Policy Pulse - Issue #6 | Week of March 15, 2026

Top Story

White House Releases "Cyber Strategy for America" with Cybercrime Executive Order

On March 6, the Trump administration released "President Trump's Cyber Strategy for America," a seven-page framework organized around six pillars: shaping adversary behavior through offensive and defensive cyber operations, promoting "common-sense" regulation, modernizing federal networks with zero-trust architecture and post-quantum cryptography, securing critical infrastructure, sustaining superiority in AI and emerging technologies, and building cyber workforce capacity. The accompanying Executive Order, "Combating Cybercrime, Fraud, and Predatory Schemes Against American Citizens," establishes an operational cell within the National Coordination Center to disrupt transnational cybercriminal networks, mandates a 120-day action plan identifying criminal organizations running scam centers, and directs the Attorney General to recommend a Victims Restoration Program funded by seized criminal assets within 90 days.

The Strategy is the shortest national cyber strategy in recent memory, leaning toward offensive operations and private-sector partnership over prescriptive regulation. In follow-up remarks on March 9-10, National Cyber Director Sean Cairncross announced implementation actions including state-specific critical infrastructure pilots (water in Texas, beef in South Dakota, rural hospitals), a nonprofit "Cyber Academy" for workforce development, and reviews of both the SEC's 2023 incident disclosure rule and CIRCIA reporting requirements. Cairncross stated CIRCIA requirements would be examined to ensure they are "not overly burdensome" and indicated the SEC's four-business-day material incident disclosure rule is "under review."

Why it matters for VDP: The Strategy contains no mention of vulnerability disclosure, coordinated disclosure, or security researcher protections, a notable gap compared to the Biden-era strategy which explicitly addressed these topics. The deregulatory posture could reshape mandatory reporting requirements that the disclosure ecosystem depends on for visibility into incidents. The VDP community will need to actively engage to ensure disclosure priorities remain on the federal agenda as implementation unfolds. (White House Strategy PDF) (White House EO) (Federal Register) (Mayer Brown Analysis)

Upcoming Deadlines & Events

• Mar 19: New York RAISE Act takes effect (frontier AI safety frameworks required). (Governor's Office)
• Mar 30-31: UN Global Mechanism on ICTs organizational session, New York (193 member states). (Lawfare)
• Mar 31: EU CRA draft guidance feedback deadline. (CRA Evidence)
• May 1: Microsoft M365 E7 "Frontier Suite" generally available. DEF CON 34 Policy Track CFP deadline.
• May 5: CISA BOD 26-02 edge device inventory milestone.
• May 2026 (TBD): CIRCIA final rule, likely further delayed due to DHS shutdown.
• Jun-Jul 2026: Trump EO cybercrime action plan deadlines (120-day from March 6).
• Aug 2: EU AI Act high-risk system requirements take effect.
• Aug 6-9: DEF CON 34 at LVCC, Las Vegas.
• Sep 11: EU Cyber Resilience Act mandatory vulnerability reporting begins (24hr/72hr timelines).

This Week in Policy

Federal Strategy & Regulation

• DHS Shutdown Forces CIRCIA Town Hall Cancellations, Threatens Final Rule: The ongoing DHS appropriations lapse (now past 27 days) has forced CISA to cancel all CIRCIA town halls originally scheduled March 9 through early April. Acting CISA Director Nick Andersen confirmed the shutdown "will likely result in a delay to the issuance of the final rule," already pushed twice from October 2025 to May 2026. CISA has designated only 888 of its 2,341 remaining employees as "excepted" during the lapse, halting strategic planning, guidance development, and new capability deployment. (Federal News Network) (CyberScoop)

  Throwback: In Issue #3, we covered the town hall schedule announcement and May timeline target; both are now in jeopardy.

CVE & Vulnerability Programs

• CVE Program Funding Secured, March 16 Crisis Averted: The MITRE CVE contract cliff has been quietly resolved. The CVE Board learned at its January 21 meeting that there would be "no funding cliff in March," with CISA acting director Nick Andersen confirming the program is "fully funded." CVE Board member and CVE Foundation co-founder Pete Allor described the structural shift: the program moved from competing for discretionary leftovers to an above-the-line funded position within CISA's budget. "Why wrestle the horse to the ground when I can use it bridled?" Allor said of the Foundation's more patient posture. However, transparency concerns remain: the contract details are opaque even to Board members, and FOIA requests have gone unanswered. (CSO Online)

  Throwback: We tracked this countdown from T-30 in Issue #3, through T-14 in Issue #4 and Issue #5. The immediate crisis is resolved, but governance questions persist.

