EOs likely to drive cyber strategy actions

https://federalnewsnetwork.com/cybersecurity/2026/03/eos-likely-to-drive-cyber-strategy-actions/

Publish Date: 2026-03-11 18:10:00

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.

The new national cyber strategy is light on details, and implementation details could come in the form of executive orders and other actions to advance implementation of the White House’s goals.
The six-pillar national cyber strategy, released last Friday, runs a total of seven pages, including four pages of text. The Biden administration’s 2023 strategy ran 39 pages long, while the first Trump administration’s 2018 strategy totaled 40 pages.
National Cyber Director Sean Cairncross had previewed that the strategy document would be a “short statement of intent and policy.” But some have criticized the dearth of details, and the brief document has many speculating what exactly the Trump administration will do to advance the strategy.
During a webinar Wednesday, Venable senior director Caitlin Clarke suggested “where we will see clarity is particularly in implementing executive orders.” She pointed to the cybercrime executive order President Donald Trump also signed out on Friday afternoon.]]>

Clarke served under the Biden administration in both the National Security Council and the Office of the National Cyber Director.
“I would not expect a big spreadsheet, like the implementation plan under the last administration,” Clarke said. “I would expect to see similar to what the administration has done on AI, but an implementation through executive action, through multiple executive orders that are tied to the different pillars.”
The Biden administration published detailed implementation plans associated with its national cyber strategy. Those plans identified specific actions and agencies responsible for spearheading each initiative.
By contrast, Clarke expects executive orders and other actions from the Trump administration will directly lay out who is responsible for advancing the Trump administration’s new strategy.
“Post-quantum cryptography, things around cyber diplomacy, around the workforce, I would expect to see executive orders or memoranda or action taken out of the White House to really define what the next steps are in those areas,” she said.
During the Biden administration, progress on cyber policy issues was reportedly bogged down by disagreements and an unclear delegation of roles between ONCD and the NSC. ONCD was established by Congress in 2021. It’s responsible for producing and leading national cyber strategy, but the NSC also plays a role in cyber issues.
Ari Schwartz, former senior director for cyber at the NSC during the Obama administration, said the NSC is likely to play a big role under the new cyber strategy, especially on offensive cyber and deterrence actions prioritized under pillar one of the document. But he suggested ONCD is now leading overarching cyber policy issues under the Trump administration.]]>

“It’s just that in general, ONCD is being given a lift here in terms of doing what Congress really intended for ONCD to do and take over more of that role,” Schwartz said. “That was harder to do before, when you had the NSC in place doing a lot of that work already when [ONCD] was stood up in the last administration.”
While Cairncross has previewed some activities, for now, outside cyber policy experts are largely reading the tea leaves in the short strategy document to predict what steps ONCD and the Trump administration will take next.
The strategy’s focus on cybersecurity tools enabled by artificial intelligence, for instance, “signals a shift about from reactive incident response towards predictive detection and automated analysis using advanced tools to identify a malicious activity more rapidly,” Clarke said.
“The emphasis on testing and hunting for malicious actors reflects an operational posture,” she added. “This is not passive defense. It’s continuous monitoring. It’s active detection inside federal systems.”
For federal networks specifically, the strategy also focuses on “modernization” and the shift toward cloud computing.
“In my mind, it’s about embedding resilience into system architecture, rather than layering security on top of outdated infrastructure,” Clarke said. “And importantly, I think federal modernization is framed as leading by example. If the federal government is calling on critical infrastructure and private industry to strengthen resilience, it must demonstrate that they themselves are doing it internally first.”
Copyright
© 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.