America’s New Cyber Strategy

U.S. White House Unveils President Trump’s Cyber Strategy for America

The White House
March 6, 2026

The White House has announced a new plan aimed at protecting Americans online, with a special focus on fighting the kinds of financial fraud and romance scams that have devastated so many lives. This approach recognizes that cybersecurity isn’t just about government systems—it’s about protecting regular people from the real, daily threats they face from scammers and foreign criminals.

The strategy calls for a major shift in how the government tackles these threats. Instead of just creating more rules, the plan is focused on going after the criminals directly and making it harder for them to operate. This includes using both defensive tools to protect people and offensive actions to disrupt scammer networks overseas.

A key part of this plan is removing unnecessary burdens that have distracted from the core mission of stopping criminals. For example, the administration is rolling back complicated digital ID rules that could have been exploited by bad actors and getting rid of red tape that made it harder for agencies to focus on actual threats.

The strategy is built around six main priorities: targeting and punishing cybercriminals, streamlining regulations, building up America’s cyber defense workforce, securing government technology purchases, protecting critical infrastructure like power and water systems, and staying ahead of new threats from technologies like AI.

Importantly, the plan emphasizes working with tech companies and other private sector partners as allies, not just regulated entities. The goal is to create a true partnership where government and industry work together to identify threats and share information more effectively.

For victims of scams and fraud, this strategy represents a commitment that the federal government will take these crimes more seriously and focus its resources on preventing others from falling prey to the same sophisticated criminal operations.

The document outlines President Trump’s comprehensive cyber strategy, emphasizing national security, technological innovation, and international cooperation.

SCARS Institute’s Overview

Cyber Warfare and Adversary Deterrence

• Deploys offensive and defensive cyber operations to disrupt and deter adversaries.
• Targets criminal networks, espionage, and propaganda to protect American interests.
• Uses all national power instruments to raise costs for cyber threats.
• Works with allies to create collective risk for adversaries.

Regulatory and Industry Modernization

• Streamlines cyber regulations to reduce compliance burdens.
• Promotes agility and privacy in data security.
• Accelerates federal network modernization with AI, cloud, and zero-trust architecture.
• Ensures government adopts best cybersecurity practices.

Securing Critical Infrastructure

• Prioritizes protection of energy, finance, healthcare, and water systems.
• Moves away from adversary vendors to U.S. technologies.
• Enhances incident recovery and supply chain security.
• Engages state and local authorities in cybersecurity efforts.

Advancing Emerging Technologies

• Secures AI, blockchain, and quantum computing to maintain innovation edge.
• Implements post-quantum cryptography and AI-enabled cyber tools.
• Promotes responsible development of agentic AI.
• Counters foreign AI platforms that censor or surveil.

Building Cyber Talent and Workforce

• Recognizes cyber workforce as a strategic asset.
• Develops pipelines through academia, industry, and military.
• Eliminates barriers to align incentives and enhance skills.
• Invests in training to sustain technological leadership.

International and Diplomatic Engagement

• Uses diplomacy and commerce to establish global cyber norms.
• Promotes U.S. values in international cyber standards.
• Coordinates with allies to strengthen collective cybersecurity.
• Combats global cyber threats through international cooperation.

PRESIDENT TRUMP’S CYBER STRATEGY FOR AMERICA

Moving Forward

Our resolve is absolute. We will act swiftly, deliberately, and proactively to disable cyber threats to America. We will not confine our responses to the “cyber” realm. We will undertake an unprecedented effort, operating in a coordinated and sustained fashion across the U.S. government. Working with allies across the globe, we will promote U.S. interests and security. We will fight the curtailment of free speech. We will outcompete adversaries who sell “low cost” AI and digital technologies that carry embedded censorship, surveillance, and ideological bias. We will partner closely with industry and academia, at the speed and scale commensurate with the threats we face, and in accordance with our values.

