Trump administration drops first cybersecurity strategy of second term
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Shoshana Gordon/Axios
President Trump on Friday unveiled a cybersecurity strategy calling for modernizing federal systems, expanding offensive and defensive cyber operations and streamlining regulations.
Why it matters: The seven-page plan is designed to set the administration's cyber policy for the next three years.
The big picture: Trump also signed an executive order directing agencies to prioritize combating cyber-enabled fraud and transnational criminal groups, including through sanctions and diplomatic pressure on nations that harbor them.
- The approach differs by agency.
- The EO directs the Justice Department to focus on prosecutions of cyber-enabled fraud and the secretary of state to impose sanctions and other diplomatic consequences on "nations that tolerate" cybercrime and scams.
Zoom in: The strategy calls for a six-pillar approach to both cyber defense and offensive cyber strikes — including promoting "common sense regulation" and sustaining "superiority in critical and emerging technologies."
- The administration says it will "deploy the full suite of U.S. government defensive and offensive cyber operations" to shape adversary behavior, while creating incentives for the private sector to help identify and disrupt malicious networks.
- The document also highlights specific modernization priorities, including zero-trust architecture, secure cloud adoption, post-quantum cryptography and safeguarding AI systems.
Zoom out: The White House says the plan calls for cyber diplomacy and global tech standards aimed at countering authoritarian influence in digital infrastructure.
What it says: "The United States has capabilities that the rest of the world can only begin to imagine," Trump wrote in the introduction of the strategy.
- "Our warriors in cyberspace are working everyday to ensure that anyone who would seek to harm America will pay the steepest and most terrible price."
Reality check: The strategy comes as the Cybersecurity and Infrastructure Security Agency — the nation's top cyber agency — faces setbacks in the first year of Trump's administration.
- The agency's acting director was reassigned to another role within the Department of Homeland Security just one week ago.
- Several high-level officials have either been pushed out of the agency or have taken a buyout and the agency has seen major budget cuts after losing at least one-third of its staff.
- DHS Secretary Kristi Noem was just fired from her position earlier this week.
Between the lines: The Office of the National Cyber Director (ONCD) spent the last few months collecting feedback on the strategy — which was originally anticipated in January — from industry stakeholders.
- The strategy is largely a high-level vision document and leaves specific policy directives to a forthcoming implementation plan.
What's next: ONCD is drafting a more detailed action plan tied to each pillar.
The bottom line: The plan outlines sweeping ambitions, yet key details and resources remain unresolved.
