National Cyber Director Sean Cairncross expects more executive orders coming from the White House as part of implementing the national cybersecurity strategy, he said Wednesday.

Staffers on Capitol Hill and others in the cyber world have been awaiting the implementation guidance the Trump administration had proclaimed would come to accompany the strategy  published last month.

Asked at a Semafor event about whether that would include executive orders, Cairncross answered, “I think that that’s the case.”

The administration released an executive order on fraud the same day it released its cyber strategy on March 6. Some of that order touched on cybercrime.

“This is rolling forward actively, and you should expect that there will be more execution and action in line with our strategic goals,” he said.

Cairncross cited another administration activity that fit into the strategy, such as the first conviction last week under the Take It Down Act, a law First Lady Melania Trump advocated for that seeks to combat non-consensual AI-generated sexually explicit images, violent threats and cyberstalking.

He declined to preview any future implementation plans, and said he expected they would be coming “relatively soon.”

A centerpiece of the administration strategy is confronting adversaries to make sure they suffer consequences for their hacking of United States targets.

Cairncross wouldn’t say explicitly if Trump, in his visit to Beijing next month, would address Chinese hacking.

“When we start to see things like prepositioning on critical infrastructure, that is something that needs to be addressed,” he said. Pressed on whether that meant cyber would be on the agenda during the visit, Caincross said, “I would expect that the safety and security of the American people will be first and foremost, as it always is for the president.”

Cairncross touted American ingenuity for producing an artificial intelligence model like Anthropic’s Claude Mythos, rather than it developing under U.S. cyber rivals like China or Russia. He acknowledged reports about the administration holding meetings about the cyber risks and benefits of something like Mythos — “the model right now that everyone’s talking about” — adding that the administration is looking to balance the dangers and positive capabilities of AI in cyberspace.

“I would say from the White House perspective, we are working very closely with industry,” Cairncross said. “We’ve been in close collaboration with the model companies across the interagency to make sure that we are evaluating and doing this.”

The post Executive orders likely ahead in next steps for national cyber strategy appeared first on CyberScoop.

When President Trump referenced America’s ability to “darken” parts of Caracas during Operation Absolute Resolve, the comment stood out not because of what it confirmed, but because of what it implied. Delivered without technical detail, the remark hinted at capabilities that sit somewhere between diplomacy and force, and between cyber operations and traditional military action.

Whether or not the statement reflected a specific technical action in the raid on Venezuela is almost beside the point. What mattered was the signal: cyber-enabled disruption of civilian or economic systems is no longer treated as an abstract possibility, but as a plausible instrument of state power operating below the threshold of open conflict.

This framing aligns with events that preceded any visible kinetic or political resolution. Venezuela’s state-owned oil sector, the backbone of the country’s economy and a primary source of regime revenue, reportedly experienced cyber-related disruptions that affected operations and exports. Attribution remains contested, and no public confirmation has been offered. But the timing and the target were notable. Pressure seemed to be applied not during the confrontation itself, but earlier—targeting the systems that sustain national power.

These developments point toward a more deliberate “gray zone” approach, one that uses cyber interference against economic and civilian infrastructure as part of sustained pressure campaigns rather than isolated, surgical actions.

For a global power operating in an environment of constant competition, this shift may be less radical than it initially appears.

Why the gray zone matters

Gray zone conflict is often framed as a deviation from traditional deterrence. But in practice, it reflects how competition among major powers increasingly unfolds. Rarely does rivalry manifest as declared war. Instead, it plays out through incremental pressure applied across economic, informational, political, and technological domains.

Cyber capabilities are particularly well suited in this space. They allow nation-states to impose friction, degrade confidence, and shape behavior without crossing clear thresholds that would trigger conventional military escalation. Unlike kinetic force, cyber effects can be reversible, deniable, and calibrated over time.

From a technical perspective, this flexibility is not accidental. Modern cyber operations rely less on single exploits and more on persistent access, identity abuse, supply chain dependencies, and detailed mapping of complex systems. These attributes make cyber tools effective not just for disruption, but for long-term leverage.

