Trump Administration Orders Federal Agencies to Boycott RSA Conference After Biden-Era Cybersecurity Chief Named CEO

Security Careers

Security Careers

10 min read
Trump Administration Orders Federal Agencies to Boycott RSA Conference After Biden-Era Cybersecurity Chief Named CEO

Political tensions reach new heights as one of cybersecurity's most important gatherings becomes collateral damage in ongoing partisan battles

In a move that threatens to fracture one of the cybersecurity industry's most critical platforms for public-private collaboration, the Trump administration has directed federal personnel from multiple agencies to boycott the RSA Conference (RSAC) following the appointment of Jen Easterly as CEO.

The directive, issued within hours of RSAC's Thursday announcement naming Easterly to lead the organization, affects personnel from the FBI, the White House Office of the National Cyber Director, and potentially other federal agencies. Sources familiar with the matter indicate that by Thursday evening, officials were being told not to attend the March 23-26 conference in San Francisco.

NSA and Cyber Command Nominee Faces Senate Scrutiny Over Technical Experience
Lt. Gen. Joshua Rudd defends unconventional background as concerns mount over critical cybersecurity leadership vacuum The Trump administration’s nominee to lead two of America’s most critical cybersecurity organizations faced pointed questions Thursday about his lack of traditional digital warfare credentials, highlighting ongoing tensions over how to select leaders for rapidly
Security Careers HelpSecurity Careers

A Career Cybersecurity Professional Caught in Political Crossfire

Jen Easterly's credentials are beyond dispute. A West Point graduate and decorated U.S. Army veteran, she brings over 30 years of experience spanning the National Security Agency, where she helped establish U.S. Cyber Command, nearly five years leading global cybersecurity at Morgan Stanley, and most recently, serving as Director of the Cybersecurity and Infrastructure Security Agency (CISA) from 2021 until the end of the Biden administration in early 2025.

During her tenure at CISA, Easterly was broadly respected across party lines by cybersecurity professionals. She championed the "Secure by Design" initiative, pushing technology manufacturers to build security into products from inception rather than as an afterthought. She advocated for increased diversity in cybersecurity, setting a goal of 50% women in the field by 2030. Under her leadership, CISA also strengthened programs like vulnerability disclosure frameworks that help organizations work with security researchers to identify and fix vulnerabilities.

Yet despite her nonpartisan approach to cybersecurity, Easterly has repeatedly found herself targeted by the Trump administration. The West Point incident in July 2025 exemplifies this pattern of political retaliation.

West Point—Easterly's alma mater—announced on Tuesday, July 29, that she would serve as the new Robert F. McDermott Distinguished Chair in the Department of Social Sciences. The announcements on X and LinkedIn were quickly noticed by far-right activist Laura Loomer, who tagged Defense Secretary Pete Hegseth, calling Easterly a "Biden holdover who worked to silence Trump supporters under Biden." She added, "Looks like some of your underlings are trying to screw you."

By Wednesday, Army Secretary Dan Driscoll posted a memorandum on X ordering West Point to terminate its "gratuitous service agreement" with Easterly, pause outside groups from selecting Academy employees, and conduct "an immediate top-down review" of West Point's hiring practices. Loomer responded with a clapping emoji. Pentagon spokesman Sean Parnell declared, "We're not turning cadets into censorship activists. We're turning them into warriors & leaders."

In response, Easterly wrote on LinkedIn that the rescinding of her job offer was "a casualty of casually manufactured outrage that drowned out the quiet labor of truth and the steady pulse of integrity." She added, "The Warrior Ethos was forged into me long ago, and it does not waver now."

The incident was part of a broader pattern of Pentagon political leadership dictating staffing and curriculum at military academies. A tenured West Point philosophy professor resigned in May after 13 years, citing in a New York Times op-ed that the school was "suddenly eliminating courses, modifying syllabuses and censoring arguments to comport with the ideological tastes of the Trump administration." Defense Secretary Hegseth responded by posting "You will not be missed Professor Parsons" and the DoD's rapid response account called him "woke."

Shortly thereafter, the Pentagon ordered all military academies to identify and remove books dealing with race, gender ideology, and other "divisive concepts" now considered "incompatible with the department's core mission." The Naval Academy removed nearly 400 books and canceled a lecture by author Ryan Holiday after he refused to remove slides criticizing the book removals.

The Censorship Allegations That Won't Die

The hostility toward Easterly centers primarily on Republican accusations that CISA engaged in "censorship" of conservative voices online during her tenure. These allegations, which CISA leadership has vehemently denied and which lack supporting evidence, stem from the agency's election security work.

