RSAC There’s a notable absence from this year’s RSA Conference that kicked off today in San Francisco: The NSA’s State of the Hack panel.
The annual talk by current and former chiefs of Uncle Sam’s surveillance super-agency is a favorite among the cybersecurity conference’s attendees and is always filled to capacity with a waiting list to get in the door. Until this year.
Earlier this month, RSA Conference organizers emailed anyone who had signed up for the session, alerting them that the NSA’s State of the Hack 2025 had been “canceled and will be removed from your schedule.”
The Register also had an interview scheduled with NSA Director Dave Luber during the conference, and shortly after receiving an email notification about the State of the Hack session being cancelled, an agency spokesperson told us that the talk with Luber was also scrapped:
Federal cyber officials typically have an active speaking role at RSAC. In previous years Chris Krebs and Jen Easterly – former bosses of the US govt’s Cybersecurity and Infrastructure Agency, aka CISA – delivered keynotes, spoke on panels with other government network defenders, talked to the press, and in 2024 wrangled nearly 70 tech providers into signing a Secure by Design pledge.
This year, many government agencies, cyber officials, and military network defenders are largely absent, although the FBI is still out in some force.
CISA’s associate chief of policy Michael Garcia spoke on a Monday panel about preparing for and responding to critical infrastructure threats, but that was the only opportunity for attendees to hear from America’s top cyber defense agency. A CISA spokesperson told The Register there would be no media roundtables or interviews at the conference.
To be fair: CISA doesn’t have an officially installed director. US Senator Ron Wyden (D-OR) has blocked the nomination of Sean Plankey to lead the agency to force the release of an unclassified report on American telecommunications networks’ weak security.
Plus, two of its top officials, both of whom were involved in CISA’s Secure by Design effort, resigned last week. Ultimately, we would hope that whomever is left at the agency tasked with securing America’s critical infrastructure and networks’ weak security is prioritizing hiring over public speaking events.
In a last-minute addition to the agenda, Homeland Security boss Kristi Noem will appear on the keynote stage on Tuesday to “unveil her vision for the future of America’s cyber defense.”
Ex-CISA chiefs Easterly and Krebs, however, are making the RSA Conference rounds.
Attendees can hear from Easterly and Krebs — who is now fighting full-time the Trump administration’s investigation into his government tenure after the civil servant dared dispute the President’s baseless claims that the 2020 election was rigged and stolen. They’ll also be able to hear NSA ex-directors Paul Nakasone and Rob Joyce discuss the future of tech policy and get Hollywood’s take on cyber conflict (yes, the executive producer of Netflix’s Zero Day is also on that panel).
But when it comes to today’s CISA and NSA officials talking about current cyber policy threats, conference goers are largely out of luck.
When a fellow Reg vulture asked about the lack of showing from America’s top cyber officials at a Monday morning session – aptly titled: How & Why the Major Threat Actors Leverage Cyberpower to Subvert Democracy – retired US Navy Rear Admiral Mark Montgomery said it’s another example of what happens when you slash federal budgets and employees.
“The generous reason is that this administration has removed a lot of senior civil servants who would otherwise have taken early buyouts, or their divisions have been shut down and they decided to retire, and therefore there’s less to spend,” said Montgomery, who previously spoke with The Register about the White House’s deep cuts to CISA and government-funded infosec programs.
There’s another reason, too, he added: “In terms of the active duty military, there’s just less of a desire to go to talk right now, and probably a slight level of fear associated with unprecedented actions that happened recently.” ®
Additional reporting by Iain Thomson