ARGUMENT: Cyber strategyHow Biden’s Cyber Strategy Echoes Trump’s
On March 3, the Biden administration released its Interim National Security Strategic Guidance. Herb Lin writes that the interim guidance document is, by definition, a work in progress, and one would expect a final guidance document to be roughly consistent with the interim guidance but also to contain a more substantial elaboration on the interim guidance. With two exceptions — emphasizing diversity in the national talent base and strongly implies government investment in cybersecurity –”all other areas addressed in the Biden interim guidance, I believe the statements are substantially the same. If this is true, it suggests great continuity in cyber policy and strategy between administrations as different as Biden’s and Trump’s. Of course, the Trump National Cyber Strategy wasn’t all that different from Obama’s cyber strategy, either.”
On March 3, the Biden administration released its Interim National Security Strategic Guidance. Regarding cybersecurity, the document stated that “ we will make cybersecurity a top priority, strengthening our capability, readiness, and resilience in cyberspace. We will elevate cybersecurity as an imperative across the government…. And we will hold actors accountable for destructive, disruptive, or otherwise destabilizing malicious cyber activity, and respond swiftly and proportionately to cyberattacks by imposing substantial costs through cyber and noncyber means.”
Herb Lin writes in Lawfare that the interim guidance document is, by definition, a work in progress, and one would expect a final guidance document to be roughly consistent with the interim guidance but also to contain a more substantial elaboration on the interim guidance. “Nonetheless, to get a sense of relative priorities, I found it interesting to compare the interim guidance to the Trump National Cyber Strategypublished in 2018.”
Lin adds:
By my reading, the Biden interim guidance document is different from the Trump National Cyber Strategy in two ways, apart from detailed phrasing. First, the Biden document emphasizes the importance of diversity in the national talent base for cyber, whereas the Trump document is silent on the matter. Second, the Biden document strongly implies government investment in cybersecurity, whereas the Trump document seeks to minimizethe notion of government investment in cybersecurity and emphasizes a government role in facilitating private-sector investment in cybersecurity.
In all other areas addressed in the Biden interim guidance, I believe the statements are substantially the same. If this is true, it suggests great continuity in cyber policy and strategy between administrations as different as Biden’s and Trump’s. Of course, the Trump National Cyber Strategy wasn’t all that different from Obama’s cyber strategy, either.
This suggests there has been more continuity than change between administrations on cyber policy over the past decade and more. Whether this is a good thing or a bad thing for the nation is left as an exercise for the reader.