The Trump Administration late last week released its long-awaited national cybersecurity strategy, a seven-page plan based on overarching six pillars that range from disrupting adversaries’ activities and promoting “common sense regulation” to incentivizing the private sector, modernizing federal networks, and leaning on emerging technologies like agentic AI and quantum computing.

Through the Cyber Strategy for America, the administration envisions an aggressive reaction to cyberattacks against the government, private business, and citizens, writing that the country “will act swiftly, deliberately, and proactively to disable cyber threats to America. We will not confine our responses to the ‘cyber’ realm. … By disrupting adversaries’ cyber campaigns, and making our networks more defensible and resilient, we will unleash innovation, accelerate economic growth, and secure American technology dominance.”

The plan promises to “remove burdensome, ineffective regulations,” promote partnerships with the private sector and international allies, and protect critical infrastructure, including the energy grid, financial and telecom systems, healthcare facilities, water utilities, and data centers, all attractive targets for nation-state actors.

The document – and an accompanying executive order signed by President Trump – is long on vision and rhetoric, boasting of the country’s actions in Venezuela in January and in Iran last year, but short on details.

“It’s the right tone and includes an overdue declaration to adversaries: We’re mad as hell and we’re not going to take it anymore,” Emily Harding, director of the Intelligence, National Security, and Technology Program at the Center for Strategic and International Studies, wrote on LinkedIn. “This is right and proper, and long overdue. The document is also more a statement of intent than a classic strategy. The intent is strong. Matching resources to that intent is the hard part.”

“The six pillars are the right priorities, and the strategy reads like people who understand the threat landscape were involved in writing it,” said Michael Bell, founder and CEO of Suzu Labs. “Post-quantum cryptography, private sector offensive operations, regulatory streamlining, AI security. All correct.”

That said, “a strategy without a budget is a press release,” Bell added. “The implementation plans need acquisition reform, real funding for post-quantum migration, and measurable timelines. That’s what separates policy from paper.”

Addresses Regulations, Supply Chains, AI

The first pillar is about shaping the behavior of adversaries by using both offensive and defensive capabilities in the government and enabling the private sector to the same, stop attacks before they breach systems, and stop the spread of such tools as spyware by governments. The next pillar addresses regulations, including streamlining them “to reduce compliance burdens, address liability, and better align regulators and industry globally.”

Modernizing the security of federal networks includes adopting such tools as post-quantum encryption, zero-trust architectures, and AI-powered solutions and elevating the importance of cybersecurity in government agencies the boardrooms of private entities.

The plan calls for protecting critical infrastructure – which is increasingly being targeted by Chinese, Russian, and Iranian attackers – by securing supply chains, in part by transitioning away from “adversary vendors and products” and “promoting and employing U.S. technologies.” In addition, state, local, tribal, and territorial authorities will be seen as a complement to, rather than a substitute for, national security efforts, according to the strategy.

The use of emerging technologies not only includes AI and quantum, but also ensuring the security of cryptocurrencies and blockchain technologies, both of which are important to President Trump. The administration also plans to invest in building the cybersecurity workforce by supporting efforts in academia, vocational and technical schools, corporations, and venture capitalists and to “eliminate roadblocks that prevent industry, academia, government, and the military from aligning incentives and building a highly skilled cyber workforce.”

Praise for the Message Sent

Many in the cybersecurity industry are applauding the administration’s strategy, praising its aggressive tone, embrace of modern technologies, and reliance on public-private partnerships. The plan “provides the essential foundation for enduring American leadership,” Daniel Kroese, vice president for public policy and government affairs for Palo Alto Networks, wrote in a blog post. “By prioritizing the disruption of hostile actors, future-proofing networks, accelerating quantum readiness, and securing the AI frontier, the strategy provides the strategic clarity necessary to protect our digital way of life from sophisticated adversaries.”

Cohesity President and CEO Sanjay Poonen wrote that the strategy “confronts today’s threat environment and prepares the nation for tomorrow’s technological realities. At a time when ransomware and other destructive cyberattacks have increased more than 70% year over year globally, and nation-state actors are routinely targeting U.S. government agencies and critical infrastructure, the strategy reflects both urgency and pragmatism.”

It also addresses advanced persistent threats (APTs) and aims to modernize federal systems, secure critical infrastructure, and sustain the country’s leadership in AI and other emerging technologies, “meeting the moment while anticipating what comes next,” Poonen wrote.

Industries Weigh In

Industry groups also are praising the document. Greg Baer, president and CEO of the Banking Policy Institute, a financial services research and advocacy organization, noted a CrowdStrike report that showed that intrusion attempts against financial services organization in 2024 jumped 109% year-over-year.

Baer also said in a statement that cybercrime represented a “$10 trillion tax on the global economy.”

“Banks and their government partners are already advancing many of the pillars reflected in this plan, and we look forward to deepening that collaboration with the Administration, the banking agencies and the Office of the National Cyber Director to strengthen the security and resilience of the financial system,” he said.