Going on offense: Defending networks and critical infrastructure with a more aggressive strategy

Marines with Marine Corps Forces Cyberspace Command pose for photos in cyber operations room at Lasswell Hall aboard Fort Meade, Maryland, Feb. 5, 2020. (Photo illustration source: DVIDS)

With adversaries consistently attacking and positioning themselves inside our critical systems, there is an increasingly loud drumbeat to embrace and expand offensive cyber capabilities — operations that “manipulate, deny, disrupt, degrade, or destroy targeted computers, information systems or networks,” as defined by ASPI. Experts weigh how to wield cyber power to strengthen the nation’s defenses against increasingly sophisticated and potentially devastating attacks.

Marines with Marine Corps Forces Cyberspace Command in the cyber operations center at Fort Meade, Md., on Feb. 5, 2020. (Photo by Staff Sgt. Jacob Osborne/U.S. Marine Corps Forces Cyberspace Command)

U.S. Cyber Policy: Offense, Deterrence and Strategic Competition

Today, the United States faces a cyber threat landscape that is shifting faster than relevant policy frameworks intended to address it, the McCrary Institute’s Task Force on National Security and Law Enforcement writes. The United States remains structurally and doctrinally misaligned for strategic competition in cyberspace, complicating pre-crisis decision-making and coordination across military, intelligence, and law enforcement authorities. Washington has struggled to define and implement a coherent approach to offensive cyber operations and cyber deterrence, particularly as adversaries expand their capabilities, embed disruptive access within critical infrastructure, and exploit legal inadequacies. Offensive cyber policy has evolved in a piecemeal fashion and would benefit from deliberate reform, particularly in the authorities and processes that govern pre-crisis operations. What began in the early 2000s as an intelligence-driven model centered on clandestine collection has evolved into a contested operational environment where cyber effects are now entwined with traditional military planning, strategic competition, and crisis signaling. The United States must now navigate this space using authorities that were not designed for the scale or tempo of today’s threats, while relying on an organizational structure that reflects institutional strength, as well as operational and policy challenges.

read the report

Twenty Technologies, Inc. CEO Joe Lin, left, CSIS Defense and Security Department Vice President Emily Harding, McCrary Institute Director Frank Cilluffo, and CrowdStrike Chief Privacy Officer Drew Bagley testify before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection on Jan. 13, 2026. (House Homeland Security Committee video)

‘Time is not on our side’ to field offensive cyber capabilities, experts warn House committee

The scale and sophistication of foreign adversaries targeting critical infrastructure in the United States have made it imperative that offensive cyber capabilities – and the rules of the road on their use, along with necessary authorities – be added to our cybersecurity arsenal, experts told a House hearing. Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andy Ogles (R-Tenn.) said that investments in cyber defense, information sharing and resilience have not been enough and have not changed the behavior of state-sponsored cyber actors such as China. The hearing came just days after the Financial Times reported that China, via its Salt Typhoon espionage campaign, hacked congressional staff emails on several committees.

McCrary Institute Director Frank Cilluffo, House Homeland Security Committee Chairman Andrew Garbarino (R.Y.), and CrowdStrike Chief Privacy Officer Drew Bagley, from left, take a question from the audience at a Dec. 16, 2025, event in Washington. (McCrary Institute video)

Homeland Security Chairman Garbarino wants to see offensive cyber in forthcoming strategy

House Homeland Security Chairman Andrew Garbarino (R-N.Y.) said that he wants to see proactive offensive cyber capabilities take a prime role in the White House’s forthcoming national cybersecurity strategy. “I think there should be more of a focus on offensive cyber,” Garbarino said at a McCrary Institute and CrowdStrike event, adding that he also would like to see strategy components on regulatory harmonization and beefing up the cyber workforce. “We have to focus on all these things if we’re going to be successful in our cyber defense,” he said, emphasizing that “offensive capabilities has to be part of that plan.”

Rethinking offensive cyber: Strategy, deterrence and real-world impact with Adm. Mike Rogers (Ret.)

In this episode of Cyber Focus, host Frank Cilluffo sits down with Admiral Mike Rogers (Ret.), former Commander of U.S. Cyber Command and Director of the National Security Agency. Rogers shares insights from his leadership across two administrations, discussing offensive cyber operations, the evolution of Cyber Command, and pressing national security challenges. The conversation spans from undersea cable vulnerabilities to public-private integration, the future of quantum and AI, and the enduring need for clarity in cyber policy. A decorated Auburn alum, Rogers reflects on lessons learned, historical inflection points, and what must change for the U.S. to stay ahead in the cyber domain.

watch

House Intel chairman urges offensive cyber push to counter China, cartels and infrastructure threats

In a wide-ranging interview on the Cyber Focus podcast, Rep. Rick Crawford (R-Ark.), chairman of the House Permanent Select Committee on Intelligence, called for a more aggressive U.S. cyber posture to confront growing threats from nation-state adversaries and criminal cartels. “We are living in a state of digital warfare,” he said. “As long as we continue to be in a defensive posture, this will continue to be a pervasive problem.”

Power Line Distribution Specialist Soldiers from the U.S. Army Corps of Engineers 249th Engineer Battalion, Delta Company use bucket trucks to work on overhead power polls and lines at Fort Indiantown Gap, Pa., on April 28, 2022. The soldiers were honing their skills in preparation for potential future deployments to areas impacted by natural disaster. (U.S. Army photo/Patrick Bloodgood)

Here’s what the new National Security Strategy says about threats to critical infrastructure

“The U.S. Government’s critical relationships with the American private sector help maintain surveillance of persistent threats to U.S. networks, including critical infrastructure. This in turn enables the U.S. Government’s ability to conduct real-time discovery, attribution, and response (i.e., network defense and offensive cyber operations) while protecting the competitiveness of the U.S. economy and bolstering the resilience of the American technology sector,” the NSS states. “Improving these capabilities will also require considerable deregulation to further improve our competitiveness, spur innovation, and increase access to America’s natural resources. In doing so, we should aim to restore a military balance favorable to the United States and to our allies in the region.”

McCrary’s ‘Code Red’ distills China’s cyber threat – and the playbook behind it

China’s government isn’t just spying online. It’s positioning itself inside the U.S. systems that move fuel, route trains, carry calls and keep the lights on – access it could use to disrupt America in a crisis. Released as Washington zeroes in on the U.S.-China relationship this week, “Code Red: A Guide to Understanding China’s Sophisticated Typhoon Cyber Campaigns” clearly lays out how these operations work and why they matter now. Much of the raw reporting on these actors has been public for years. What’s new here is the translation: “Code Red” centralizes and explains sprawling, highly technical material so policymakers and infrastructure owners can cut through the noise and act.

Former National Security Advisor H.R. McMaster testifies at a Stanford, Calif., field hearing of the House Homeland Security Committee on May 28, 2025. (House Homeland Security Committee video)

‘Physical military response’ should be on table to battle cyber adversaries, McMaster tells Congress

Former National Security Advisor H.R. McMaster told a field hearing of the House Homeland Security Committee that “a physical military response may be appropriate and necessary” against cyber actors “that prove difficult to deter.” McMaster noted that “deterrence by denial and effective response to cyberattacks also requires actions against hostile cyber actors that extend beyond the cyber domain,” which include “often inadequate” sanctions and financial actions and may call for an even stronger response. “And it is important to convince difficult-to-deter adversaries that they cannot accomplish their objectives through a cyberattack because our defenses are strong and we can recover rapidly,” he said.