Who Shares What? An Empirical Analysis of Security Conference Content Across Academia and Industry

TL;DR

This study provides a comprehensive empirical analysis of security conference content, revealing disparities in information sharing between academia and industry, and highlighting topic coverage and conference differences.

Contribution

It systematically characterizes conference speakers, sponsors, and topics, filling a gap in understanding security knowledge dissemination across sectors.

Findings

Limited information sharing between industry and academia.

Significant variation in talk and authorship distribution.

Consistent coverage of MITRE ATT&CK framework topics.

Abstract

Security conferences are important venues for information sharing, where academics and practitioners share knowledge about new attacks and state-of-the-art defenses. Despite their importance, researchers have not systematically examined who shares information and which security topics are discussed. To address this gap, our paper characterizes the speakers, sponsors, and topics presented at prestigious academic and industry security conferences. We compile a longitudinal dataset containing 9,728 abstracts and 1,686 sponsors across four academic and six industry conferences. Our findings show limited information sharing between industry and academia. Conferences vary significantly in how equitably talks and authorship are distributed across individuals. The topics of academic and industry abstracts display consistent coverage of techniques within the MITRE ATT&CK framework. Top-tier academic conferences, as well as DEFCON and Black Hat, address the governance, response, and recovery functions of the NIST Cybersecurity Framework inconsistently. Commercial information security and insurance conferences (RSA, Gartner, Advisen and NetDiligence) more consistently cover the framework. Prevention and detection were the most common topics in the sample period, with no clear temporal trends.