Skip to main content
Back to News
Automation CRA Cyber Threat Intelligence Cybersecurity

Europe Is Showing Up at RSA 2026. Here's Why That Matters.

Philipp Kühn
4 min read

Summary

European cybersecurity is stepping onto the global stage at RSA 2026. From ENISA keynotes to CRA compliance sessions, we look at what this means for the industry.

RSA Conference has always been an American event with international attendance. This year feels different. European cybersecurity isn’t just showing up in San Francisco. It’s setting the agenda.

Looking at the schedule for this week’s conference (March 23-26, Moscone Center), one thing stands out: the number of sessions shaped by European regulation, European agencies, and European companies is hard to ignore.

A Strategy, Not a Visit

Earlier this year, ENISA published their International Strategy 2026. The document outlines a deliberate shift: extending EU cybersecurity frameworks and tools to partner countries, aligning international engagement with EU policy, and making the EU Cybersecurity Reserve (established through the Cyber Solidarity Act) operational beyond Europe’s borders.

That’s not a defensive posture. It’s an export strategy for cybersecurity standards.

So when Hans De Vries, ENISA’s Chief Cybersecurity & Operational Officer, takes the stage at RSA twice this week, it’s worth paying attention to what that signals. On Tuesday, he joins Despina Spanou (Deputy Director General for Cybersecurity and Trust at the European Commission) for “Cybersecurity, Trust and Resilience: A European Perspective”, moderated by Lynn Doan of Bloomberg News. On Thursday, he’s on the panel for “The CVE Program’s Past, Present, and Future” alongside Bob Lord (Hacklore.org), David DiMolfetta (Nextgov/FCW), Michael McLaughlin (Buchanan Ingersoll & Rooney PC), and Moira Bergin from the House Cybersecurity & Infrastructure Protection Committee.

An ENISA officer discussing the future of CVE alongside US lawmakers. That’s the kind of transatlantic conversation that didn’t happen at this level a few years ago.

The Regulatory Wave Hits the Expo Floor

The Cyber Resilience Act is no longer a future concern. It’s reshaping product security requirements across the supply chain, and RSA’s schedule reflects that. On Wednesday, TeleTrusT is hosting a dedicated track session on CRA implications for industry, featuring Prof. Dr. Norbert Pohlmann and Nevena Rupp from BSI. Thursday brings two more CRA-adjacent sessions: one on SBOMs for third-party OT risk, another on CRA compliance for industrial automation devices.

The TeleTrusT pavilion at the German Pavilion (Booth 5469) is where a lot of this lands in practice. Companies like ONEKEY (CRA compliance tooling), TÜViT (certification), and SerNet (GRC with verinice) are all there. So are European CTI and threat intelligence vendors. The pavilion is small compared to the mega-booths, but what’s concentrated there represents an ecosystem that’s building specifically for the regulatory reality that NIS2, DORA, and the CRA are creating.

As we discussed in our recent post on Cybernation Germany, BSI President Claudia Plattner’s vision of systemic change in cybersecurity is not abstract anymore. It’s showing up in session titles, in product roadmaps, and in the conversations happening at booths and receptions across the Moscone Center.

Where the Real Work Happens

The sessions and keynotes set the frame, but the conversations in between are where we learn the most. This week, we’re specifically looking to connect with:

  • CTI companies building the intelligence platforms that European organizations increasingly depend on for regulatory compliance and threat detection
  • SOC teams navigating the tension between growing regulatory reporting requirements and the persistent reality of alert fatigue and talent shortages
  • MSSPs and SOCaaS providers who are becoming the operational backbone for organizations that need to meet NIS2 and CRA requirements but lack the in-house capacity

These aren’t abstract categories. These are the people who will tell us whether the regulatory frameworks being discussed on stage are actually working on the ground, or whether there’s a gap between policy and operations that still needs closing.

That gap is exactly where we build. More to come as the week unfolds. If you’re at RSA and working in CTI, SOC operations, or managed security, let’s talk.

Ready to enhance your security operations?

Join security teams leveraging AI-powered intelligence to protect their organisations, from CSIRTs and SOCs to NIS2-regulated enterprises.

Get in Touch Learn More