From Governance to Power: How America’s new NSS Reframes Cyber and Critical Infrastructure

Photo Credit: Adobe Stock

This OpEd was originally published in S.C. Media.

December 8, 2025

Author: Cory Simpson, CEO, ICIT

The administration’s new National Security Strategy (NSS) was released on December 4, 2025, and arrives at a decisive moment for American power. It places sovereignty, industrial strength, and technological leadership at the center of national strategy. It treats cyber capability, critical infrastructure, and emerging technologies as instruments that shape national influence in a competitive world.

The document marks a clear evolution from the 2022 NSS and recognizes that modern competition unfolds across the digital and physical systems that keep the nation functioning every day.

The 2022 NSS emphasized alliances, global governance, and shared rules. It framed cybersecurity as a domain that required common standards and sustained diplomatic coordination. It prioritized international partnerships to manage digital risk and strengthen collective defenses. That strategy rested on the belief that cyber threats demanded broad cooperation and that global challenges required shared solutions.

The new NSS adopts a different approach. It shifts from a governance-first focus to one that centers on national capability and strategic advantage. It highlights the American industrial base, supply chain control, domestic energy production, and advanced technologies. It considers cyber and critical infrastructure not as shared vulnerabilities to be managed collectively but as national assets that must operate reliably under stress.

This approach aligns with the strategic idea that power derives from systems that function even when conditions worsen, withstand attacks, and give leaders the freedom to act during times of uncertainty.

China’s long-term campaigns against U.S. critical infrastructure bring this shift into sharp focus. Recent advisories—including Volt Typhoon, Salt Typhon, and the latest BRICKSTORM malware—show a sustained effort to gain access to the networks that power American life. These intrusions target transportation, water, communications, and energy systems. They aim to hold American society at risk and create options for coercion or disruption during a crisis. Beijing’s military modernization timeline, often referred to as 2027—the centennial anniversary of the People’s Liberation Army, underscores why these campaigns matter. China seeks strategic leverage and uses cyber operations to gain the ability to disrupt American critical infrastructure without escalating to more overt or traditional forms of conflict.

The new NSS reflects an understanding of this environment. It emphasizes systems that operate through disruption and protect continuity of service. It calls for American industry to strengthen the foundations of national power by securing infrastructure, modernizing manufacturing, and advancing the technologies that define influence in an interconnected world. This direction aligns with earlier SC Media work. In Cyber in Tune: America’s Next Instrument of Power, the argument that “cyber now sits alongside diplomacy, information, military force, and economic strength as a defining instrument of national power” captures exactly the role the new NSS assigns to cyber capability. The strategy moves cyber from a defensive concern to a central pillar of American strength.

The strategy also strengthens a theme from Strength at Home, Power in the World—that “strong nations draw their power from the stability and performance of the systems that keep life moving.” The new NSS builds directly on this idea. It ties America’s global influence to the uninterrupted function of critical infrastructure, to secure supply chains, and to technological advancement. It defines national strength through systems that continue operating even as adversaries attempt to degrade them.

A third connection emerges from Precision of Mission, Strength in Design: Building America’s Cyber Power. That piece argued that “purpose-built systems aligned to mission and national strength determine whether the nation can act with confidence during crisis.” The new NSS elevates that principle to a strategic priority. It expects government and industry to design, test, and operate systems that withstand modern threat activity and strengthen America’s freedom of action.

Taken together, these earlier ideas anticipated the strategic framework now incorporated into national policy. The NSS marks the transition from analysis to guidance.

This shift also highlights the importance of strong leadership across America’s cyber and infrastructure organizations. The Cybersecurity and Infrastructure Security Agency (CISA) serves as the nation’s frontline for defending the systems targeted by adversaries daily. As China intensifies its efforts against U.S. infrastructure and intrusion activities grow, the agency needs a leader with the authority, mandate, and stability that Senate confirmation provides. National missions work better when leaders speak with clear authority, set direction confidently, and unify teams around a shared purpose. A Senate-confirmed CISA Director provides that clarity. It steadies the agency, builds trust across government and industry, and ensures that frontline defenders have the leadership support needed to confront critical challenges.

The new NSS also emphasizes emerging technologies as crucial for national advantage. Artificial intelligence, quantum computing, biotechnology, and advanced communications drive technological dominance and economic power. The strategy stresses swift progress in these fields and directs investments toward secure and reliable innovation. It acknowledges that the nation’s ability to act decisively depends on the performance of the technologies it develops and deploys.

The new approach meets a moment defined by rising pressure and expanding risk. Adversaries work to shape conditions long before conflict. They probe the infrastructure that supports daily life and seek positions that create leverage in crisis. Competition now unfolds across data, networks, and industrial systems. In this environment, national strength depends on systems that continue performing when challenged and on leaders who understand that strategic outcomes hinge on the uninterrupted functioning of the networks and assets that keep the country moving.

The next decade will test the systems and institutions that sustain American life. Threat activity will grow stronger, and China will keep seeking an advantage through persistent access to the infrastructure that powers the nation. Strategy alone cannot meet this moment. Strength depends on the decisions leaders make and the systems they create. As the federal landscape shifts, the nation increasingly depends on the private sector and state and local partners who run the networks, pipelines, grids, and platforms that keep America moving. These leaders now play a central role in shaping national strength. How they design, protect, and operate the systems under their care will shape America’s standing in this critical decade. The work ahead is challenging, but the opportunity is great: to build a nation whose essential systems remain reliable under pressure and give future generations the freedom to lead with confidence.

Cory Simpson

Cory Simpson is a national security and cybersecurity executive with more than two decades of experience across government, elite military organizations, and the private sector. He leads DC-based organizations that bridge policy and technology, often advising companies across the tech ecosystem—including competitors—to advance modernization, strengthen security, and serve the American people.

About ICIT

The Institute for Critical Infrastructure Technology (ICIT) is a nonprofit, nonpartisan, 501(c)3think tank with the mission of modernizing, securing, and making resilient critical infrastructure that provides for people’s foundational needs. ICIT takes no institutional positions on policy matters. Rather than advocate, ICIT is dedicated to being a resource for the organizations and communities that share our mission. By applying a people-centric lens to critical infrastructure research and decision making, our work ensures that modernization and security investments have a lasting, positive impact on society. Learn more at www.icitech.org.

ICIT CONTACTS:

Parham Eftekhari

Founder and Chairman

parham@icitech.org 

Cory Simpson

Chief Executive Officer

cory@icitech.org