By rssfeeds-admin 
It didn’t take much to tear it asunder.
At RSAC 2026 this week, that decade of work is suddenly on the line — because RSAC named Jen Easterly, former CISA director under Biden, as its new CEO. In any other era, a perfectly mainstream hire. Not so with the Trump White House, which pulled federal agencies from the conference within days.
Alan Shimel of Security Boulevard called it a temper tantrum. He’s right.
But all is not lost. My read, having spent three days on this floor talking to the career practitioners who built this collaboration from both sides of the public-private divide, is that they are still at the table, still working, and not inclined to fold their tents over the geopolitical hysterics of the moment.
Here is what I witnessed in 2015 — and what is now hostage to politics.
Obama convened the first White House Summit on Cybersecurity and Consumer Protection at Stanford that February, drawing a who’s who of corporate executives alongside his cabinet. He signed an executive order calling for dramatic advances in the sharing of cyberattack intelligence — between companies, and between industry and the federal government.
“This has to be a shared mission,” Obama declared. “The only way to defend America is through government and industry working together, sharing appropriate information as true partners.”
It was a rallying cry, and the community answered it.
Building concensus
Over the following decade, career officials at CISA, NSA, and the FBI built the institutional scaffolding Obama called for. They staffed the Joint Cyber Defense Collaborative, stood up threat-sharing frameworks, and showed up year after year at events like RSAC to compare notes with the private sector defenders who actually run most of America’s critical infrastructure.
On the industry side, competitive vendors who normally guard their threat data like state secrets agreed to share it. Working groups ground through SBOM standards, secure-by-design principles, and the compliance infrastructure that any serious regulatory framework has to sit on — some of which the current administration has since quietly begun rolling back.
What just happened
The pullbacks have been steadily mounting. On Jan. 16, Nextgov/FCW reported that within hours of RSAC naming Easterly as CEO, officials in the White House Office of the National Cyber Director, the National Security Council, and CISA were already discussing plans to cancel attendance. Sources told the publication the discussions likely originated from the White House.
By late January it was done. CISA, the FBI, and NSA were all out. Sessions on disrupting China’s Typhoon campaigns — Beijing-backed intrusions targeting U.S. critical infrastructure — were gone. So was the FBI cyber warfare panel. So was a seven-agency session on incident response coordination.
The officials who got pulled were career practitioners — not political appointees. Chris Butera, the acting deputy head of CISA’s cyber division. Senior FBI Cyber Division officials. The head of the NSA’s Cybersecurity Collaboration Center. These are the people who build the playbooks and work the relationships that keep U.S. cyber defense functional. They didn’t choose to stand down. They were ordered to.
The stated justification from CISA — “good stewardship of taxpayer dollars” — did not survive contact with reality. CISA has attended this conference for years, using it to strengthen relationships with foreign allies, private sector defenders, and academic researchers who underpin serious cybersecurity work. The agency did not respond to follow-up questions asking why that calculus changed precisely eight days after Easterly was hired.
What the community is saying
Shimel’s Security Boulevard piece put the sharpest point on it. “I’ve been around this industry a long time,” he wrote. “Long enough to know when something smells off. Federal cyber agencies pulling out of RSAC because they don’t like who’s sitting in the CEO chair? That’s not leadership. That’s a temper tantrum.”
What vanished from this year’s program was not vendor pitches or marketing panels. It was behind-the-scenes threat intelligence exchange with allied government counterparts, the informal trust-building that supplements formal information-sharing channels, the kind of coordination that does not happen over email. As eSecurity Planet noted, federal presence at RSAC has served for more than a decade as a visible marker of the government’s commitment to working alongside private industry on shared threats — a signal the sector has come to rely on.
Easterley
Easterly herself, speaking to Axios before the conference opened, held her tone measured. “You have to be in the room to build that trust,” she said. “If you don’t have that trust, everything else falls apart.
The deeper undercurrent
The RSAC boycott isn’t happening in isolation. Sanjay Castelino, president of Skyhigh Security, had just returned from customer meetings across the EU and UK when we sat down here Tuesday. What he was hearing was unambiguous.
“The geopolitical climate today is such that when I speak to customers outside of the U.S., they say, ‘We appreciate that you have security architecture in the cloud and you run a global network. That’s wonderful. But we also want control of that — either on prem or within sovereign cloud architectures, where we have the guaranteed ability to control that architecture and therefore our defenses.’”
That shift, he told Last Watchdog, has spread well beyond regulated industries over just the past six to nine months.
American tech giants control more than 70 percent of Europe’s cloud infrastructure. Under the U.S. CLOUD Act, they can be compelled to hand over data stored anywhere in the world. Gartner projects global sovereign cloud spending will hit $80 billion in 2026, with Europe growing at 83 percent.
Europe has long been the more aggressive regulator of individual data privacy. The U.S. has trended the other way. That gap has always existed. Washington’s current behavior is giving European organizations concrete reasons to act on it faster than anyone anticipated.
Whether you call it retaliation or rational risk management, the direction is the same: away from dependency, toward control.
A skirmish, not a surrender
The career practitioners who built the public-private framework Obama set in motion in 2015 did not choose to leave this room. They were ordered away from it. There is a meaningful difference between those two things.
The people on the industry side who built the other half of that partnership — the SBOM working groups, the ISACs, the secure-by-design advocates, the standards bodies grinding through the technical scaffolding that compliance frameworks will eventually sit on — are still here. Still working. Still showing up.
The disruption is real. The gaps left by federal agencies absent from conversations that needed them are not trivial. The China Typhoon session that did not happen. The incident response coordination that did not get done. Those costs are real, even when invisible.
But the community that Obama put on a mission in 2015 has more institutional resilience than one administration’s pique can undo. The career people in the trenches on both sides of this public-private divide have too much invested, and too much at stake, to let the noise of the moment unravel eleven years of work. They know what they built. They know why it matters. And my strong sense, from three days in this building, is that they intend to keep building it.
Stay tuned. I’ll keep watch — and keep reporting.
Acohido
Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.
(Editor’s note: I used Claude and ChatGPT to assist with research compilation, source discovery, and early draft structuring. All interviews, analysis, fact-checking, and final writing are my own. I remain responsible for every claim and conclusion.)
The post MY TAKE: A decade of cyber collaboration, built under Obama, is now hostage to a political grudge first appeared on The Last Watchdog.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.