The Trump administration plans to push U.S. cyber policy toward more aggressive deterrence of foreign hackers, National Cyber Director Sean Cairncross said Tuesday at the Aspen Cyber Summit. He said the coming National Cyber Strategy will warn adversaries that attacks on U.S. networks will carry real consequences.
Cairncross said the U.S. faces “more aggressive every passing day” intrusions from China, Russia and ransomware groups, repeating concerns he raised earlier this month. He told attendees the government has been strong at identifying and remediating incidents, but weak at shaping adversary behavior over the long term, according to reporting of the event by Federal News Network.
The strategy is expected to outline six pillars that combine offensive measures with public-private partnerships, workforce expansion and regulatory streamlining. Cairncross emphasized that unnecessary rules divert resources from real security work and said the administration wants industry input on which requirements are redundant or overly burdensome. He also said the plan will not request new funding and will instead realign existing federal programs.
FBI Cyber Assistant Director Brett Leatherman, speaking on a separate panel, said the bureau worked with the White House to shape the strategy, according to reporting by The Wall Street Journal. He said offensive U.S. actions could include indictments, arrests, extraditions and infrastructure seizures targeting foreign hacking groups.
The shift comes as federal officials warn that Chinese state hackers have infiltrated U.S. power, water and industrial systems. Federal News Network reported that policymakers are increasingly concerned adversaries may be positioning themselves to disrupt those systems. IBM estimates the average U.S. data breach cost reached $10 million this year, double the global average.
The strategy mirrors several priorities of the Biden administration’s 2023 plan, including workforce development and regulatory harmonization, but differs in tone. Cairncross has said he does not intend to “beat CEOs over the head” with mandates and instead wants to work with industry to understand where compliance requirements hinder security, Nextgov/FCW’s reported.
The Office of the National Cyber Director is advancing those harmonization efforts as federal cyber staffing tightens. According to the WSJ , CISA’s workforce dropped from more than 3,700 to 2,540 this year, and during the 43-day government shutdown the agency operated with fewer than 900 active employees. Analysts say any strategy built around stronger deterrence will require sustained investigative capacity — a tension highlighted in multiple outlets’ reporting on the agency’s challenges.
Cairncross, confirmed in August as national cyber director, is a former Republican National Committee official and former CEO of the Millennium Challenge Corporation. His nomination passed the Senate 59–35 after criticism that he lacked direct cybersecurity policy experience. In testimony reported by Nextgov/FCW, Cairncross said he has overseen responses to foreign attempts to compromise systems at organizations he led and has worked with federal investigators to remediate attacks. GAO recently urged his office to set specific goals and implementation measures for national cyber programs.
The administration is also working on a long-term renewal of the Cybersecurity Information Sharing Act, which lapsed ahead of the shutdown and was temporarily reauthorized through January. The law provides liability protections for companies that share attack data with federal agencies — a foundational component of any deterrence-based strategy.
Cairncross did not give a release date for the strategy but said the goal is to move faster than previous cycles and to ensure government and industry “speak the same language” as adversaries accelerate their use of AI-powered tools.
