Security conferences are important venues for information sharing, where academics and practitioners share knowledge about new attacks and state-of-the-art defenses. Despite their importance, researchers have not systematically examined who shares information and which security topics are discussed. To address this gap, our paper characterizes the speakers, sponsors, and topics presented at prestigious academic and industry security conferences. We compile a longitudinal dataset containing 9,728 abstracts and 1,686 sponsors across four academic and six industry conferences. Our findings show limited information sharing between industry and academia. Conferences vary significantly in how equitably talks and authorship are distributed across individuals. The topics of academic and industry abstracts display consistent coverage of techniques within the MITRE ATT&CK framework. Top-tier academic conferences, as well as DEFCON and Black Hat, address the governance, response, and recovery functions of the NIST Cybersecurity Framework inconsistently. Commercial information security and insurance conferences (RSA, Gartner, Advisen and NetDiligence) more consistently cover the framework. Prevention and detection were the most common topics in the sample period, with no clear temporal trends.

翻译：安全会议是信息共享的重要平台，学术界与从业者在此分享新型攻击与前沿防御技术的知识。尽管其重要性不言而喻，研究人员尚未系统性地探究信息分享者身份及所讨论的安全议题。为填补这一空白，本文对顶尖学术与工业界安全会议的演讲者、赞助商及议题特征进行了系统性刻画。我们构建了一个纵向数据集，涵盖四个学术会议与六个行业会议的9,728篇摘要及1,686家赞助商。研究发现表明，工业界与学术界之间的信息共享存在明显局限。不同会议在演讲机会与作者身份的个体分布均衡性方面差异显著。学术与工业界摘要的议题在MITRE ATT&CK框架的技术层面呈现持续覆盖态势。顶级学术会议以及DEFCON和Black Hat对NIST网络安全框架中的治理、响应与恢复功能的关注度参差不齐，而商业信息安全与保险会议（RSA、Gartner、Advisen及NetDiligence）对该框架的覆盖更为全面。在样本时间范围内，预防与检测是最常见的议题，且未呈现明确的时序变化趋势。