Photo: Mark Wilson/Getty Images
President Trump has signed off on a long-awaited national cyber strategy that aims to guide how the administration handles offensive and defensive cybersecurity and cyberthreats, Trump’s National Security adviser, John Bolton, told reporters in a briefing Thursday.
Why it matters: In the absence of an overarching cybersecurity doctrine, government agencies have been limited in how they can legitimately deter foreign adversaries and respond to cyberattacks — even as the attacks are escalating exponentially.
The context: This comes at a time when the administration has been bleeding cyber talent and facing criticism for its approach to election security — it eliminated the role of cybersecurity coordinator earlier this year, and the FBI has been losing cyber talent as well.
The details, as outlined by Bolton:
- Security goals: The goals are to secure critical infrastructure and government systems, combat cybercrime, and improve incident reporting.
- Innovation and workforce goals: One goal is to “develop cyberspace as an engine of open economic growth and resiliency,” including by developing a “superior cybersecurity workforce” and promoting American innovation in cybersecurity.
- Attribution goals: There will be a focus on enhancing cyber stability through attributing cyberattacks in order to create “norms of responsible state behavior,” according to Bolton.
- International internet values goals: Bolton said the U.S. will continue promoting the openness, interoperability, and reliability of the internet abroad. This is key as China has been working to export its vision of a more closed internet abroad, which is of particular concern to the State Department’s interest in promoting an open internet.
Bolton said the strategy takes effect today.
Go deeper: How not having a national cybersecurity doctrine has impeded deterrence