Restoring U.S. cyber resilience: A blueprint for the new administration
As the incoming Trump administration prepares to take office, it confronts a critical juncture for cybersecurity. The escalating digital threats from state-sponsored adversaries like China, Iran, North Korea and Russia coincide with fractured global governance and a shifting domestic policy landscape. This moment presents a unique opportunity for the administration to establish itself as a global leader in offensive cybersecurity deterrence.
To rise to this challenge, the administration must evaluate and redefine the role of the Cybersecurity and Infrastructure Security Agency, whose mission has expanded and, arguably, diluted under the Biden administration. A reinvigorated CISA, bolstered by strategic focus and partnerships, could prove pivotal in strengthening U.S. resilience and cybersecurity leadership.
CISA’s original mission: A return to core statutory goals
CISA was created to safeguard critical infrastructure and improve resilience against a rising tide of cyber threats. However, under the Biden administration, its scope has broadened to encompass a wide array of initiatives, potentially undermining its ability to deliver on core objectives.
Critics, including Sen. Rand Paul, R-Ky., have questioned the agency’s effectiveness, with calls to abolish CISA altogether. While such measures are unlikely, the Trump administration has an opportunity to recalibrate CISA’s focus in a few key areas to regain its footing and strengthen its leadership.
Protecting critical infrastructure and enhancing U.S. resilience
Aggressive and unchecked cyber operations — such as the Salt Typhoon and Volt Typhoon campaigns from the People’s Republic of China — that target U.S. critical infrastructure networks underscore the pressing need to defend critical infrastructure and increase deterrence and consequences for such attacks against the United States.
During a December hearing, senators emphasized the importance of countering Salt Typhoon’s infiltration of American telecommunications networks and data theft. Salt Typhoon has been called the “worst telecommunications hack in the history of the country.”
While the Biden administration’s guidance for senior government and political officials to use end-to-end encrypted communications is warranted, and there’s bipartisan support for additional funds for the Federal Communications Commission’s Secure and Trusted Communications Networks Reimbursement Program to rip-and-replace Chinese-made equipment and services from U.S. networks, it falls short for meaningful deterrence against our adversaries.
Meanwhile, ransomware attacks originating from adversarial nations continue to devastate local governments, health care systems, and private organizations, exposing vulnerabilities across vital sectors. These attacks strain government service efficiency and effectiveness, stunt economic progress, and threaten citizen privacy and data protection.
With its authorities, CISA is in a pivotal position to foster public-private partnerships to strengthen resilience against these escalating threats. By collaborating with industry partners that possess advanced threat research and intelligence capabilities, the agency can enhance its ability to detect and respond to evolving cyber threats, especially across the federal government (.gov) space. Strengthening these partnerships will not only fortify CISA’s statutory mission but also demonstrate its value in protecting the nation’s most vital assets.
Streamlining cybersecurity governance
Fragmented approaches to cybersecurity within the U.S. government have hindered progress and left defenders navigating a maze of competing regulations. Confusion among industry stakeholders about jurisdictional responsibilities and regulatory priorities has diluted efforts to combat malicious actors effectively.
The Trump administration can drive progress by streamlining governance and harmonizing efforts across federal agencies. A more cohesive framework for sector-specific risk management agencies — such as those overseeing energy, water, transportation and health care — will provide clarity and reduce redundancy. Simplifying regulations will empower organizations to focus resources on meaningful security measures rather than bureaucratic compliance.
At the international level, a unified U.S. approach to global cybersecurity regulation will be critical. Inconsistent standards among allies and partners create exploitable gaps in defenses. By championing global harmonization, the Trump administration can strengthen collective security while advancing U.S. leadership in cybersecurity policymaking.
Addressing digital supply chain risk
The Biden administration made some headway in enhancing physical supply chain resilience and reducing dependencies on foreign sources. Building on this progress, the Trump administration must broaden the focus to prioritize digital supply chain risks, which pose a growing threat to critical infrastructure.
The reliance on third-party vendors has introduced significant vulnerabilities, with research from SecurityScorecard and McKinsey & Co. revealing that 150 companies account for 90% of the technology products and services used by global organizations. This concentrated reliance has been exploited in high-profile breaches of software providers and IT vendors like MOVEit and CDK Global. To address these risks, the administration should prioritize a comprehensive assessment of supply chain vulnerabilities across critical infrastructure sectors. This analysis would identify “crown jewels” — the essential systems and data most critical to national security — and implement targeted measures to ensure their protection.
CISA can then collaborate with sector-specific agencies to develop actionable recommendations for hardening digital supply chains and securing federal civilian networks. These efforts should also extend to state and local governments, which face mounting pressure from ransomware attacks and other malicious activities. Improved coordination across all levels of government will strengthen overall resilience and resolve against cyber threats.
An opportunity for global leadership
The Trump administration has a unique opportunity to redefine America’s role as the world’s global cybersecurity leader. By sharpening CISA’s focus, harmonizing governance efforts, and addressing digital supply chain vulnerabilities, the administration can lay the groundwork for a more resilient and secure future.
However, achieving this vision will require navigating complex challenges: balancing streamlined regulation with strong oversight, deepening public-private partnerships, and driving international cooperation to close gaps in global cyber defenses. Adversaries like China and Russia continue to test U.S. resilience, making decisive action and visionary leadership imperative.
This moment demands more than defense — it calls for comprehensive focus. To combat malicious cyber attacks on American sovereignty and increasingly aggressive intrusions into our homeland and our interests, a reimagined cybersecurity strategy has the potential to protect critical infrastructure while reinforcing America’s position as the global standard-bearer in the face of mounting digital threats.
Brian Harrell is a former assistant secretary for infrastructure protection at the U.S. Department of Homeland Security.
Jeff Le is a former deputy cabinet secretary for the state of California.