President Trump has made targeting Americans a hazardous business. Our adversaries have and will increasingly feel the consequences of their actions; we will dismantle networks, pursue hackers and spies, and sanction lawless foreign hacking companies. We will unveil and embarrass online espionage, destructive propaganda and influence operations, and cultural subversion. By disrupting adversaries’ cyber campaigns, and making our networks more defensible and resilient, we will unleash innovation, accelerate economic growth, and secure American technology dominance.

We will remove burdensome, ineffective regulations so that our industry partners innovate quickly in emerging technologies. Partners in the private sector must be able to respond and recover quickly to ensure continuity of the American economy. We will defend our federal systems, critical infrastructure, and supply chains by putting security at the foundation of innovation. We will modernize our information systems so that old infrastructure does not choke innovation. We will engage internationally through diplomacy, commerce, and operations to ensure norms and standards reflect our values. We will leverage the immense talents and ingenuity of our private sector research base. We will establish a new level of relationship between the public and private sectors to defend America in peace and war.

Pillars of Action

Six Policy Pillars underpin this strategy and will guide implementation and measures for success.

1. Shape Adversary Behavior
   American citizens, companies, and our allies should not have to fend off sophisticated military, intelligence, and criminal adversaries in cyberspace alone. We will deploy the full suite of U.S. government defensive and offensive cyber operations. We will unleash the private sector by creating incentives to identify and disrupt adversary networks and scale our national capabilities. We must detect, confront, and defeat cyber adversaries before they breach our networks and systems. We will erode their capacity and capabilities, and use all instruments of national power to raise the costs for their aggression. We will counter the spread of the surveillance state and authoritarian technologies that monitor and repress citizens. Cybercrime and intellectual property theft are some of the greatest threats to global economies. We will uproot criminal infrastructure and deny financial exit and safe haven. Defending cyberspace and safeguarding freedom is a collective effort—the distribution of cost and responsibility must be fair across the U.S. and allies who share our democratic values. We will work together to create real risk for adversaries who seek to harm us, and impose consequences on those who do act against us.
2. Promote Common Sense Regulation
   Cyber defense should not be reduced to a costly checklist that delays preparedness, action, and response. We will streamline cyber regulations to reduce compliance burdens, address liability, and better align regulators and industry globally. We will streamline data and cybersecurity regulations to ensure that the private sector has the agility necessary to keep pace with rapidly evolving threats. We will emphasize the right to privacy for Americans and American data.
3. Modernize and Secure Federal Government Networks
   We will accelerate the modernization, defensibility, and resilience of federal information systems by implementing cybersecurity best practices, post-quantum cryptography, zero-trust architecture, and cloud transition. We will work to elevate the importance of cyber in government leadership and in the board room. We will use the best technologies and teams to constantly test and hunt for malicious actors on federal networks. We will prioritize the security and resilience of the National Security Systems that underpin our military, intelligence, and civilian enterprises. We will work to adopt AI-powered cybersecurity solutions to defend federal networks and deter intrusions at scale. Working across the government to modernize and create competitive procurement processes, we will remove barriers to entry so that the government can buy and use the best technology.
4. Secure Critical Infrastructure
   We will identify, prioritize, and harden America’s critical infrastructure and secure its supply chains, including defense critical infrastructure and adjacent vendors, private companies, networks, and services—such as the energy grid, financial and telecommunication systems, data centers, water utilities, and hospitals—securing information and operational technology supply chains. We must move away from adversary vendors and products, promoting and employing U.S. technologies. We will deny our adversaries initial access, and in the event of an incident, we must be able to recover quickly. We will galvanize the role of state, local, Tribal, and territorial authorities as a complement to—not a substitute for—our national cybersecurity efforts.
5. Sustain Superiority in Critical and Emerging Technologies
   Securing American innovation and protecting our national intellectual advantage will be paramount. We will build secure technologies and supply chains that protect user privacy from design to deployment, including supporting the security of cryptocurrencies and blockchain technologies. We will promote the adoption of post-quantum cryptography and secure quantum computing. And we will secure the AI technology stack—including our data centers—and promote innovation in AI security. We will swiftly implement AI-enabled cyber tools to detect, divert, and deceive threat actors. We will rapidly adopt and promote agentic AI in ways that securely scale network defense and disruption. Through cyber diplomacy, we will ensure that AI—particularly generative AI and agentic AI—advances innovation and global stability. We will secure the data, infrastructure, and models that underpin U.S. leadership in AI and we will call out and frustrate the spread of foreign AI platforms that censor, surveil, and mislead their users.
6. Build Talent and Capacity
   President Trump has called America’s cyber workforce a strategic asset that “ protects the American people, the homeland, and the American way of life.” It is an asset worthy of great investment and essential to our nation’s economic prosperity and security. We need a pipeline that develops and shares talent. It must be pragmatic and accessible—reconciling and taking advantage of existing avenues within academia, vocational and technical schools, corporations, and venture capital opportunities—to educate and train our existing cyber workforce across industries and occupations, and to recruit the next generation to design and deploy exquisite cyber technologies and solutions. We will eliminate roadblocks that prevent industry, academia, government, and the military from aligning incentives and building a highly skilled cyber workforce. We will harness the existing resources, authorities, talents, and ingenuity that make America great.

