Since becoming the president elect, Donald Trump has quickly started to fill his Cabinet and important senior positions for his administration.  One area that has not been addressed, at least publicly, has been key cyber roles.  This is not to say that cyber is not on the new president’s priority radar but may indicate that he has the individuals already in mind and that he is just focusing on other positions that will likely be contested in future Senate confirmation hearings. That means he may turn to some of the people that filled similar roles and responsibilities in his first administration.  A few online periodicals such as Politico and Recorded Future’s The Record have bandied about familiar names such as Sean Plankey, Matt Hayden, Karen Evans, and Rob Strayer, all individuals with extensive cyber experience in both the government and private sectors.  One thing is clear: there is not a dearth of qualified candidates ready to assume the mantel of the United States’ new cyber leadership.

What cyber policies the new cyber team will implement remains a question, but there may be some indication of what will come to pass based on what was observed during Trump’s first term, and his views on what needs to be done in cyberspace.  Putting America First means the United States must assume a leadership role rather than being content to work in coalitions on every issue.  That is not to say the United States won’t work with allies and friends; but it does suggest that when the United States has the opportunity to lead, it will not hesitate to do so. And this includes the cyber arena with its myriad of issues that range from tech standards, Internet governance, artificial intelligence, critical infrastructure protection, to name a few.  The landscape is vast and all encompassing, requiring a diligent and consistent focus spurred on by a whole of government approach.  So what can we expect from Trump 2.0?

One area Trump can expect to shake up are cyber regulations that affect the business community.  Unlike Biden who preferred more rigid enforcement of regulations, Trump is likely to reduce anything that is viewed as too stringent or impeding businesses from operating efficiently and effectively.  There is growing interest in industries for such reprieve. Already rail and pipeline representatives are lobbying to “dial back”  the Transportation Security Administration’s (TSA) emergency directives that emerged after the Colonial Pipeline attack.  Notably, the TSA is looking to harmonize most of the cyber regulations for surface transportation industries under its authority to replace those directives.

Big Tech is something that Trump has been wary about in the past, and along with 11 state attorneys general, his first administration filed an antitrust lawsuit against Google.  There could be more of this type of pressure on large technology companies.  Prior to withdrawing his name for contention, Matt Gaetz – also a fierce critic of Big Tech – would have been in perfect position as Attorney General (AG) to bring closer scrutiny into how these companies operate.  It is likely that the new AG will fulfill a similar function.

Trump recognizes China to be a substantial tech competitor and cyber threat particularly with respect to the theft of intellectual property and trade secrets.  He has identified Beijing as the primary challenge when it comes to artificial intelligence (AI) and has made it no secret that he wants the United States to come out on top.  He has called for a Manhattan Project-style effort to beat its rival, which has garnered bipartisan support.  This will likely be an immediate priority when he assumes office.  The fact that reporting revealed that China likely targeted his election’s phones will likely encourage a stronger stance against China via tariffs and trade.

With respect to AI, Trump has said that he would repeal Biden’s Executive Order, which some believed hindered AI innovation.  How this would potentially impact how federal agencies could use AI is not quite clear, or if the U.S. AI Safety Institute will still be in operation, though there is nothing to say that this part would be removed from a new Executive Order.  But mandates like requiring companies to hand over information about certain models to the government as dictated under the Defense Production Act, or force companies to make AI technologies in “equitable ways that prevent impacts against a class of people” would be eliminated.

Trump backs U.S. Cyber Command’s (CYBERCOM) “defense forward” operations as they epitomized his “peace through strength” philosophy of deterrence.  There is no reason not to expect that CYBERCOM’s efforts will expand here.  Though these activities have not necessarily achieved strategic deterrence, they have demonstrated the United States’ willingness to punish adversaries, and in the case of detecting potential future attacks, disrupting operations before they materialize.  This certainly sends the message that the United States will act when it feels that it is in their interests to do so.  Trump was instrumental in creating a Space Force to challenge adversaries like China and Russia as they attempt to dominate in that arena.  It’s not certain if he will do the same for a Cyber Force, or whether he will look to review how cyber is implemented in the current joint military structure, and whether it deserves its own force and budget.

What would be most notable will be any adjustment of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA).  Trump has been a champion of protecting U.S. critical infrastructure creating the agency in 2024.  However, since then he has had some doubts about the agency, particularly in the wake of the 2020 election after which he fired the director, and the agency’s role in combatting misinformation.  Therefore, it makes sense under a new administration and new leadership that the priorities and focus of CISA will invariably shift, a sentiment expressed by an anonymous former high-ranking CISA official.  The new DHS director will likely trim CISA’s activities, which not only increased substantially but also had been tied to some dubious activities such as pressuring Big Tech to censor some Americans online.

It would be interesting to see if Trump’s new Department of Government Efficiency (DOGE) will take a look at reviewing the roles and responsibilities of the federal government agencies in the larger U.S. cyber ecosystem.  There has been reporting and articles highlighting the unnecessary redundancy and duplication of efforts in the U.S. government with respect to roles and responsibilities of cyber officials and cyber missions.  As Trump’s DOGE looks to downsize government agencies and their budgets, there is concern that cyber budgets may be impacted by the cuts.  Although there has been no indication that cyber will targeted, Government Accountability Office reporting suggests that the U.S. government wastes money on redundant IT services.  This may be an opportunity to reshape and streamline the U.S. government’s agencies roles in cybersecurity and cyber intelligence while harnessing the power of new advanced technologies.

By all measures, Trump’s cyber leadership positions will be instrumental in carrying out his vision, particularly as he looks to enter office with hot button issues like Ukraine, the Middle East, and the Border needing his immediate attention.  One thing is certain: cyber cannot be an “as you go” issue and demands consistent engagement to both promote security, fair tech practices, free speech on online platforms, and global leadership.  We can expect to see a United States more involved over the next four years.