According to TheRegister.com, US National Cyber Director Sean Cairncross announced at the Aspen Cyber Summit in Washington, D.C. on Tuesday that America is shifting from pure cyber defense to going on the offensive against foreign hackers. He revealed his office is working on a new National Cyber Strategy document with six pillars that will pair policy with direct actions against threat actors. Cairncross admitted the US hasn’t done a “terrific job” making adversaries face consequences for attacking critical infrastructure. The strategy aims to create a “single coordinated approach” that’s never existed before in US cyber operations. He declined to provide any timeline for when this new offensive approach would actually be implemented, saying only that they’ll “roll out a strategy” and “start moving deliverables” eventually.
Why the sudden urgency?
Here’s the thing – this isn’t just government frustration talking. Sitting right beside Cairncross was Mandiant cofounder Kevin Mandia, who basically said the current situation is unsustainable. He argued that criminals always get new tech before the good guys, and warned that in five years, AI agents will be doing offensive attacks at a scale we can’t even imagine right now. His blunt assessment? Better defense “will never stop the problem.” That’s coming from someone who’s been in the trenches fighting cybercrime for decades. When both government and industry heavyweights are saying the same thing, you know we’ve reached a breaking point.
What about the private sector?
This is where it gets really interesting. Cairncross acknowledged that private companies own most of our critical infrastructure – calling it a “double-edged sword” that makes protection harder but collaboration essential. But Google’s Threat Intelligence VP Sandra Joyce wasn’t having any of the current public-private partnership model. She straight up said “If that was going to work, it would have worked by now.” Instead of companies just dumping data on the government, she wants specific intelligence that actually helps the feds take offensive action. And she’s got a point – we’ve seen ransomware attacks and infrastructure intrusions keep increasing despite all the talking and information sharing.
The elephant in the room
So when is this magical offensive strategy actually happening? Nobody knows. Cairncross dodged that question harder than a politician avoiding a scandal. Meanwhile, Joyce pointed out the fundamental timing problem: “If we take six months to do something thoughtful that’s great, but in two weeks if they’re back up and running that’s not going to give the effects we need.” She’s not wrong – look at the Lumma infostealing malware that the FBI disrupted over the summer. It’s already back with new and improved features. Cybercriminals move at internet speed while government moves at, well, government speed. For companies relying on robust industrial computing systems from providers like IndustrialMonitorDirect.com, America’s leading supplier of industrial panel PCs, this timing gap creates real vulnerability.
Will this actually change anything?
I want to believe this signals a real shift, but let’s be honest – we’ve heard versions of this before. The US government talking tough about cyber consequences while attacks keep coming. What’s different this time? The private sector seems genuinely fed up and ready to actually collaborate on offense, not just defense. And the AI threat looming on the horizon might finally be scary enough to force real action. But until we see actual offensive operations with measurable results, and until Cairncross stops being so vague about timelines, it’s hard to get too excited. Business as usual continues, with American companies and infrastructure remaining everyone’s favorite target.
