Jen Easterly, one of the most influential figures in global cybersecurity policy, has been appointed CEO of RSA Conference (RSAC), the organization behind the world’s largest and most prominent cybersecurity event.
Easterly steps into the role at a moment when AI and cybersecurity are rapidly converging, reshaping how governments, enterprises, and technology platforms think about risk, resilience, and secure-by-design systems.
RSAC is more than its annual conference in San Francisco. As CEO, Easterly will oversee RSAC’s expanding global portfolio, including international programming, the Innovation Sandbox startup competition, professional membership initiatives, education platforms, and growing efforts focused on AI security and secure software development.
“RSAC is not just a conference — it’s the home of the global cybersecurity community,” Easterly said in announcing her appointment. She framed the role as a chance to bring together policymakers, practitioners, startups, and technology leaders at a time when trust and security are becoming foundational to the AI era.
A rare blend of policy, security, and industry experience
Easterly brings more than 30 years of leadership experience across government and the private sector. Most recently, she served as Director of the Cybersecurity and Infrastructure Security Agency (CISA), where she became a leading voice on ransomware defense, critical infrastructure protection, and pushing vendors toward secure-by-design principles.
Before CISA, Easterly held senior roles at the National Security Agency, where she helped stand up U.S. Cyber Command, and later worked in the private sector at Morgan Stanley, giving her credibility across both national security and enterprise technology circles.
That background makes her a notable choice to lead RSAC as the organization increasingly positions itself at the intersection of cybersecurity, AI, policy, and global collaboration.
“Jen brings unmatched leadership experience across national security, cyber operations, and the private sector,” said Greg Clark, former Symantec CEO and RSAC board member, calling her the right leader for a period when AI is rewriting the threat landscape.
RSAC bets on AI-era relevance
RSAC leadership has been increasingly vocal about the need to treat AI not just as a productivity tool, but as a security risk amplifier that demands new frameworks for governance, resilience, and trust.
Dr. Hugh Thompson, RSAC’s executive chairman, said Easterly’s appointment comes at a critical inflection point, as AI adoption accelerates faster than security practices can keep up. He pointed to the upcoming RSAC 2026 Conference, scheduled for March 23–26 at San Francisco’s Moscone Center, as a key moment for the global community to align.
The 2026 event is expected to draw more than 40,000 attendees, with 700+ speakers, 450 sessions, and 650 exhibitors, reinforcing RSAC’s role as the industry’s central convening ground.
Why it matters
Easterly’s move signals a broader trend: the line between cybersecurity leadership and global technology governance continues to blur. As AI systems become embedded in critical infrastructure, enterprise software, and consumer platforms, cybersecurity is no longer just a technical discipline — it’s a societal one.
By putting a former top U.S. cyber official in charge, RSAC is signaling that its future isn’t just about hosting a massive conference, but about shaping the conversations, norms, and collaborations that will define security in the AI era.
For an industry grappling with accelerating threats and accelerating technology, RSAC’s next chapter is likely to be as much about leadership and trust as it is about tools and tactics.
