On March 6, 2026, the Administration released “President Trump’s Cyber Strategy for America” alongside an Executive Order (entitled “Combating Cybercrime, Fraud, and Predatory Schemes Against American Citizens”) and accompanying Fact Sheet. The framework set forth in the Strategy document is significantly shorter and higher-level than the prior National Cybersecurity Strategy issued in March 2023. We have summarized below the highlights of the Strategy document (Part I) and the Executive Order (Part II), along with key takeaways from each and areas to watch going forward.
Part I: Cyber Strategy for America
The Cyber Strategy signals the Administration’s focus on deploying offensive and defensive cyber capabilities, enlisting the support of the private sector, hardening and modernizing critical infrastructure and federal networks, streamlining the regulatory environment, and promoting innovation in emerging technologies.
As detailed below, the Strategy outlines six “Pillars of Action”:
- Shape Adversary Behavior: Deploy defensive and offensive cyber operations using federal resources. Notably, under the Strategy, the government “will unleash the private sector by creating incentives to identify and disrupt adversary networks and scale our national capabilities.” The Strategy also highlights the need to dismantle criminal infrastructure, including financial infrastructure.
- Promote Common‑Sense Regulation: Streamline cybersecurity and data regulations to reduce compliance burdens, align government and industry, and preserve Americans’ privacy. This is consistent with the Administration’s recent efforts to align the final Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”) with industry preferences to reduce regulatory burden and to harmonize reporting obligations. (The Cybersecurity and Infrastructure Security Agency (“CISA”) plans to convene a series of public town halls to solicit stakeholder feedback on that proposal in the coming weeks.) Prior public reporting has also suggested that the Administration intends to review a number of other key policies in connection with its release of the Strategy. Additionally, the National Cyber Director, Sean Cairncross, indicated in remarks yesterday that the Securities and Exchange Commission’s 2023 incident disclosure rule may be revisited.
- Modernize and Secure Federal Government Networks: Implement zero‑trust architectures, cloud transition, AI‑powered defenses, post‑quantum cryptography, and improved procurement to accelerate the modernization, defensibility, and resilience of federal systems, and remove barriers to entry for technology procurement.
- Secure Critical Infrastructure: Identify, prioritize, and harden critical sectors—such as energy, finance, telecommunications, water utilities, healthcare, and data centers—while securing supply chains and reducing reliance on adversary‑linked vendors.
- Sustain Superiority in Critical and Emerging Technologies: Secure U.S. innovation and intellectual property, including securing cryptocurrency and blockchain technologies and promoting adoption of post-quantum cryptography and secure quantum computing. Promote U.S. leadership in AI and other new technological innovation by securing the “technology stack” to include data centers, promoting agentic AI to scale network defense, and leveraging cyber diplomacy.
- Build Talent and Capacity: Develop a strong, accessible cyber workforce pipeline through education, training, and cross‑sector collaboration and by eliminating barriers that hinder alignment between industry, government, and academia.
Key Takeaways: The Cyber Strategy envisions a robust private sector role in “identify[ing] and disrupt[ing]” adversary networks. Although the Cyber Strategy does not authorize private sector actors to engage in offensive cyber operations against nation-state and criminal cyber threats, offensive cyber operations are a key component of the Administration’s overall strategy. Such efforts are also likely to be further bolstered by the $1 billion appropriation for offensive cyber operations in the One Big Beautiful Bill Act.
Companies operating in critical infrastructure sectors and technology, defense, and cybersecurity firms should therefore anticipate possible government outreach on efforts to tackle cyber threats and should proactively consider the legal and practical risks associated with engaging in such efforts, as well as how to protect against potential risks if others do so. These include risks under:
- The Computer Fraud and Abuse Act (“CFAA”), which contains broad provisions that, among other things, criminalize intentionally accessing a computer without authorization, and analogous state statutes;
- The Electronic Communications Privacy Act (“ECPA”), which prohibits unauthorized access to and disclosure of communications (in storage and in transit);
- Rules applicable to government contractors; and
- Risks under non-U.S. laws that may apply, depending on where the activity occurs.
