This week’s RSAC Convention drew 40,000-plus attendees to San Francisco, however what many observed was who wasn’t there.
The annual convention, which pulls collectively cybersecurity professionals from throughout the globe, didn’t characteristic leaders from the U.S. authorities. Audio system from CISA, the FBI and different federal companies dropped out of the convention a couple of week after RSAC named former CISA Director Jen Easterly its subsequent chief government.
U.S. management has lengthy been thought-about important in particular areas of cybersecurity, notably with the Frequent Vulnerabilities and Exposures (CVE) program. Run by the nonprofit Mitre Corp. beneath the authority of CISA, the CVE program performs a foundational position in cybersecurity. Safety groups world wide depend on the systematic monitoring of vulnerabilities. If that program is additional strained, specialists fear that cyberdefenders will know much less in regards to the threats they face. Efficient patch administration practices, as an example, depend on data from the CVE system, particularly its assessments of which vulnerabilities require pressing motion and which don’t.
It didn’t go unnoticed that federal safety professionals and leaders have been lacking at RSAC. It was mentioned in conversations across the convention websites, leaving some folks to surprise if the literal absence is perhaps a symbolic cue in regards to the position the U.S. intends to play in cybersecurity beneath the Trump administration.
U.S. sits this one out, and Europe steps in
With U.S. authorities officers notably absent from RSAC 2026, European cybersecurity leaders stepped in to handle essential points resembling AI regulation, cybersecurity requirements and the continuing warfare in Iran.
U.Ok. Nationwide Cyber Safety Centre Chief Government Dr. Richard Horne emphasised the necessity for safety in AI-generated vibe coding, whereas E.U. officers mentioned the upcoming Cybersecurity Resilience Act and the significance of securing the expertise provide chain. Regardless of strained U.S.-EU relations, European leaders referred to as for collaboration with the personal sector to sort out international cybersecurity challenges.
Learn the total article by Becky Bracken on Darkish Studying.
Convention audio system apprehensive about viability of CVE Program
The CVE Program, a cornerstone of worldwide cybersecurity, faces essential challenges that threaten its relevance and stability. In an RSAC panel, Katie Noble, a CVE Program board member, highlighted issues about outdated instruments, funding reliance from the U.S. authorities and the surge of AI-generated vulnerability experiences, which pressure this system’s capability and high quality management.
A near-funding lapse in 2025 uncovered vulnerabilities in this system’s dependence on federal assist, prompting discussions on diversifying funding and decreasing reliance on U.S. oversight. In the meantime, new worldwide CVE methods have emerged, elevating fears of fragmentation.
Learn the total article by Eric Geller on Cybersecurity Dive.
Congress pushes White Home for readability on cyber technique
At RSAC 2026, congressional staffers from each events expressed issues in regards to the Trump administration’s cybersecurity technique, significantly its lack of detailed company tasks and coverage targets.
Democrats criticized the technique as obscure, whereas Republicans anticipated government orders to increase its implementation. The continuing warfare with Iran has heightened cybersecurity dangers for essential infrastructure, with lawmakers questioning CISA’s readiness amid staffing cuts. Democrats proposed laws to evaluate CISA’s capabilities and reform its Joint Cyber Protection Collaborative for extra trusted data sharing. Moreover, they goal to stabilize and modernize the CVE program, addressing funding points and adapting to AI-driven vulnerability reporting challenges.
Learn the total article by Eric Geller on Cybersecurity Dive.
Editor’s word: An editor used AI instruments to help within the era of this information temporary. Our knowledgeable editors at all times evaluation and edit content material earlier than publishing.
Phil Sweeney is an business editor and author centered on cybersecurity matters.
