The U.S. needs a “whole-of-nation approach” to deterring and warding off cyber attacks backed by foreign states, President Donald Trump’s newly confirmed national cyber director said Tuesday.
Such attacks will continue until officials impose more severe consequences on bad actors, Sean Cairncross said in his first public address since his confirmation last month to lead the Office of the National Cyber Director.
The nation “must send a message this behavior is unacceptable” and will come at a cost, Cairncross said at the Billington Cyber Summit, specifically mentioning China, which has backed campaigns that target telecommunications networks and other critical infrastructure across the country.
“Engagement and increased involvement with the private sector is necessary for our success,” he said. “I’m committed to marshalling a unified, whole-of-nation approach on this, working in lockstep with our allies who share our commitment to democratic values, privacy and liberty…Together, we’ll explore concepts of operation to enable our extremely capable private sector, from exposing malign actions to shifting adversaries’ risk calculus and bolstering resilience.”
During a subsequent appearance at a Tuesday event hosted by Politico, Cairncross said, “I think it is important that we really start to shape adversary behavior” and that “we can’t be ambiguous” when it comes to deterring threat actors.
The U.S. already conducts clandestine intrusions into adversaries’ networks under legal authorities granted to the National Security Agency, U.S. Cyber Command and others. But lawmakers on both sides of the political aisle have argued the nation hasn’t been assertive enough in its tactics, especially in the wake of the major Chinese hacks.
Sen. Angus King, I-Maine, also said at Politico’s event that as long as cyberthreat actors “feel that there’s going to be no response, there’s no cost, they’re going to continue to do it.”
King noted that he sponsored an amendment to the 2026 National Defense Authorization Act with Sen. Tom Cotton, R-Ark., that “charges the Secretary of Defense with developing a deterrent strategy over the next year and a half that will try to remedy this gap in our overall cyber defense.”
“It doesn’t necessarily have to be cyber for cyber,” he said about countering digital attacks with a more offensive approach. “It can be some other kind of response, but it has to hurt.”
Trump administration officials and industry partners have also discussed whether privateering contracts, once used to deputize pirate ships, could offer inspiration for authorizing private sector hacking operations against China, Nextgov/FCW reported in May.
The new ONCD leader also wants to continue efforts to boost the U.S. cybersecurity workforce, a goal that was a focal point for the office during the Biden administration under then-Director Harry Coker. In his first term, Trump signed an executive order focused on the cyber workforce.
“We need a pipeline that develops and shares talent,” Cairncross said. “It should be pragmatic and accessible, reconciling and taking advantage of existing avenues within academia, vocational schools, corporations and venture capital opportunities to not only educate and train our existing cyber workforce, but to also recruit new talent, preparing the next generation to design and deploy exquisite emerging technologies.”
Cairncross’s responsibilities include coordinating cybersecurity efforts between various government agencies, developing and implementing national cybersecurity policies and advising the president on critical cyber issues.
He also said that ONCD is working to get government systems’ security in order: “We’re working on policies to harden our networks, update our technologies and ensure that we’re prepared for a post-quantum future.”
Read the full article here