Trump Administration Unveils ‘Offensive’ and ‘Deterrent’ National Cyber Strategy

September 26, 2018 Updated: September 26, 2018

The Trump Administration released its long-awaited national cyber strategy last week.  The 26-page document outlined a decentralized strategy across government departments and agencies, and emphasized “offensive” and “deterrent” security measures and partnership with the private sector in its execution.

In a press briefing last Thursday, National Security Adviser Ambassador John Bolton explained the strategy in terms of the administration’s overall National Security Strategy.

He also announced that the position of Cybersecurity Coordinator on the National Security Council staff had been eliminated, having been replaced by two senior directors.  He saw this as necessary because “[cyber] is such a broad area, with so many agencies involved, that each should proceed in its particular area of expertise.”

Throughout the briefing, Bolton stressed the need for the United States to deter potential adversaries employing cyber, observing that “we’re going to do a lot of things offensively, and I think our adversaries need to know that.”

Reiterating that a President Obama-era presidential directive on offensive cyber operations, PPD-20, had been rescinded, Bolton stressed that the new cyber strategy marks a more assertive posture by the federal government, and particularly the Department of Defense, in confronting cyber threats.

PPD-20 had required inter-agency coordination among State, Commerce and other federal agencies, as well as Defense, before the military could prosecute cyber operations.

“We’re not just on defense, as we have been primarily…for a period of time,” he said.

However, the strategy does not provide specifics regarding offensive or deterrent operations.  Bolton declined to provide details, citing their classified nature, other than to say that the strategy “reinforces, in many respects, the rescinding of the Obama administration directive on offensive cyber operations.”

The strategy also calls on private industry for partnership and support.  It relies on information sharing, including in innovations in artificial intelligence and quantum computing to counter emerging threats, and working with state and local governments to improve systems.

One industry expert, Gary S. Miliefsky, CEO of Cyber Defense Media, who has worked with the President’s Critical Infrastructure Protection Board (PCIPB) in past administrations, was impressed with the new strategy:  “There are four key pillars of this strategy which create a focus on funding and support for securing federal networks, hardening critical infrastructure, combatting cybercrime, improving incident reporting, helping protect intellectual property, fostering a growing cybersecurity workforce, improving internet stability, and better defining acceptable and unacceptable nation-state cyberwarfare behavior, all while promoting an open and secure internet.

“The part I personally love the most, is the growing effort by this administration to protect first amendment rights in a cyberspace that’s become highly privatized through search engine and social media giants controlling most of internet email, file sharing, chat and web interfaces.  This is a very bold effort, the plan is well written and I’m looking forward to seeing well documented and measurable execution on all of the four pillars of this great plan.”

In focusing on the private sector in its strategy, the Administration seeks to promote internet openness, and commits to “preserve and secure cyberspace.”

Bolton indicated “specific global efforts to promote these objectives, while supporting market growth for infrastructure and emerging technologies, and building cyber capacity internationally” (though he did not name the specific efforts).

Among its numerous “priority actions,” the strategy asserts “the United States will continue to actively participate in global efforts to ensure that the multi-stakeholder model of Internet governance prevails against attempts to create state-centric frameworks that would undermine openness and freedom, hinder innovation, and jeopardize the functionality of the Internet.”

Taken with Bolton’s statement, the strategy seeks to engage “like-minded countries, industry, academia, and civil society” while countering “authoritarian states that view the open Internet as a political threat.”

Bolton also observed that with the rescinding of PPD-20, this administration’s “hands are not tied” in confronting attacks or hacking of the upcoming mid-term elections.

While the strategy document itself did not single out any other nations, Bolton named China as a perpetrator of previous hostile cyber operations and attacks (he specifically highlighted the breach of the US Office of Personnel Management data in 2015).

In reference to China’s cyber posture toward Taiwan, he offered:  “there will be consultations — there have been already — with our friends and allies, because many of us are vulnerable to the same hostile actions.  And I think it’s very important that we work through our alliance structures, where we can do that.  And I think that’s part of the deterrent effect that our adversaries ought to think about, that we do have a robust structure of international alliances, and we intend to keep them strong in cyberspace.”