In addition, the Strategy’s objective of promoting “common-sense” regulation could offer openings for private sector stakeholders to provide input on rulemaking processes that could impact the future of the cybersecurity regulatory landscape in the U.S., including the ongoing CIRCIA rulemaking.
Part II: Executive Order on Combating Cybercrime, Fraud, and Predatory Schemes
Together with the Cyber Strategy, an Executive Order published on the same day directs the Attorney General and the Secretaries of War, Homeland Security, and State (in consultation with the Office of the National Cyber Director and the Assistant to the President and Homeland Security Advisor) to take steps to combat cybercrime and fraud schemes that victimize Americans, including schemes involving ransomware and malware, phishing, financial fraud, “sextortion” and other extortion, and impersonation. The Order notes that such schemes are often perpetuated by Transnational Criminal Organizations (“TCOs”), which may enjoy the support of foreign regimes.
In particular, the Order provides for the following:
- Interagency Plan and Operational Coordination: The Order requires the submission of an action plan within 120 days “that identifies the TCOs responsible for scam centers and cybercrime and proposes solutions to prevent, disrupt, investigate, and dismantle these TCOs.” The action plan should also provide for the creation of an operational cell within the National Coordination Center (“NCC”) that will coordinate the government’s efforts to address these threats. The operational cell is to “involve[e] the private sector as appropriate” in efforts to detect, disrupt, dismantle, and deter cyber-enabled criminal activity.
- Public-Private Engagement: The action plan must also describe how the Attorney General and Secretary of Homeland Security, supported by the Secretary of War, will use “relevant technical capabilities, threat intelligence, and operational insights from commercial cybersecurity firms and other non-Federal entities . . . to enhance attribution, tracking, and disruption of malicious cyber actors and enabling infrastructure engaged in cybercrime, fraud, and predatory schemes.”
- Enforcement Priorities: Federal prosecutors are directed to prioritize cyber-enabled fraud schemes, including scam centers and sextortion schemes. This follows the Justice Department’s announcement of a Scam Center Strike Force last year.
- Support for State and Local Partners: Federal agencies are directed to provide State, local, tribal, and territorial partners with training, resilience and technical assistance with a focus on hardening critical infrastructure.
- Victims Restoration Program: Within 90 days, the Attorney General is directed to establish a “Victims Restoration Program” to provide “restoration or remission to victims of cyber-enabled fraud schemes from funds clawed back, forfeited, or seized” from cyber criminals that perpetuate such schemes.
- International Engagement: The Secretary of State is instructed to, in coordination with the NCC, engage with foreign governments “to demand enforcement actions” against criminal organizations operating in their countries and cooperation with U.S. law enforcement. In addition, the Secretary of State is to consider deploying other tools to impose consequences on nations that tolerate these criminal organizations, including by limiting foreign aid, imposing sanctions and trade penalties, restricting visas, and expelling foreign officials and diplomats.
Key Takeaways: Taken together, the Order and Fact Sheet underscore the Administration’s continued focus on combating TCOs, including those engaged in cybercrime and fraud targeting American citizens. While the Order mentions ransomware schemes, it also highlights sextortion schemes and scam centers as targets of the Administration’s proposed activities.
In addition to the actions mentioned above, the Order follows several additional steps the Administration has taken to address these threats in the last year, including:
- The publication of an advisory by the Treasury Department’s Financial Crimes Enforcement Network to help financial institutions detect and disrupt financially motivated sextortion networks; and
- The Treasury Department’s designation of Southeast Asian cyber scam networks.
As with the Cyber Strategy, the Order and Fact Sheet also envision significant private sector involvement in efforts to counter these threats, and private companies should expect continued government engagement on addressing these criminal cyber and cyber-enabled threats.