AI & Emerging Tech Security

• OpenAI Acquires Promptfoo to Bolster Agentic AI Security: OpenAI announced March 9 that it will acquire Promptfoo, an open-source AI security startup providing automated red-teaming, prompt injection detection, and tool-misuse monitoring. Used by over 25% of Fortune 500 companies, Promptfoo had raised $23M at an $86M valuation (Series A led by Insight Partners with a16z). The tools will be integrated into OpenAI Frontier, with the open-source offering continuing. The acquisition signals major AI labs are internalizing security testing as core platform infrastructure rather than relying on third parties. (OpenAI) (TechCrunch)

• Microsoft Launches Agent 365 with Enterprise Agent Governance: Available May 1 at $99/user/month as part of the new M365 E7 "Frontier Suite," Agent 365 provides centralized observability, security, and governance for enterprise AI agents. The platform introduces "Agent IDs" with lifecycle management, risk-adaptive access controls, and audit trails for non-human entities. Microsoft's own research found 29% of AI agents in surveyed organizations operate without IT or security approval. (Microsoft Security Blog) (VentureBeat)

• NIST AI Agent Security RFI Closes with 932 Submissions: The CAISI Request for Information on AI Agent Security closed March 9, drawing substantial engagement. NIST will host virtual workshops in April 2026 on sector-specific AI adoption barriers (healthcare, finance, education) and begin developing technical guidelines under the AI Agent Standards Initiative launched February 17. The April workshops represent the last major input opportunity before draft standards emerge. (NIST) (Federal Register)

  Throwback: In Issue #1, we flagged this RFI as a critical opportunity for the security research community. With 932 submissions in, the standards development phase begins.

Legal & Researcher Protections

• UK CMA Reform: "Not Whether But How": The UK Cyber Security and Resilience Bill has completed its Public Bill Committee stage. During proceedings on February 24, two clauses proposing Computer Misuse Act reform mechanisms were debated before being withdrawn following ministerial assurances. Minister Kanishka Narayan stated: "The question is simply not whether we will reform the Computer Misuse Act, but simply how." The CyberUp Campaign called this the strongest ministerial commitment to date. The Bill moves to Report Stage, where CMA amendments could resurface with formal backing. (CyberUp Campaign) (GOV.UK)

International Developments

• EU Publishes 70-Page CRA Guidance, Defines "Known Vulnerability": The European Commission published draft guidance on March 3 providing the most detailed interpretation yet of the Cyber Resilience Act's vulnerability reporting obligations. For VDP practitioners, the guidance defines when a vulnerability is considered "known": listed in public databases (EU Vulnerability Database, CVE/MITRE, NVD), disclosed via coordinated vulnerability disclosure programs, or prominently reported in reliable cybersecurity media. This means researchers' disclosure activities can directly trigger manufacturer reporting obligations. The reporting timeline is confirmed: 24-hour early warning to ENISA, 72-hour detailed notification, 14-day final report. Stakeholder feedback is open until March 31. (CRA Evidence) (Linklaters)

Worth Reading

• The UN's Permanent Process on Cybersecurity Faces an Uphill Battle (Lawfare): Analysis of the new UN Global Mechanism launching March 30-31, including the critical question of how security researchers and non-governmental experts will participate in shaping international cyber norms.

• Refreshing America's Cyber Posture: The New National Cybersecurity Strategy (Center for Cybersecurity Policy): Independent analysis of the Trump Strategy's six pillars, including what's missing and what implementation success requires.

• EU Cyber Resilience Act: Commission Issues First Draft Guidance (Linklaters): Ten key points from the 70-page CRA guidance, including how coordinated disclosure programs trigger manufacturer reporting obligations. Feedback deadline: March 31.

• The New Cyber Doctrine of the United States (Sidley Austin): Detailed legal analysis of both the Cyber Strategy and the cybercrime EO, covering implications for private-sector cybersecurity obligations and enforcement priorities.

Friends of disclose.io

Cloud Security Alliance: "The State of Cloud and AI Security in 2026"

CSA's March 13 report offers a data point that should reframe how the VDP community thinks about attack surface: for every human identity in the average enterprise, there are now 100 machine identities, many of them AI agents operating with overprivileged access. The report finds that decentralized AI agents enable data exfiltration "at machine speed without ever compromising a human credential," making non-human identity the dominant security challenge of 2026.

Key findings:

• 100:1 machine-to-human identity ratio across surveyed enterprises
• Overprivileged agents identified as the primary exfiltration vector
• Recommendation: transition from static API keys to ephemeral identity-based credentials
• All AI-generated code should be treated as untrusted third-party components
• Toxic cloud exposure combinations dropped from 38% to 29% globally (one bright spot)

For VDP operators, this means vulnerability disclosure programs need to account for non-human entities as both attack surfaces and potential reporters. The traditional model of human researchers finding and reporting bugs in human-operated systems is expanding into agent-on-agent security terrain.

The full report is available from the Cloud Security Alliance.

CSA has published cybersecurity guidance since 2008 and their annual state-of-security reports provide consistent benchmarking data for the industry.

Policy Pulse is a weekly bulletin from disclose.io. Keeping the security research community informed on policy that affects our work.

Have a tip or want to contribute? Reply to this email, reach out on Twitter/X, or drop a comment here!