magazine - information security community
As a forum offshoot of its namesake The Infosecurity Magazine, this group community discusses strategies and technologies for information security that focuses on business outcomes and technical information for IT.
Meetups & In-Person Networking Events
This event focuses on Boston security professionals sharing and networking around the issues and advances in cyber risk, cybersecurity, cyber compliance and cyber privacy. The monthly meetings delve into security techniques, processes, and much more. Each event features presentations from security experts along with food and refreshments in a relaxed and collaborative environment. The goal is for InfoSec professionals from across the Boston area to advance their knowledge of Security practices and meet professionals in this field.
39. BSides Community Security Conferences
This community-driven events framework focuses on the creation of events in cities across the country and the globe for and by its information security community members. This ranges from security engineers to thought leaders and executive decision makers. These events cover a wide range of topics around InfoSec spanning security aspects of applications, automation, IAM, and containerization to networking, cloud, and beyond. The events are collaborative and sharing in nature with an emphasis on discussing the next big thing in InfoSec.
The Chicago Security Meetup events are often offshoots of Bsides Chicago events where a wide range of InfoSec professionals meet informally for networking, sharing, and comradery with peers. These events feature speakers, presentations and discussions around security for networks, risk governance and compliance, cloud security and applications security, ethical hacking, and much more.
41. Just Another Security Meetup, OWASP & Ethical Hacking Topics
This meetup brings together Phoenix area Security and IT professionals with businesses, students, developers, and security enthusiasts to discuss the latest news, trends, tools, and techniques around InfoSec and cybersecurity. The monthly meetings feature different speakers on a variety of topics with two of the year's meetings being Open Web Application Security Project (OWASP) meetings.
42. Cyber Security & Threat Intelligence
This Palo Alto-based meetup brings together security professionals ranging from security heads, SOC analysts, forensics experts, and incident response professionals to heads of enterprise security, CISOs, and CIOs. Bay Area security professionals discuss cybersecurity trends, methodologies for persistent and sophisticated threat detection, machine learning and behavioral mthods for threat detection and prevention, and how to architect a security PaaS (platform as a service), among other topics.
43. NY Information Security Meetup (NYIS)
The NY Information Security Meetup (NYIS) boasts more than 4,000 members, making it the largest gathering of its kind. Professionals from the New York metropolitan region and beyond come together to cover the latest developments in the information security field. The group covers a range of topics, from enterprise cybersecurity to mobile computing, network and endpoint security, and more. Meetings typically include a featured speaker, allowing attendees to learn from industry experts, as well as demonstrations from vendors, panel discussions, and hands-on workshops.
44. OWASP Atlanta
This is another offshoot of the BSides Atlanta meetup events that focuses on members and issues surrounding the Atlanta based group for the global Open Web Application Security Project (OWASP). The meetup events feature presenters discussing current web-based threats affecting traditional and non-traditional web environments and related threats.
This is the Toronto Chapter for OWASP, bringing Toronto-area professionals together to discuss the latest information security trends and challenges. OWASP's mission is "to make software security visible so that individuals and organizations worldwide can make informed decisions about true software security risks."
46. White Hat Academy
This Washington D.C. meetup of security professionals and features cybersecurity workshops, classes and events for all skills levels from beginner to professional. Attendees learn, discuss and share the latest approaches to defending attack surfaces ranging from web apps and databases to hardware and wetware.
47. Houston InfoSec
This meetup is strictly a relaxed and fun get together for security professionals working in the Houston area. As such, there are no speakers, vendors or formal discussions, but they often meet at local watering holes where they can talk about security and beyond while enjoying refreshments.
48. Denver OWASP
This meetup is specifically for Denver OWASP members and other security professionals. The monthly events feature keynote speakers, presentations and lively discussions in informal settings surrounding the latest news, solutions, and challenges to InfoSec.
These monthly Herndon VA meetups are for security and IT professionals to network and discuss the latest trends in security. The events are open to anyone with a computer networking and IT background and feature technical training sessions and discussions around subjects ranging from penetration testing, incident response and forensic investigation, to network defense, malware analysis and more.
50. Cybersecurity Innovation Forum at George Mason University
These Cybersecurity Innovation Forum meetups take place on the George Mason University campus and are open to everyone from students to security professionals and leaders. Events include 15-minute case study presentations led by cybersecurity thought leaders and technology innovators, followed by Q&A sessions and panel discussions. Sponsored by George Mason University's School of Business, the Volgenau School of Engineering, and Accenture, meetings and presentations focus on cybersecurity innovation, technology, metrics, and lessons learned.
