Protect and secure your data from cyber attacks
Data Protection
Data Security
Data Insights
The 5 Steps to Cyber Resilience
Cloud & SaaS
Enterprise
Industries
Defending the nation’s cyber posture requires industry and government to operate as true partners.
What if cybersecurity were treated as national security? Today, it is.
Over the past year, I’ve had the privilege of personally meeting with the National Cyber Director a few times and engaging with other leaders across the U.S. government on one of the most urgent challenges of our time: protecting the nation’s digital infrastructure. In addition, Cohesity met with the U.S. National Cyber Director staff to discuss the growing cyber threats facing both the public and private sectors. In early December, we participated in a White House industry session where the Administration previewed the National Cyber Strategy, which was released today.
I want to commend Sean Cairncross and the Office of the National Cyber Director (ONCD) for advancing a comprehensive, forward-looking strategy that recognizes a foundational reality: cyber risk is national risk is business risk. In an era where digital systems and data underpin everything from military readiness to public health and economic stability, defending the nation’s cyber posture requires industry and government to operate not as adjacent stakeholders, but as true partners.
Sean Cairncross, U.S. National Cyber Director and Sanjay Poonen, CEO and President, Cohesity.
Through six pillars, the updated National Cyber Strategy confronts today’s threat environment and prepares the nation for tomorrow’s technological realities. At a time when ransomware and other destructive cyberattacks have increased more than 70% year over year globally, and nation-state actors are routinely targeting U.S. government agencies and critical infrastructure, the strategy reflects both urgency and pragmatism. This strategy counters advanced persistent threats (APTs), modernizes federal systems, secures vital infrastructure, and sustains U.S. leadership in AI and emerging technologies—meeting the moment while anticipating what comes next.
Several elements stand out as particularly impactful:
No private organization, regardless of size, maturity, or budget, should be expected to defend alone against nation-state-level cyber campaigns. Today, adversaries operate with near-unlimited resources, long dwell times, and sophisticated tradecraft. The Administration’s emphasis on deeper public-private collaboration, improved threat-intelligence sharing, and coordinated defensive and offensive cyber operations is a critical step forward. This approach reflects a hard-learned lesson: collective defense is the only way to level the playing field against actors capable of launching systemic, cross-sector attacks.
Federal agencies continue to manage some of the world’s most complex IT environments, many of which include decades-old legacy systems. According to the U.S. Government Accountability Office reports, legacy systems still consume the majority of federal IT budgets, while introducing disproportionate cyber risk. The strategy’s focus on Zero Trust architecture, cloud modernization, post-quantum cryptography, and AI-enabled cybersecurity acknowledges that modernization is no longer optional. These capabilities are essential to reducing attack surfaces, improving detection and response times, and ensuring agencies can maintain operations, even under active attack.
Critical infrastructure remains a prime target for adversaries seeking to disrupt daily life and undermine public trust. From energy and telecommunications to healthcare and water systems, attacks on these sectors have grown both more frequent and more consequential. With more than 80% of U.S. critical infrastructure owned or operated by the private sector, the strategy’s renewed focus on prioritizing high-risk sectors, clarifying accountability, and strengthening incident-response coordination is essential. Resilience must be designed in, not bolted on after an incident, if we are to protect public safety and the backbone of the nation’s economy.
AI is rapidly reshaping innovation and the cyber threat landscape. As organizations are racing to adopt AI, adversaries are exploiting the same technologies to scale attacks, automate reconnaissance, and accelerate exploitation. The strategy’s emphasis on securing AI supply chains, protecting intellectual property, and ensuring responsible AI deployment is both timely and necessary. At Cohesity, we act to secure AI from inception because AI resilience will shape the future of national security, incident response, and recovery.
The global cybersecurity workforce gap, estimated at 3 to 4 million unfilled roles, remains one of the most persistent challenges to national cyber defense. Building resilient systems ultimately depends on building resilient people.
Cohesity is honored to contribute to this critical national dialogue. Our teams have already provided input to government stakeholders, and we look forward to continued engagement. Data security, operational resilience, and secure AI innovation are all areas that directly align with Cohesity’s mission and expertise.
At Cohesity, our focus is clear:
We stand ready to partner with federal agencies, critical infrastructure operators, and enterprises to deliver the secure, modern foundation required to address today’s and tomorrow’s cyber challenges.
Cyber threats are escalating in speed, sophistication, and scale. Meeting them will require more than policy. We’ll need sustained collaboration, shared accountability, and a collective commitment to resilience across government and industry. The National Cyber Strategy represents a pivotal moment: an opportunity to strengthen our defenses, safeguard innovation, and ensure the United States remains the global leader in secure, trustworthy technology.
At Cohesity, and across the broader cybersecurity community we are privileged to be part of, our goal is to help keep societies, economies, and institutions secure and resilient. The United States plays a critical role in the global digital ecosystem, with a highly interconnected economy, world‑class talent, and vital public‑ and private‑sector assets that underpin innovation and growth far beyond its borders. Protecting these systems is not only a national imperative, but a global one. That is why cybersecurity is national security, and increasingly, collective security.
Written By
Sanjay Poonen
CEO and President
