In his first 100 days back in office, President Trump has wasted no time redrawing the map of US cybersecurity policy. The new playbook favors speed over consensus, state autonomy over federal coordination, and a hard-nosed, offense-first posture regarding digital threats. It’s a sharp pivot from the previous administration’s more measured approach, which leaned on diplomacy and centralized oversight. But whether this new posture strengthens national resilience or sacrifices long-term alliances for short-term leverage remains an open (and urgent) question for all of us.
A New Cyber Doctrine of Speed Over Diplomacy
Speaking at the RSA Conference, Alexei Bulazel, the top cyber official on the National Security Council, laid it out clearly: the administration plans to “normalize” offensive cyber operations (The Record, 2025). That means hacking back isn’t off the table. In fact, it’s expected. Bulazel’s comments are some of the clearest signals yet that the administration is leaning into a tougher, more aggressive cyber posture. While the team has hinted at this direction before, especially after major Chinese intrusions into US telecom systems, concrete plans have been hard to come by.
This go-on-the-offense approach is backed by sweeping structural changes. The White House has moved to dismantle the State Department’s cyber diplomacy bureau, sparking bipartisan concern about weakening international coordination (Cybersecurity Dive, 2025). Created in 2022 under the Biden administration, the Bureau of Cyberspace and Digital Policy (CDP) was designed to integrate cyber strategy directly into diplomacy. Its leader currently reports to the deputy secretary of state, ensuring top-level influence.
Cybersecurity leaders and Democratic lawmakers are pushing back on the Trump administration’s plan to restructure the CDP. The proposal would split the bureau’s economic and cybersecurity functions into separate offices (Cyberscoop, 2025). Critics argue this fragmentation would weaken the US's ability to coordinate cyber diplomacy both at home and abroad. They warned that the split could jeopardize critical partnerships, hinder responses to cyber threats, and contradict congressional directives to unify digital policy and cybersecurity. Democrats blasted the plan as rushed and lacking consultation. They pointed to the bureau’s successes in aiding allies under attack, facilitating sanctions, and aligning efforts with the Pentagon, CISA, and intelligence agencies. The Government Accountability Office echoed concerns, noting the bureau already needs more staff and resources, and that the proposed changes could further undermine its mission.
Targeting Federal Agencies
What’s also making headlines are the administration’s efforts to cut funding for the Cybersecurity and Infrastructure Security Agency (CISA) and the abrupt firings of top officials at Cyber Command and the NSA. The removal of respected figures like Chris Krebs and Gen. Timothy Haugh, combined with agency restructuring and reduced budgets, has created deep concern about the US's cyber readiness amid rising threats from China and Russia.
At the RSA Conference, cybersecurity professionals rallied in protest, calling on their peers to resist what they see as a dangerous hollowing-out of national defenses (Politico, 2025). Despite public reassurances from Homeland Security Secretary Kristi Noem and NSC cyber chief Alexei Bulazel, skepticism remains high. As one expert put it, adversaries are watching the chaos—and may see it as a window of opportunity. Meanwhile, support for Krebs has surged, with his call to “stay in the fight” receiving standing ovations and hundreds of signatures on a public letter of support.
States on the Front Lines
President Trump’s executive order handing off key cybersecurity responsibilities to states comes as attacks on public systems—from schools to healthcare—are intensifying. Yet many states lack the tools, talent, and funding to handle the threat. A nationwide self-assessment found that fewer than half of states (just 22 out of 48) met basic cybersecurity standards (North Dakota Monitor, 2025).
In March 2025, the Trump administration issued a cybersecurity-focused Executive Order with the purpose of disaster preparedness—including cyber threats—to state and local governments (White House, 2025). The EO calls for a “National Resilience Strategy” and the creation of a “National Risk Register” to guide federal, state, and private sector priorities. It also mandates a review and potential rollback of Biden-era cybersecurity policies, signaling a move from centralized to decentralized, risk-based governance.
Budget cuts have eliminated federal cybersecurity grants and trimmed staff at key agencies like CISA, leaving states scrambling for resources. Some alarm bells are going off in the background of the Oval Office, as more states find themselves unprepared to meet the rising tide of cyberattacks.
