1. Insights
  2. Publications
  3. Alerts

White House Releases National Cyber Strategy and Accompanying EO Targeting Transnational Cybercrime

March 12, 2026

Reading Time : 5 min
Jump to
View Authors' DetailsView Related Services, Sectors, and Regions

By: Natasha G. Kohne, Evan D. Wolff, Edward Block, Rita S. Heimes, Maida Oringher Lerner, Alexis Ward, Taylor Daly, Joseph Hold

Key Points

  • The White House has released its long‑anticipated National Cyber Strategy, which centers on deterring adversaries, strengthening critical infrastructure security, modernizing federal systems and maintaining superiority in emerging technologies such as artificial intelligence (AI), cryptocurrency and quantum computing.
  • An accompanying executive order (EO) directs federal agencies to intensify efforts against transnational cybercrime through coordinated law enforcement action, stronger international pressure and expanded collaboration with the private sector.
  • The Office of the National Cyber Director (ONCD) led development of the National Cyber Strategy and will oversee its implementation. The EO outlines several directives for federal agencies that will be implemented in the coming months.

On March 6, 2026, the White House released its long-anticipated National Cyber Strategy (Strategy), which outlines six broad priorities: (1) deterring cyber adversaries, (2) improving cybersecurity regulation, (3) modernizing federal networks, (4) strengthening critical infrastructure, (5) expanding the cyber workforce and (6) securing emerging technologies such as cryptocurrency and blockchain. An accompanying EO (full order available here, fact sheet available here) directs federal agencies to more aggressively pursue transnational cybercrime, prioritizing prosecutions of cyber fraud and coordinating with foreign governments to dismantle scam networks.

National Cyber Strategy

The Strategy reflects a broader shift toward treating cybersecurity as a central element of U.S. economic competitiveness and geopolitical power. In addition to outlining six policy pillars, it emphasizes modernizing federal networks through adoption of zero‑trust architectures, post‑quantum cryptography, cloud migration and AI‑driven cybersecurity tools designed to improve government system resilience.

The administration states that the United States will act “swiftly, deliberately and proactively” to disrupt malicious cyber activity and may leverage a coordinated set of tools, including defensive and offensive operations. The Strategy highlights close collaboration with the private sector, noting that the federal government will establish deeper relationships with private companies and leverage their capabilities to identify and disrupt adversary networks. The administration also plans to use all available tools to raise the costs of engaging in cybercriminal activity.

The administration further commits to streamlining cyber regulations to avoid burdening the private sector with “costly checklists.” Regulations will be structured to allow private‑sector agility in responding to cyber threats while continuing to prioritize consumer privacy rights.

The Strategy calls for enhanced protection of critical infrastructure and digital supply chains, including the energy grid, financial systems, telecommunications networks, hospitals and data centers. It also introduces a plan to disallow the use of adversary vendors and products in critical infrastructure in favor of U.S. technologies. According to the Strategy, this approach would deny adversaries initial access to critical infrastructure and enable faster recovery following cyber incidents.

A recurring theme is the need to sustain U.S. leadership in emerging technologies. AI, quantum computing, advanced cryptography and blockchain technologies are framed not only as innovation priorities but also as strategic assets tied to national security and economic strength. Notably, the Strategy references cryptocurrency and blockchain infrastructure for the first time in a U.S. cyber strategy, signaling their incorporation into broader cybersecurity and economic policy frameworks. At the same time, language emphasizing the need to “uproot criminal infrastructure and deny financial exit and safe haven” suggests heightened scrutiny of illicit cryptocurrency activity.

The Strategy also places significant emphasis on cyber workforce development, describing cybersecurity talent as a strategic national asset and calling for stronger pipelines among government, academia and industry to train the next generation of cybersecurity professionals and strengthen operational capabilities.

Industry stakeholders have characterized the Strategy as a high‑level statement of intent rather than a detailed operational roadmap. Compared with prior cybersecurity strategies, which have exceeded 30 pages, the new framework is notably shorter and focuses on strategic direction rather than specific implementation measures or agency responsibilities. Additional guidance, operational priorities and performance metrics are expected in the coming months.

Executive Order on Combating Cybercrime, Fraud, and Predatory Schemes Against American Citizens

Alongside the Strategy, the administration issued an EO aimed at intensifying the federal government’s response to cyber‑enabled fraud and transnational cybercrime. The EO directs federal agencies to coordinate more aggressively to combat cybercrime networks and protect U.S. individuals, businesses and infrastructure from scams, ransomware, phishing and other predatory schemes.

The EO establishes a new operational cell within the National Coordination Center (NCC) to track and disrupt global cybercrime groups and directs the U.S. Department of Justice (DOJ) to prioritize prosecutions of cyber‑enabled fraud and related schemes.

  • Combating Scam Centers and Cybercrime (Sec. 2). The U.S. Department of State, U.S. Department of the Treasury, U.S. Department of War (DoW), DOJ and U.S. Department of Homeland Security (DHS), in consultation with ONCD and in coordination with the Assistant to the President and Homeland Security Advisor (APHSA), must:
    • May 5, 2026 (60 Days): Review existing operational, technical, diplomatic and regulatory frameworks to determine how they can be improved to combat transnational criminal organizations (TCOs) engaged in cyber‑enabled crime and similar predatory schemes targeting Americans; and
    • July 4, 2026 (120 Days): Submit an action plan to the President identifying TCOs responsible for scam centers and cybercrime and proposing measures to prevent, disrupt, investigate and dismantle these organizations. The newly formed operational cell within the NCC, established pursuant to section 6(d) of Executive Order 14159 of January 20, 2025 (Protecting the American People Against Invasion), will coordinate federal efforts against foreign cybercrime targeting U.S. persons, businesses, infrastructure and services, including engagement with the private sector. The cell will leverage technical capabilities and threat intelligence from federal agencies and commercial cybersecurity firms to enhance attribution, tracking and disruption of malicious actors, improve interagency information sharing and support rapid response efforts. The DOJ will continue prioritizing prosecutions of cyber‑enabled fraud schemes, including scam centers and sextortion schemes. DHS, through the Cybersecurity and Infrastructure Security Agency (CISA), will support state, local, Tribal and territorial partners with training, technical assistance and resilience measures to strengthen defenses against TCO‑driven cyber threats.
  • Victim Restoration Program (Sec. 3): By June 4, 2026 (90 days), the DOJ must submit a recommendation to the President regarding establishment of a Victims Restoration Program that would return funds seized from cybercriminal groups to victims of cyber‑enabled fraud.
  • International Engagement (Sec. 4): The State Department, working with the NCC, is directed to press foreign governments to take action against cybercrime groups operating within their jurisdictions and to cooperate with U.S. law enforcement. Countries that fail to act may face consequences such as sanctions, visa restrictions, limits on U.S. assistance, trade penalties or expulsion of officials involved in these schemes.

Conclusion

Akin’s cybersecurity, privacy and data protection practice continues to advise clients on evolving U.S. cyber policy, regulatory developments and enforcement priorities at the intersection of technology, national security and data governance. Our cross‑disciplinary team helps clients manage cybersecurity, privacy and data risk across compliance, incident response, investigations, board advisory and emerging technology regulation.

Share This Insight

Related Services, Sectors, and Regions

© 2026 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.