Conclusion

This strategy makes clear the course President Trump has pursued in cyberspace, and the direction the U.S. government will pursue with increasing impact. President Trump has acted to ensure that Americans—especially future generations—will have a strong country where they are secure and defended, and a future defined by individual freedom, economic prosperity, and opportunity. President Trump will continue showing those who harm our interests and attack our values in cyberspace place themselves at risk.

Glossary

• Adversary Behavior Shaping — Government cyber policy seeks to influence the decisions and capabilities of hostile actors before attacks occur. Authorities use deterrence, exposure, sanctions, and disruption to increase the cost of cybercrime and cyber espionage. For scam victims, this concept explains why governments pursue criminal infrastructure and networks rather than focusing only on individual perpetrators.
• Adversary Vendors — Technology suppliers linked to hostile governments or criminal ecosystems can introduce security risks into national networks. Policies that move away from these vendors attempt to reduce hidden vulnerabilities that adversaries could exploit. Scam victims benefit when infrastructure is built on trusted systems that are less likely to enable criminal operations.
• Agentic Artificial Intelligence — Agentic AI refers to autonomous artificial intelligence systems capable of making decisions and taking actions without continuous human control. Governments seek to secure these systems so they cannot be used to automate cybercrime, fraud, or surveillance. For scam victims, understanding this concept highlights how technology can both create new risks and support stronger defenses.
• Artificial Intelligence Security — AI security focuses on protecting artificial intelligence systems, models, and data from manipulation or misuse. Security measures attempt to prevent criminals from using AI to scale scams, impersonate victims, or automate deception. Effective AI security helps reduce the technological advantage criminals may gain in large-scale fraud operations.
• Blockchain Technology Security — Blockchain systems support digital transactions and cryptocurrencies that are frequently used in online fraud schemes. Securing these systems includes protecting transaction records, preventing manipulation, and monitoring criminal use. Scam victims often encounter cryptocurrency in scams, so stronger blockchain security may reduce criminal abuse of these financial tools.
• Cloud Transition — Cloud transition refers to moving government and organizational computing systems from local infrastructure into secure cloud environments. Cloud architecture can provide stronger monitoring, resilience, and recovery capabilities than older systems. This modernization helps protect digital services that criminals might otherwise exploit.
• Collective Cybersecurity Cooperation — Cyber threats often cross national borders and require coordinated responses between governments and allies. Cooperative security frameworks allow partners to share intelligence, coordinate investigations, and respond collectively to cybercrime. This collaboration helps pursue scammers who operate internationally and target victims in many countries.
• Compliance Burden Reduction — Cybersecurity policy sometimes focuses on reducing regulatory paperwork that distracts organizations from actual threat prevention. Simplifying compliance allows institutions to devote more resources to detecting and stopping criminals. Scam victims benefit when agencies spend less time on bureaucracy and more time on investigation and disruption.
• Critical Infrastructure Protection — Critical infrastructure includes systems such as power grids, hospitals, water utilities, telecommunications, and financial networks. Governments prioritize securing these systems because disruptions can harm entire populations. Criminal networks sometimes target these systems for fraud, extortion, or data theft.
• Cultural Influence Operations — Adversaries sometimes attempt to manipulate public opinion through digital propaganda and coordinated information campaigns. These operations may include spreading misinformation or influencing online communities. Such activities can contribute to environments where scams and manipulation become easier to conduct.
• Cyber Diplomacy — Cyber diplomacy involves international negotiation and cooperation to establish global standards and norms for digital behavior. Governments work with allies to discourage cybercrime, promote transparency, and coordinate responses to cyber threats. Strong diplomatic frameworks help address transnational scam networks that operate across jurisdictions.
