US withdraws from international cybersecurity organizations

The Trump administration has withdrawn the United States from several international cybersecurity organizations as part of a broader exit from 66 international groups, raising concerns about weakening global cyber coordination and creating leadership vacuums at a time when cyber threats are growing.

What happened

On January 8, 2026, Secretary of State Marco Rubio announced the administration's withdrawal from multiple international organizations, including three focused on cybersecurity; the Global Forum on Cyber Expertise, the Freedom Online Coalition, and the European Centre of Excellence for Countering Hybrid Threats. The Global Forum on Cyber Expertise addresses critical infrastructure protection, cybercrime, cyber skills, policy, and emerging technology, with members including nations, government organizations like Interpol, and tech companies such as Hewlett Packard, Mastercard, and Palo Alto Networks. The Freedom Online Coalition supports free expression, association, assembly, and privacy online while campaigning against cybersecurity laws that suppress human rights. The European Centre of Excellence for Countering Hybrid Threats protects NATO members from various threats manifesting in cyberspace.

Going deeper

Secretary of State Marco Rubio justified the withdrawals by stating the organizations are "redundant in their scope, mismanaged, unnecessary, wasteful, poorly run, captured by the interests of actors advancing their own agendas contrary to our own, or a threat to our nation's sovereignty, freedoms, and general prosperity." He specifically criticized these organizations over "DEI mandates," "gender equity campaigns," and activities that "constrain American sovereignty." The administration's broader withdrawal affects organizations whose work tangentially touches cybersecurity, including the International Law Commission. The Global Forum on Cyber Expertise supports gender inclusivity, stating that "gender is a cross cutting issue with direct relevance to achieving international peace and security."

What was said

Secretary of State Marco Rubio stated, "President Trump is clear: It is no longer acceptable to be sending these institutions the blood, sweat, and treasure of the American people, with little to nothing to show for it. The days of billions of dollars in taxpayer money flowing to foreign interests at the expense of our people are over."

Chris Painter, former president of the Global Forum on Cyber Expertise Foundation and former top cyber diplomat at the State Department, said he was "surprised" by the withdrawal, calling it "a non-political capacity-building platform that the U.S. helped establish and that has done good work in the Western Balkans and Asian Pacific, among other places, that I think advances U.S. interests."

Ron Deibert, professor of political science and founder and director of the University of Alexandra Givens, president of the Center for Democracy and Technology, said the decision will "inevitably weaken the rights and security of Americans and people around the world for years to come," adding, "Americans should be concerned that their government is abandoning longstanding efforts to advance democracy, defend human rights online, and stop the abuses of spyware, particularly as free expression comes under attack from governments around the world — including our own. U.S. participation in international collaboration on human rights standards helps keep Americans safe."

By the numbers

These stats from The Guardian show an increase in Russian attacks on NATO, just as US exits weaken joint defenses:

• Russian cyberattacks on NATO states: +25% in one year
• Top 9 targeted countries: NATO members
• US share of attacks: 20%
• UK: 12%
• Most targeted sector: Government (25% of attacks).
• Total US withdrawals: 66 organizations (3 cybersecurity-focused)

Government hits, now at 25% of all Russian cyberattacks and the most targeted sector, directly align with the mission of groups like the European Centre of Excellence for Countering Hybrid Threats. Pulling out of these organizations cuts vital intel-sharing and coordinated defenses precisely as Russia ramps up its assaults on NATO members, including the US.

In the know

Hybrid warfare represents a range of unconventional tactics such as drone incursions, sabotage, or cyber-attacks that occupy a "grey zone" between peace and war. Unlike traditional military conflicts, hybrid warfare uses cyber operations, disinformation campaigns, and covert actions to destabilize adversaries without triggering direct military responses. Experts have warned that Russia conducts hybrid warfare against NATO members, with former MI5 head Eliza Manningham-Buller stating the UK may already be at war with Russia due to the intensity of cyber-attacks and hostile activity.

Why it matters

By exiting the European Centre of Excellence for Countering Hybrid Threats, the US abandons coordination against the exact type of Russian hybrid warfare that is escalating across NATO members. The withdrawal from the Global Forum on Cyber Expertise eliminates American influence in capacity-building efforts in strategically vulnerable regions like the Western Balkans, areas that face increasing Russian cyber pressure. With government sectors representing 25% of all Russian state cyber-attacks, the exit from these coordination forums could disturb the collective defense mechanisms that help protect American government systems and critical infrastructure. The decision also weakens the Freedom Online Coalition at a moment when Russia weaponizes cybercriminal networks for state purposes, creating gaps in international efforts to establish norms against such activities. For healthcare organizations handling protected health information, this fragmentation of global cybersecurity cooperation could mean reduced threat intelligence sharing about state-sponsored attacks and less coordinated responses to ransomware operations.

FAQs

How do these withdrawals affect US access to international cyber threat intelligence?

Exiting multilateral cybersecurity organizations can reduce real-time intelligence sharing on cross-border cyber threats that often originate outside the United States.

Can the private sector compensate for the loss of international cybersecurity coordination?

While private companies share some threat data, they cannot fully replace government-to-government cooperation on attribution, sanctions, and coordinated response.

Will NATO still coordinate on cybersecurity without US participation in these forums?

NATO maintains its own cyber capabilities, but parallel organizations help fill gaps in hybrid threat analysis, civilian protection, and regional capacity-building.