Sweeping Oversight Shifts
At the SEC, a newly created Cyber and Emerging Technologies Unit has tightened disclosure rules (SEC, 2025). Public companies must now report material cyber incidents within four business days, which is quite an aggressive timeline that’s raised concerns in corporate boardrooms. How strictly CETU will enforce the rule and whether early enforcement cases will help define the threshold for “materiality.” For now, companies are under pressure to build faster incident detection and internal legal review pipelines, balancing legal obligations with operational realities in what has become one of the SEC’s most closely watched enforcement fronts.
In parallel, the DoD is piloting SWIFT, an AI-powered platform meant to accelerate software approvals and redefine certification workflows from the ground up (Defense Scoop, 2025). SWIFT introduces continuous risk assessment through third-party evaluations of vendors based on 12 defined cyber risk characteristics. Vendors must provide certified Software Bills of Materials (SBOMs), which will be analyzed using large language models (LLMs) to detect anomalies or vulnerabilities in source code. If cleared, vendors receive a provisional ATO almost immediately.
International Implications and Fraying Alliances
Beyond US borders, this strategic pivot carries broader risks. Shifting cybersecurity oversight away from federal coordination could strain cross-border threat sharing and response. The US is decentralizing cybersecurity at a moment when threats are more global, coordinated, and sophisticated than ever, raising concerns that neither states nor international allies are ready for what comes next.
The Trump administration has also quietly softened its stance on Russia as a cybersecurity threat, departing from years of US intelligence assessments that labeled Moscow a top-tier adversary. At a recent UN cybersecurity meeting, US officials omitted Russia from their list of cyber concerns, naming only China and Iran. The silence extended to the Russia-based ransomware group LockBit, which has long been on US watchlists.
Behind the scenes, a CISA memo reportedly deprioritized Russian threats, and staff were told not to focus on them despite Moscow’s well-documented targeting of US infrastructure (The Guardian, 2025). Cybersecurity veterans and international observers warn that the shift leaves American systems more exposed, undermines alliances, and emboldens adversaries.
Privacy Frameworks in Jeopardy
President Trump’s removal of three Democratic members from the Privacy and Civil Liberties Oversight Board (PCLOB) has cast a shadow over the EU-US Data Privacy Framework (DPF). The DPF enables GDPR-compliant data transfers from the EU to the US, but European regulators now openly question its future (European Parliament, 2025). For now, the framework remains intact, but its stability may depend on how Washington navigates this new, more volatile cybersecurity agenda. Critics warn the change undermines coordination with allies, damages US credibility, and emboldens Russia’s aggressive cyber posture.
But major Biden-era privacy regulations implemented in late 2024 remain in force. The FTC’s revised Children’s Online Privacy Protection Act (COPPA) rules and the DOJ’s Data Rule enforcement went ahead without disruption (US GOV, 2025). The FTC finalized COPPA changes in April 2025, while the DOJ quietly issued guidance just days after the Data Rule took effect.
Top Regulations to Watch during Trump’s Term
The Trump administration is taking early steps to reshape how the federal government regulates cybersecurity, with Republican lawmakers pushing to simplify what they see as a patchwork of costly, overlapping rules. Three key regulations are under scrutiny:
Republican leaders argue that these regulations—largely developed under Biden—duplicate efforts, raise compliance costs and lack clarity. In a letter to the Office of Management and Budget, GOP lawmakers called for a top-down review to eliminate redundancies and create consistency across agencies.
The SEC’s rule, which requires companies to report major cyber incidents within four business days, is particularly contentious. Critics say it prioritizes paperwork over actual security. With Trump’s new SEC chair, Paul Atkins, seen as skeptical of aggressive enforcement, changes could be imminent.
For now, the administration is signaling that it prefers a lighter, more coordinated regulatory touch, one that minimizes red tape while still addressing rising cyber threats. Whether that balance can be struck without weakening protections remains to be seen.
Bottom Line
In less than four months, the Trump administration has redrawn the contours of US cybersecurity, ripping out the central command, slashing funding, and normalizing offense as policy. Allies are rattled. Adversaries are watching. And inside the cyber community, a quiet rebellion is turning vocal. Can a fragmented, politicized, and fast-moving cyber doctrine defend a hyper-connected America against its most sophisticated threats, or is this the moment the firewall fractures?