• Cyber Operations — Cyber operations include defensive and offensive digital actions used by governments to protect networks or disrupt hostile systems. Defensive operations strengthen security, while offensive actions may disable criminal infrastructure. These operations attempt to prevent large-scale cybercrime from reaching victims.
• Cyber Workforce Development — A strong cybersecurity workforce includes trained professionals who detect threats, investigate incidents, and protect digital systems. Governments invest in education, training, and recruitment pipelines to sustain these capabilities. Expanded cyber talent increases the likelihood that scams and cybercriminal networks can be identified and dismantled.
• Cybercrime Infrastructure — Criminal networks rely on digital tools such as servers, payment channels, communication platforms, and stolen identities. This infrastructure enables scams to operate across borders at large scale. Government strategies increasingly focus on dismantling these systems rather than only pursuing individual criminals.
• Cybersecurity Best Practices — Cybersecurity best practices refer to established methods that organizations use to reduce digital risk. These practices include system monitoring, secure authentication, and continuous testing for vulnerabilities. Adoption of consistent security standards helps reduce opportunities for fraud and exploitation.
• Cybersecurity Modernization — Modernization replaces outdated digital systems with secure technologies designed for current threats. Older infrastructure often lacks the defenses necessary to resist sophisticated cybercrime. Upgraded systems improve resilience and allow faster response to criminal activity.
• Cybersecurity Partnerships — Government agencies increasingly collaborate with private companies that operate large portions of digital infrastructure. Partnerships allow faster sharing of threat intelligence and coordinated responses to attacks. These relationships strengthen the ability to identify scam operations and block malicious activity.
• Data Security Privacy — Protecting personal and institutional data from unauthorized access is a central goal of cybersecurity policy. Strong privacy protections help reduce identity theft and financial fraud. Scam victims often suffer from stolen personal information, which makes data protection a critical defensive measure.
• Digital Identification Systems — Digital identity technologies allow individuals to verify identity online for services and transactions. Improperly designed systems can introduce vulnerabilities that criminals exploit. Policymakers sometimes reconsider these systems when security risks outweigh their benefits.
• Economic Cybersecurity Resilience — Cybersecurity resilience refers to the ability of digital systems and economies to continue functioning despite cyber attacks. Governments aim to ensure that businesses and infrastructure can recover quickly after incidents. Resilience limits the broader economic damage caused by cybercrime.
• Emerging Technology Governance — Governments increasingly develop policies that guide how new technologies are developed, secured, and deployed. These policies attempt to ensure innovation while preventing criminal exploitation. Scam victims benefit when emerging technologies include security protections from the beginning.
• Federal Network Defense — Federal network defense refers to the protection of government information systems from intrusion or manipulation. These networks store sensitive data and support public services. Strengthening their defenses prevents criminals and hostile actors from gaining access to critical information.
• Global Cyber Norms — Cyber norms are shared expectations between nations about acceptable behavior in cyberspace. Establishing these norms can discourage cybercrime, espionage, and digital sabotage. International agreements help create consequences for actors who support or tolerate scam networks.
• Government Procurement Security — Government procurement policies determine how agencies purchase technology and services. Secure procurement ensures that systems are built using trusted vendors and verified technologies. This reduces the chance that malicious actors embed vulnerabilities into national infrastructure.
• Incident Recovery Capability — Cyber incidents can occur despite strong defenses, making recovery capacity essential. Recovery planning focuses on restoring services, protecting data, and limiting damage after an attack. Effective recovery reduces long-term harm when cybercrime or fraud disrupts systems.
