The withdrawal of the US Cybersecurity and Infrastructure Security Agency (CISA), FBI, and National Security Agency from RSA Conference 2026 represents a significant disruption to a three-decade partnership between federal government and the cybersecurity industry. The three agencies cancelled all scheduled speakers and sessions just eight days after Jen Easterly, former CISA director under the Biden administration, was appointed CEO of the conference.
The timing raises uncomfortable questions about institutional independence. The names of CISA, FBI, and NSA officials disappeared from the schedule for RSAC eight days after the conference's eponymous organiser named Jen Easterly, CISA's director from 2021 to 2025, as its chief executive. CISA framed the decision in bureaucratic terms, citing "good stewardship of taxpayer dollars." But the immediate coincidence between Easterly's appointment and the agencies' withdrawal suggests a more calculated motivation.
What was lost in that withdrawal deserves scrutiny. Sessions included a session on the Hunt for China's Typhoons, billed as a behind-the-scenes look at the FBI, NSA, and private industry's joint operations to disrupt Beijing's espionage campaigns targeting US critical infrastructure; an FBI cyber warfare talk; and a seven-agent panel on how to engage with the FBI and develop an incident response plan. The practical intelligence these panels would have shared is now unavailable to the 40,000-plus security professionals gathered in San Francisco.
The federal government has maintained an active presence at RSA for decades. Federal agencies have maintained a consistent presence at RSA Conference for more than three decades, using the platform to announce policy initiatives, recruit talent, and gather intelligence on emerging threats. The Department of Homeland Security, CISA's parent agency, has historically deployed dozens of personnel to the event, staffing exhibition booths, participating in panel discussions, and conducting closed-door meetings with industry leaders. This year's decision to entirely forgo participation marks a first since CISA's inception in 2018.
From a strategic perspective, the implications reach beyond wounded professional relationships. CISA, the FBI and the NSA were absent from RSA Conference 2026 as the cybersecurity industry's flagship gathering opened in San Francisco, a withdrawal that industry observers said signals a troubling retreat from the kind of operational coordination the federal government has long championed. These are precisely the categories where federal law enforcement and intelligence agencies have investigative visibility that private-sector defenders lack.
Easterly herself has adopted a diplomatic posture. She said, adding that RSAC, and cybersecurity as a whole, is nonpartisan and non-political. Speaking at the conference, she expressed hope that in the coming years CISA would have "the talent, the resources, the budget, the capability, and capacity to help defend global cyberspace and help defend the critical infrastructure Americans rely on every hour, every day. But until that happens, we're standing in."
The broader question concerns institutional health. The cybersecurity community will be watching closely to see whether CISA's absence affects the quality of public-private collaboration, the timeliness of threat information sharing, or the agency's ability to influence industry practices. If the experiment proves successful, other agencies may adopt similar strategies, potentially transforming the role of industry conferences in cybersecurity policy and practice. Conversely, if significant gaps emerge in coordination or communication, the agency may need to reconsider its approach to industry engagement and restore its traditional conference participation in future years.
The challenge here is neither trivial nor merely political optics. With artificial intelligence-driven cyber threats skyrocketing and geopolitical tensions fuelling intensified nation-state hacking campaigns, the urgency for synchronised public-private defense strategies has reached an all-time high. The decision to withdraw federal expertise from the industry's largest gathering, whatever its stated rationale, represents a retreat from operational necessity at a moment when such coordination matters most.