The White House’s newly released national cyber strategy has received praise from industry officials, but some are also asking for more specifics on the cyber policies.
The White House Office of the National Cyber Director (ONCD) published the seven-page strategy – which has five pages with text – on Friday afternoon, outlining a six-pillar framework intended to strengthen U.S. cybersecurity.
The six pillars are: shape adversary behavior, promote common-sense regulation, modernize and secure federal government networks, secure critical infrastructure, sustain superiority in critical and emerging technologies, and build talent and capacity.
National Cyber Director Sean Cairncross previewed the strategy last month, and said ONCD worked closely with industry stakeholders to finalize the strategy.
Following the release of the document, many industry officials offered praise for the strategy’s continued focus on zero trust, artificial intelligence (AI)-driven security, and stronger public-private collaboration.
“The most important signal in President Trump’s newly released Cyber Strategy for America is not what changed, but what didn’t. Zero trust remains a core pillar of U.S. cyber strategy – reinforcing that it is not political, but operational,” said Gary Barlet, public sector chief technology officer at Illumio.
“This strategy reinforces a necessary shift: Policy alone isn’t enough. Progress depends on clear expectations, accountability, and sustained execution across government and industry,” Barlet added. “In an AI?driven threat environment shaped by nation?state activity, resilience comes from discipline – not assumptions.”
Drew Bagley, chief privacy and policy officer at CrowdStrike, said the strategy “addresses modern threats through concrete policies.”
“Each pillar is important, and the emphasis on securing advanced technologies correctly recognizes AI as an accelerant for our adversaries and a must-have area of expertise for frontline defenders,” Bagley said.
Bill Wright, global head of government affairs at Elastic, applauded the strategy’s focus on measurable outcomes: “The March 2026 Cyber Strategy from the White House highlights a growing focus on measurable security outcomes rather than static compliance checklists. Redirecting resources from paperwork to AI-powered security capabilities is the only way to keep pace with modern threats and adversaries who operate at great speed.”
“As new and more sophisticated threats emerge, America needed a new national cyber strategy that captures the urgency of this moment,” USTelecom President and CEO Jonathan Spalter said. “The President’s strategy rightly recognizes that harnessing America’s unique mix of private-sector innovation with public-sector capacity is the best deterrence.”
Palo Alto Networks CEO Nikesh Arora praised ONCD for its focus on future-facing security priorities.
“I commend Director Cairncross and the National Cyber Strategy for the forward-looking approach to tackling critical cybersecurity challenges,” Arora said. “Of note, its emphasis on promoting quantum-safe security and AI security positions the United States to maintain technological leadership in an evolving threat landscape.”
Ryan Gillis, senior vice president and global head of government partnerships at Zscaler, praised the strategy for its clarity, saying, “The National Cyber Strategy released today provides a clear framework for action – one that prioritizes modernization, resilience, and collaboration between the U.S. government, industry, and allies grounded in a commitment to an open and secure cyberspace.”
“The Cyber Strategy for America reinforces that critical infrastructure and federal systems must be defensible, resilient, and capable of disrupting threats at scale,” said Felipe Fernandez, chief technology officer at Fortinet Federal.
Jason Oxman, president and CEO of global tech trade association ITI, said the strategy “outlines a bold vision to advance America’s cybersecurity leadership.”
“We commend the administration for incorporating industry’s feedback to ensure cybersecurity is not merely a paperwork exercise, but treated as a national security mission that depends on speed, trust, and collaboration,” Oxman said.
However, not all of the reviews were positive, as some experts wanted more substance and details in the strategy document.
“There’s not a lot to disagree with in the 2026 Cyber Strategy, but there’s also not a lot in it at all,” said Nicholas Leiserson, senior vice president for policy at the Institute for Security and Technology (IST).
“Without the backing of a comprehensive implementation plan, no strategy can meaningfully improve our cybersecurity posture,” he said.
Joshua Corman, executive in residence for public safety and resilience at IST, added: “I was glad to see the 2026 Cybersecurity Strategy list securing critical infrastructure as one of its six key pillars, particularly its callout of water utilities and hospitals as particularly at risk … It was, however, surprising to see no explicit mention of the Typhoons, especially given the urgency needed to address them, potentially as early as 2027.”
The Salt Typhoon and related Volt Typhoon hacking groups backed by the Chinese government have emerged in recent years as sophisticated threat actors.
Rep. Bennie Thompson, D-Miss., ranking member of the Committee on Homeland Security, also wanted more from the strategy.
“The President’s Cyber Strategy – barely 3 pages of substance – is impressively underachieving, even by the abysmal standards this administration has set for itself,” Thompson said. “What little ‘substance’ does exist in this pamphlet is a mishmash of vague platitudes, a long catalogue of ‘we will’ statements that may or may not match the Administration’s current behavior, and, mercifully, an apparent extension of some Biden-era policies.”
“Completely lacking is even the most basic blueprint for how the administration will go about achieving any of its cybersecurity goals – an objective possibly hamstrung by the hemorrhage in cyber talent across all federal agencies since Trump took office,” he added.