• Information Technology Supply Chain Security — Digital infrastructure depends on complex supply chains involving hardware, software, and service providers. Securing these supply chains prevents malicious components from entering national systems. Criminal networks sometimes exploit weak supply chains to gain hidden access.
• Influence Operations Exposure — Governments sometimes publicly reveal foreign cyber operations to reduce their effectiveness. Exposure removes the secrecy that allows propaganda or criminal manipulation to spread unnoticed. Public awareness also helps individuals recognize manipulation tactics.
• Intellectual Property Theft — Intellectual property theft involves stealing proprietary designs, research, or software through cyber intrusion. Such theft can damage economies and fund criminal networks. Cyber strategies attempt to prevent this activity by strengthening detection and deterrence capabilities.
• National Cyber Capabilities — National cyber capabilities include the combined technological, investigative, and operational resources used to defend digital systems. These capabilities support both prevention and response to cybercrime. Strong capabilities increase the ability to dismantle scam operations.
• National Security Systems Protection — Certain government systems support military, intelligence, and national defense functions. Protecting these systems ensures operational continuity and prevents adversaries from exploiting sensitive information. Cybersecurity policies prioritize safeguarding these networks.
• Offensive Cyber Operations — Offensive cyber actions target hostile systems in order to disrupt attacks or dismantle criminal infrastructure. These operations may disable servers, communication channels, or financial networks used by cybercriminals. Offensive strategies aim to make cybercrime more difficult and costly.
• Post Quantum Cryptography — Post quantum cryptography refers to encryption systems designed to resist attacks from future quantum computers. Current encryption methods may become vulnerable as quantum computing advances. Developing stronger cryptography protects sensitive communications and financial systems.
• Private Sector Cyber Collaboration — Many digital systems are owned and operated by private companies rather than governments. Collaboration with these companies allows faster identification of threats and coordinated defensive measures. Effective cooperation strengthens protection for individuals who rely on digital services.
• Quantum Computing Security — Quantum computing introduces powerful new computational capabilities that may transform cybersecurity. Governments work to ensure that these technologies strengthen security rather than weaken it. Research into secure quantum systems aims to protect future digital infrastructure.
• Regulatory Streamlining — Streamlining regulations removes unnecessary rules that slow security improvements without reducing risk. Policymakers attempt to balance oversight with operational agility. Efficient regulation allows organizations to focus resources on genuine cyber threats.
• Secure Technology Supply Chains — Secure supply chains ensure that hardware and software components originate from trusted sources. Verification and monitoring reduce the risk of hidden vulnerabilities. Protecting supply chains prevents adversaries from inserting malicious technology into national systems.
• Strategic Cyber Deterrence — Deterrence strategies attempt to discourage cybercrime by demonstrating that attacks will result in consequences. These consequences may include sanctions, legal action, or operational disruption. Effective deterrence raises the risks faced by criminals who target victims.
• Surveillance State Technologies — Some foreign technologies include built-in monitoring or censorship capabilities that can be misused. Governments seek to prevent these systems from influencing domestic infrastructure. Limiting such technologies protects privacy and democratic freedoms.
• Technological Innovation Protection — Innovation protection focuses on safeguarding new technologies from theft, sabotage, or manipulation. Secure innovation allows societies to benefit from technological progress without enabling criminal misuse. This approach supports both economic growth and public safety.
• Threat Actor Detection — Cybersecurity systems monitor networks to identify suspicious behavior associated with attackers. Early detection allows investigators to intervene before major damage occurs. Scam victims benefit when criminal infrastructure is identified and dismantled quickly.
• Zero Trust Architecture — Zero-trust security models assume that no device or user should be automatically trusted within a network. Systems continuously verify identity and access permissions. This approach reduces the likelihood that intruders can move freely within compromised systems.