The controversy dates back to the 2020 election, when CISA's founding director Christopher Krebs publicly stated that the election was secure and rejected false claims of widespread fraud. Trump fired Krebs via Twitter, setting off years of Republican attacks on the agency.

Under Easterly's leadership, CISA did coordinate with state and local election officials who would then flag election misinformation to social media platforms. However, the agency included disclaimers that it would not take favorable or unfavorable action toward companies based on their response. By mid-2022, Easterly had discontinued even this limited coordination.

In a September 2023 podcast with Kara Swisher, Easterly explained her decision: "I need to ensure we are able to do our core mission, to reduce risk to critical infrastructure. And at this point in time, I do not think the risk of us dealing with social media platforms is worth any benefit, quite frankly."

A 2024 Supreme Court decision found that CISA's work with social media companies did not constitute government suppression of free speech. Former CISA executive director Brandon Wales testified that the agency spent less than $2 million on disinformation work—out of a $3 billion budget, representing just 1.5% of CISA's operations.

Despite these facts, House Republicans released reports accusing CISA of weaponization and collusion with Big Tech. The incoming Trump administration has made gutting CISA's election security and disinformation efforts a priority, with Homeland Security Secretary Kristi Noem vowing to return the agency to its "core mission."

A Conference That Transcends Politics—Or Should

The RSA Conference has been the cybersecurity industry's premier gathering for 35 years. Expected to draw more than 40,000 attendees this March, RSAC features over 700 speakers, 450+ sessions, and 650+ exhibitors from leading experts in cybersecurity, AI, and technology.

Federal participation has always been a cornerstone of the conference. FBI cyber officials, CISA personnel, National Security Agency representatives, and other government cybersecurity professionals attend to network, share threat intelligence, promote federal cyber policy, and collaborate with private sector partners. The FBI's top cyber official was still listed as a speaker on the RSAC website as of Thursday.

As outlined in guidance for cybersecurity professionals staying competitive in the field, conferences like RSA, Black Hat, and DEF CON offer critical opportunities for learning from experts, participating in hands-on workshops, and networking with peers—opportunities that federal officials now face losing due to political decisions rather than operational needs.

This public-private collaboration isn't ceremonial—it's operational. The cybersecurity threats facing the United States, from Chinese state-sponsored hackers embedded in critical infrastructure to ransomware attacks on hospitals and municipalities, require seamless coordination between government defenders and private sector operators.

In her statement accepting the CEO role, Easterly emphasized this collaborative mission: "RSAC is not just a conference—it's the home of the global cybersecurity community. We're at a pivotal moment where cybersecurity and AI have become inseparable, and the world needs a trusted platform to bring together the people, ideas, and technologies that will shape the next decade."

She further stressed her nonpartisan approach in an interview with WIRED: "Cybersecurity is not a political endeavor, RSAC is certainly not a political organization, and I am not a political person. I am a lifelong independent."

The Costs of Politicization

The Trump administration's boycott order represents more than symbolic politics—it has real operational consequences for national security.

Federal personnel use RSAC to develop professional relationships with private sector counterparts who operate the vast majority of America's critical infrastructure. They share classified threat intelligence that helps companies defend against nation-state adversaries. They learn about emerging technologies and vulnerabilities that could impact government systems.

Prohibiting this participation degrades the very public-private partnerships that have become essential to U.S. cyber defense. It signals to international allies and adversaries alike that America's cybersecurity efforts are subject to partisan political calculations rather than strategic imperatives.

The timing is particularly troubling. The United States currently faces extensive Chinese espionage campaigns against telecommunications infrastructure, ongoing ransomware threats to healthcare systems and schools, and rapidly evolving AI-enabled attack techniques. These threats don't pause for political transitions or partisan disputes.

Election security experts have expressed alarm about the broader pattern. Kim Wyman, former Republican Secretary of State for Washington and former CISA election security lead, noted that cuts to CISA's capabilities will disproportionately impact smaller jurisdictions that lack resources to defend themselves against disinformation campaigns and cyberattacks.

"It's overwhelming for those medium and small-sized jurisdictions, and the federal government and specifically CISA played a really important role of leveling that playing field," Wyman explained. "That's the big void that's going to occur."

Not an Isolated Incident

The boycott directive follows a pattern of Trump administration actions targeting cybersecurity professionals who served under Biden. As documented in comprehensive analysis of Trump administration changes to intelligence and cybersecurity leadership, these personnel decisions represent one of the most significant overhauls of U.S. cybersecurity apparatus in recent history:

  • Christopher Krebs: Trump ordered an investigation into the former CISA director and threatened to strip security clearances from employees at SentinelOne, where Krebs worked after leaving government. Krebs subsequently resigned from the company.
  • General Tim Haugh: The NSA director and U.S. Cyber Command commander was fired along with his deputy, Wendy Noble, with no explanation and despite no scandal.
  • CISA workforce: The agency has faced significant staff cuts, forced departures, and a controversial polygraph requirement. Sean Plankey, nominated to succeed Easterly, has twice failed to secure Senate confirmation.

