At RSAC, the EU Leads While US Officials Are Sidelined

At RSAC, the EU Leads While US Officials Are Sidelined

March 25, 2026
4 Min Read

RSAC 2026 CONFERENCE – San Francisco – This year’s RSAC 2026 Conference witnessed a notable absence of US government officials from the FBI, CISA, and the NSA, paving the way for Europe's foremost cybersecurity officials to engage with the private sector. They addressed critical topics, including cybersecurity regulations, artificial intelligence, and the complex implications of the ongoing conflict in Iran.

Interestingly, the current US administration was a topic they chose to avoid.

This development marks a significant shift from prior events. In 2025, the then-DHS Secretary Kristi Noem attended to provide insights into the cybersecurity landscape expected from her department. The previous year saw both Secretary of State Antony Blinken and DHS Secretary Alejandro Mayorkas participating in the global cybersecurity meeting, alongside a range of policymakers, legislators, law enforcement, and industry regulators.

Reports indicate that the decision to withdraw US government officials from the RSAC lineup was influenced by the hiring of former CISA Director Jen Easterly. While this move may seem rooted in personal grievances, it unfolds during a critical period of widespread cybersecurity disruption. The ongoing conflict with Iran poses significant potential risks due to its expansive nation-state hacking initiatives.

Furthermore, with regulatory frameworks for artificial intelligence being developed, critical determinations are underway regarding future constraints on the technology. The emergence of quantum computing is also imminent, signaling further changes on the horizon.

Amid the absence of US officials, European leaders took center stage.

UK Calls on Vibe Coding Guardrails

Dr. Richard Horne, the chief executive of the UK's National Cyber Security Centre, delivered a keynote address advocating for the establishment of guardrails concerning vibe coding. He acknowledged the substantial potential of AI-generated code while urging cybersecurity professionals to embed security measures at the foundational level, stressing their role in ensuring these tools contribute positively to overall security.

Horne articulated that the affordability and rapid adoption of vibe coding necessitate the urgent implementation of security standards. "The attractions of vibe coding are clear, but not without risks. The AI tools we utilize for code development need to be designed and trained from the onset to mitigate any vulnerabilities," he stated.

EU Outreach to US Private Sector

EU regulators were present to engage in discussions regarding the forthcoming EU Cybersecurity Resilience Act, scheduled to come into effect in December 2027. Key figures such as Despina Spanou and Christiane Kirketerp de Viron were on hand to clarify new regulations and respond to queries from the private sector.

Spanou addressed the pushback encountered during the implementation of GDPR, asserting that the anticipated disastrous outcomes did not materialize. She emphasized that modern cybersecurity strategies should extend beyond the safeguarding of data systems to encompass the protection of assets such as drones as integral components of a comprehensive defense strategy.

Edvardas Šileris of the European Cybercrime Centre (EC3) at Europol underscored the organization’s active capabilities in countering threat actors and emphasized the necessity for enhanced collaboration with the private sector.