For years, the United States invested heavily in advanced cyber capabilities while remaining cautious about integrating them openly into broader coercive strategies. This restraint, however, was not universally shared.

Lessons from the Russian model

For more than a decade, U.S. officials criticized Russia’s use of hybrid warfare, particularly its integration of cyber operations, economic pressure, information campaigns, and civilian infrastructure disruption. In Ukraine and elsewhere, civilian impact was not incidental, as it was a key part of the strategy.

From a technical standpoint, Russia demonstrated that persistent interference against power grids, telecommunications networks, healthcare systems, election infrastructure, and government services could impose strategic costs without provoking decisive military retaliation. Even relatively limited actions, such as GPS jamming affecting civilian aviation in the Baltics and Eastern Europe, reinforced the same lesson: disruption does not need to be catastrophic to be effective.

These operations often relied on modest technical effects amplified through operational timing and uncertainty. Intermittent outages, degraded reliability, and ambiguous attribution created pressure on governments and populations without crossing clear red lines.

 Regardless of how Moscow’s objectives are judged, the effectiveness of cyber and electronic interference as tools of statecraft did not go unnoticed. In recent  years, other countries, particularly China and Iran, have steadily expanded these operations and capabilities

How gray zone campaigns operate

From a cyber perspective, gray zone operations rarely resemble single attacks. They unfold as campaigns.

Access is often established years in advance through credential compromise, third-party vendors, or exposed management interfaces. Once inside, operators map dependencies, understand failover mechanisms, and identify points where limited disruption can produce outsized operational impact.

These effects, when applied, are typically restrained. Rather than causing prolonged blackouts or physical damage, campaigns may induce intermittent failures, data integrity concerns, or operational delays that erode confidence and consume resources. The goal is not destruction, but pressure: forcing leaders and operators to operate under uncertainty.

They are also designed to be reversible and deniable. The ability to stop, pause, or modulate disruption is as important as the ability to initiate it. This control allows cyber operations to be synchronized with diplomatic signals, economic sanctions, or other forms of statecraft.

Statecraft in an era of constant competition

The events in Venezuela underscore a broader reality: cyber-enabled pressure is now a standard component of how states pursue political outcomes. It shapes environments well before traditional markers of conflict appear.

The strategic question is no longer whether cyber-enabled economic interference will be used, but how seamlessly it is integrated with other tools. Sanctions, diplomacy, military posture, and cyber operations increasingly function as parts of a single continuum rather than separate domains.

This raises natural questions about where such pressure may be applied next. In the Western Hemisphere, U.S. attention has turned toward Cuba and Colombia. Beyond the region, Iran remains a focal point of coercive strategy, where cyber operations have already been used to strain industrial systems and public confidence without crossing into open conflict.

The point is not to predict specific operations, but to recognize that pressure via cyber operations has moved from the margins of policy into its core.

What this means going forward

For a global power, ignoring gray zone dynamics is increasingly unrealistic. However, embracing them does introduce new forms of risk. Cyber interference below the threshold of war offers flexibility and deniability, but it also creates ambiguity around control, proportionality, and long-term stability.

Escalation in this space rarely arrives as a single dramatic event. Instead, it accumulates through repeated disruptions that gradually blur the line between competition and conflict, often without clear signaling or agreed-upon thresholds.

Managing that risk requires more than technical capability. It demands disciplined judgment, an understanding of complex systems, and an appreciation for how seemingly modest cyber effects can cascade politically and economically.

The gray zone may be unavoidable, but how states operate within it will shape whether it becomes an effective tool of competition, or a source of sustained instability.

Aaron Estes, Vice President at Binary Defense, is a three-time Lockheed Martin Fellow with more than 25 years of experience in cybersecurity and software engineering.  Estes has spent much of his career advancing mission resilience and adaptive defense for the Department of Defense, intelligence community, and leading defense contractors.