In April 2025, Easterly spoke at an event during RSA Conference, warning that these actions represented a "mandate for loyalty to a person over loyalty to the Constitution of the United States of America." She called on the cybersecurity community to speak out publicly, arguing that silence while "experienced, mission-driven leaders are sidelined or sanctioned" compromises national security.

Industry Response: Silence and Concern

The cybersecurity industry's response to the boycott has been notably muted. While some prominent figures have privately expressed support for Easterly, most major companies and organizations have remained publicly silent—likely out of concern about antagonizing an administration known for retaliation against perceived critics.

Alan Shimel, a longtime cybersecurity industry observer with 25 years in the field, offered rare public praise for Easterly's appointment: "Putting Jen Easterly in the CEO seat strengthens that front porch. It brings someone who understands not only the technical and operational dimensions of cybersecurity, but also the human and societal ones."

RSAC itself has not publicly commented on the Trump administration's boycott directive. The organization announced that this year's conference "will be the most impactful event we've ever had," emphasizing themes of AI security and global collaboration.

Industry sources speaking anonymously expressed concern that the boycott could establish a precedent for politicizing cybersecurity conferences and professional gatherings. If federal participation becomes contingent on the political affiliations of event organizers, it could fragment the cybersecurity community at precisely the moment when unity is most needed.

The Broader Stakes

At its core, this controversy raises fundamental questions about whether cybersecurity can remain a nonpartisan field focused on technical excellence and national security, or whether it will become another front in America's political wars.

The RSA Conference boycott represents just one piece of a larger pattern of Trump administration cybersecurity policy shifts that prioritize offensive operations while cutting defensive capabilities. The administration has committed $1 billion over four years to offensive cyber operations while slashing defensive cyber budgets by an equivalent amount—a strategic realignment that critics argue leaves critical infrastructure more vulnerable.

Adding to these concerns, Defense Secretary Pete Hegseth ordered U.S. Cyber Command to halt offensive cyber operations targeting Russia in February 2025, suspending proactive measures to disrupt Russian cyber threats. This decision, combined with personnel purges and defensive budget cuts, represents what experts describe as a fundamental reimagining of America's approach to cyber warfare—one that critics argue prioritizes diplomatic gestures and offensive capabilities while weakening the defensive posture needed to protect critical infrastructure.

Cybersecurity threats don't care about the party affiliation of defenders. Chinese hackers targeting U.S. infrastructure, ransomware gangs attacking hospitals, and AI-enabled disinformation campaigns pose dangers regardless of who occupies the White House or which administration an expert previously served.

The principle that government officials should have loyalty to the Constitution rather than to individual politicians has traditionally been bipartisan consensus. Cybersecurity professionals take oaths to defend the nation, not any particular administration.

Easterly herself has consistently emphasized this principle. "Security and resilience are issues affecting every nation, industry, and citizen," she stated. "RSAC thrives by bringing together operators, technologists, innovators, researchers, and policymakers from various administrations and across borders, all rooted in expertise and mission rather than politics."

The question now is whether the cybersecurity community—in government, industry, and academia—will defend these principles or allow political considerations to override operational imperatives.

What Happens in March?

As March 23 approaches, the cybersecurity community faces an uncomfortable test. Will federal agencies follow through on the boycott directive? Will FBI cyber officials and other government defenders skip sessions where they would normally share threat intelligence and coordinate with private sector partners?

Will international allies and partners—who also attend RSAC to coordinate global cyber defense efforts—question America's commitment to the collaborative approach that has become essential to countering sophisticated adversaries?

And will the private sector finally speak up, or will companies continue to prioritize avoiding political controversy over defending the nonpartisan, mission-focused approach that cybersecurity requires?

The stakes extend far beyond one conference or one CEO appointment. They go to the heart of whether the United States can maintain the public-private cybersecurity partnerships that defend critical infrastructure, election systems, and national security interests—or whether those partnerships will fracture along partisan lines.

For an industry built on trust, collaboration, and technical excellence, the Trump administration's boycott directive represents more than a political slight. It's an attack on the very foundations of effective cyber defense.

The RSA Conference 2026 takes place March 23-26 at the Moscone Center in San Francisco. As of publication, the Trump administration has not provided official comment on the boycott directive, and RSAC has not responded to requests for comment.

Trump Administration Cybersecurity Policy:

CISO Career Development:

Technical Resources:

Read more