- Comparitech Stack Report
- Posts
- Trump Administration Starts Work on New US Cybersecurity Strategy
Trump Administration Starts Work on New US Cybersecurity Strategy
Taylor Hawes
November 03, 2025
🔎 Cyber Watch 🔎
Trump Administration Starts Work on New US Cybersecurity Strategy
The Office of the National Cyber Director (ONCD) has begun shaping a new national cybersecurity strategy to clarify the country’s position toward rivals such as China and Russia. The move aims to fix past weaknesses that failed to deter state-backed attackers.
The ONCD noted that the average cost of a U.S. data breach reached around $10 million in 2025, nearly double the global average. The new strategy is expected to stress tighter public-private coordination, simplify compliance requirements, and explore a stronger role for offensive cyber operations to boost deterrence
Key takeaway
For IT and compliance leaders, this could mean new expectations around vendor collaboration, infrastructure protection, and incident response standards.
🎙️ Tech Briefing On‑Air 🎙️
DNS Cache Poisoning Makes a Comeback
In this episode of Security Now, hosts Steve Gibson and Leo Laporte revisit a 17-year-old vulnerability—DNS cache poisoning—which is returning in modern infrastructure due to weak random number generation in many resolvers.
Key Points:
A long-known DNS cache poisoning flaw has resurfaced, affecting many modern DNS resolvers due to weak random number generation.
Attackers can exploit predictable transaction IDs to redirect users to malicious domains without their knowledge.
Steve Gibson discussed how older resolver software and libraries remain in use across major systems, keeping them vulnerable.
The episode noted a decline in ransomware payments, suggesting changing attacker strategies and increased law enforcement disruption.
Takeaways:
Gibson urges administrators to review DNS resolver configurations and validate randomness sources, noting that many systems still rely on outdated libraries that leave them exposed.
🤝 Partner Intel 🤝
NetCrunch
NetCrunch delivers a broad monitoring solution designed for organizations that maintain in-house infrastructure. It provides SNMP-based network discovery, device performance tracking, traffic flow analysis, and real-time alerts across routers, servers, and applications. The software supports Windows, Linux, and virtualization environments, giving IT teams unified visibility into system health. Licensing is based on nodes or interfaces, and while it offers powerful analytics, it may be less suited for smaller teams seeking a fully cloud-native deployment.
🤖 AI Runtime 🤖
Canadian Cybersecurity Startups Expand to Silicon Valley
A new Canadian government initiative is helping AI and cybersecurity startups establish operations in Silicon Valley through a non-equity accelerator program.
Applications for the Cybersecurity and Enterprise AI Canadian Technology Accelerator close on January 14, 2026. The program offers workshops, investor meetings, and RSA Conference 2026 participation.
The initiative highlights how AI continues to blend with cybersecurity innovation, with governments supporting startup expansion abroad. For security professionals, it signals growing global competition and faster deployment of AI-based security solutions.
đź“Š By the Numbers đź“Š
3.5 million
It is estimated that there are 3.5 million cybersecurity job vacancies available around the world. A lot of these are for mid-level to senior positions.
🗳️ Your Monday Take 🗳️
Cast your vote on our weekly poll.
When assessing your organization’s cybersecurity plans for the next year, which area will you focus on most? |
📩 We’ll share the results in the Friday issue.
|
Until Wednesday’s edition - Let’s keep that zero-day count at zero!