The post Is the US adopting the gray zone cyber playbook? appeared first on CyberScoop.

President Donald Trump announced Thursday his intention to issue a federal pardon for an individual convicted in connection with efforts related to challenging the 2020 election results. However, on this occasion, the person in question will remain behind bars.

In a statement on Truth Social, Trump said he was pardoning Tina Peters, a former Mesa County election clerk currently serving a nine-year prison sentence for facilitating a data breach involving voting system data in the wake of the 2020 presidential election.

“Democrats have been relentless in their targeting of TINA PETERS, a Patriot who simply wanted to make sure our Elections were Fair and Honest,” Trump wrote Thursday. “Tina is sitting in a Colorado prison for the ‘crime’ of demanding Honest Elections. Today, I am granting Tina a full Pardon for her attempts to expose Voter Fraud in the Rigged 2020 Presidential Election!”

Peters’ leaks revealed no evidence of voter fraud, and the incident is widely viewed as one of the most serious breaches of election system security in modern history.

But more importantly, Trump’s pardon powers only extend to federal crimes and would not apply to Peters, who was tried and convicted by the state of Colorado. That means Peters’ sentence will remain valid and in full effect even if a federal pardon is issued.

State officials do have the power to release Peters, but have been adamant that she was lawfully and rightfully convicted by a jury of her peers and remains unrepentant for her crimes.

While the actual language of Peters’ pardon has yet to be released, the Trump White House has seemingly acknowledged in the past that the president has no legal authority to free Peters for state-level crimes.

In May, Trump unsuccessfully called for Colorado officials to release Peters from prison and directed his Department of Justice to “take all necessary steps” to assist in the matter while referring to her as a “political prisoner.” These initial messages did not mention or threaten a pardon, and strongly implied that the decision was legally up to Colorado state officials.

At the time, Colorado Democratic Attorney General Phil Weiser, who Trump called “radical left,” told CyberScoop that Peters’ sentence was a reflection of the severity of her crimes and that federal efforts to overturn it would not deter them. He reiterated that stance in an interview when asked if Colorado would turn Peters over to federal authorities while any potential court challenges play out.

“No, there’s no legal authority for any federal government action to take a prisoner who is in state custody, lawfully having been tried, convicted and sentenced,” Weiser told Denver, Colorado’s 9News. “This is an important principle of our Constitution, and everyone who says they care about the rule of law, about public safety and our constitution needs to care about this issue.”

That position was backed up by Democratic Governor Jared Polis, the only U.S. official with the legal power to pardon Peters for her crimes.

 “Tina Peters was convicted by a jury of her peers, prosecuted by a Republican District Attorney, and found guilty of violating Colorado state laws, including criminal impersonation,” Polis wrote on BlueSky. “No President has jurisdiction over state law nor the power to pardon a person for state convictions.”

While Trump has been unable to free Peters, he has used his presidential powers to wipe away criminal convictions for thousands of individuals who assisted him in his quest to overturn the 2020 election, including a mass pardon of more than 1,500 Americans who stormed the Capitol on Jan. 6, 2021 in an attempt to prevent Congress from certifying Joe Biden’s election victory.

A slate of pardons issued by Trump in November included two attorneys – Kenneth Chesbro and Jim Troupis – who were part of an attempted scheme to create an alternate slate of Republican electors who would falsely submit to Congress that Trump was the true winner of Wisconsin’s 2020 presidential contest. Trump also pardoned a number of other Wisconsin Republican officials who had offered themselves up as fake electors.

At Peters’ sentencing last year, one month before Trump would be elected to a second term, neighbors and public officials alike testified about the harm her actions caused to them and the broader Mesa community.

In handing down his sentence, Judge Matthew Barrett called Peters a “charlatan” who had expressed no remorse for her actions or their damage.

“I’m convinced you’d do it all over again,” Barrett said.

The post Trump moves to pardon Colorado election clerk Tina Peters, even though he can’t appeared first on CyberScoop.