Trump’s new cyber strategy details more offensive response to cyber threats
The strategy, which some expected to be released in January, outlined six key policy pillars, including: shaping adversary behavior; promoting common sense regulation; modernizing and securing federal government networks; securing critical infrastructure; sustaining superiority in critical and emerging technologies; and building cyber talent and capacity.
In a signed introduction to the document, President Donald Trump wrote that his strategy “calls for unprecedented coordination across government and the private sector to invest in the best technologies and continue world-class innovation, and to make the most of America’s cyber capabilities for both offensive and defensive missions.”
This includes a more gloves-off approach to cyber threats posed by adversaries, something that aligns with the White House’s stated goal of recalibrating its cyberspace activities to more forcefully respond to threat actors that target U.S. networks.
“Unlike other Administrations, the Trump Administration will not tinker at the edges and apply partial measures and ambiguous strategies that neglect the growing number and severity of cyber threats,” the strategy said. “President Trump will continue to address threats in cyberspace directly.”
The strategy directly referenced recent cyber activities the administration took as part of its mission “to obliterate Iran’s nuclear infrastructure,” as well as its January operation that captured Venezuelan leader Nicolás Maduro from the capital of Caracas.
The document said the White House would pursue its more offensive-focused cyber strategy by, in part, moving to “unleash the private sector by creating incentives to identify and disrupt adversary networks and scale our national capabilities.” It also detailed plans for a more global response to threats.
“Defending cyberspace and safeguarding freedom is a collective effort — the distribution of cost and responsibility must be fair across the U.S. and allies who share our democratic values,” the document said. “We will work together to create real risk for adversaries who seek to harm us, and impose consequences on those who do act against us.”
The strategy also established continued U.S. leadership in the development of artificial intelligence tools and other emerging capabilities as a cybersecurity priority. This includes promoting the adoption of quantum computing and post-quantum cryptography, as well as “supporting the security of cryptocurrencies and blockchain technologies.”
To better secure federal networks and systems from threat actors, the document also said the administration “will work to adopt AI-powered cybersecurity solutions to defend federal networks and deter intrusions at scale,” as well as “remove barriers to entry so that the government can buy and use the best technology.”
The latest national cyber strategy is noticeably shorter than previous versions of such documents. The strategy issued in September 2018 during Trump’s first term was 40 pages in total, while the document issued by then–President Joe Biden in March 2023 was 39 pages in length, both with several objectives outlined under each pillar of the strategies.
The new Trump 2.0 strategy was also released alongside an executive order focused on “combatting cybercrime, fraud, and predatory schemes.” That order, in part, directs the attorney general to provide recommendations for the creation of a “Victims Restoration Program” to compensate fraud victims with money seized from or forfeited by fraudsters.
Several U.S. companies voiced support for the administration’s stated goal of partnering more closely with industry, as well as its inclusion of domestic AI development as a cyber priority.
"President Trump's cybersecurity strategy is a significant shift — one that empowers the private sector to partner with the administration to defend American systems and deliver a robust, collective response to nation-state hackers,” Trellix Chief Public Policy Officer Tom Gann said in a statement. “From shaping adversary behavior to modernizing federal cybersecurity and driving innovation, this is a holistic approach to a growing threat, and the private sector is ready to be a meaningful partner in that effort.”
Bill Wright, the global head of government affairs at Elastic, also said that “redirecting resources from paperwork to AI-powered security capabilities is the only way to keep pace with modern threats and adversaries who operate at great speed,” and added that “this strategy appears to recognize that fundamental truth.”
Not all of the early feedback, however, was positive.
Rep. Bennie Thompson, D-Miss., the ranking member of the Homeland Security Committee, called the strategy "impressively underachieving, even by the abysmal standards this Administration has set for itself.”
“Completely lacking is even the most basic blueprint for how the Administration will go about achieving any of its cybersecurity goals — an objective possibly hamstrung by the hemorrhage in cyber talent across all Federal agencies since Trump took office,” he added.
Nextgov/FCW Cybersecurity Reporter David DiMolfetta contributed to this report.
]]>