On March 6, the White House released “President Trump’s Cyber Strategy for America.” This 7-page document makes the most explicit case for offensive cyber operations of any U.S. national strategy to date.
The strategy is organized around 6 pillars, but its center of gravity is Pillar 1: “Shape Adversary Behavior,” which places offensive operations and cost-imposition at the top of the hierarchy.
The US “will deploy the full suite of U.S. government defensive and offensive cyber operations” and will “detect, confront, and defeat cyber adversaries before they breach our networks and systems.”
What is new?
1. The explicit integration of offensive cyber into a broader coercive posture: “We will not confine our responses to the ‘cyber’ realm.”
This signals that cyber operations are being treated as one tool within a cross-domain response framework, potentially combining cyber effects with sanctions, diplomatic pressure, and military operations.
This is emphasized by mentioning specific operations: a “globe-spanning operation to obliterate Iran’s nuclear infrastructure” and cyber-enabled military actions in the capture of Venezuelan leader Maduro, during which U.S. forces shut down much of Caracas.
2. Private-sector involvement in offensive activities:
Previous strategies emphasized public-private partnerships for defense and info sharing. This strategy goes further, calling for “incentives to identify and disrupt adversary networks” — language that implies a role for private companies in actively disrupting adversary infrastructure.
3. The emphasis on AI-enabled cyber operations:
The strategy calls for the adoption of “AI-powered cybersecurity solutions to defend federal networks and deter intrusions at scale” and the promotion of “agentic AI in ways that securely scale network defense and disruption.”
The U.S. strategy does not exist in isolation. It arrives at a moment when multiple Western states are moving toward more explicit offensive cyber postures.
The strategy is the most powerful endorsement of this trend.
But it also illustrates the risks of the approach.
Adversaries, like China, have demonstrated the ability to pre-position within U.S. critical infrastructure to disrupt it during a crisis.
Offensive operations against Chinese actors will not remove the access they have already gained.
That requires the defensive, resilience-focused work that is being deprioritized in practice even as it is endorsed in rhetoric.
