The senior director for cyber at the White House’s National Security Council addressed an audience Thursday, advocating for the normalization of offensive cyber operations as a critical element in the government’s strategy to counter foreign threats.

Alexei Bulazel stated at the RSAC 2025 conference that he considers offensive cyber operations as one of several options available when responding to adversarial actions in the digital realm. "This isn’t offense for offense’s sake, but being able to respond if we’re the subject of foreign aggression," he said.

His remarks reflect a changing view within the current administration compared to previous administrations, where offensive cyber tactics were seen as controversial or escalatory. It now seems likely to become a standard component of the United States’ national security measures. Bulazel pointed out that discussing offensive cyber operations often attracts attention, yet his team at the National Security Council regards it as an evolution from prior policies focused on deterrence. "Deterrence in cybersecurity is challenging," he remarked. "There are numerous strategies to increase costs for these actors," indicating that responses should demonstrate to adversaries that their actions will prompt retaliation. He noted that earlier administrations were reluctant to adopt such measures. He mentioned various methods by which the U.S. could respond offensively, including disrupting the tools, tactics, or procedures used by adversaries to carry out attacks. “If we identify that an adversary intends to exploit a particular vulnerability, we can collaborate with the private sector or agencies like DHS’s CISA to preemptively address those vulnerabilities and potentially conduct operations against the adversary,” he explained.

Bulazel also discussed ongoing debates surrounding the legal and normative boundaries of offensive cyber operations, emphasizing concerns about whether U.S. actions should mirror those of adversaries or rely on proportional, non-cyber responses such as sanctions or indictments. He argued that consistently absorbing hostile cyber operations risks setting harmful precedents and normalizing adversarial behaviors. “Not responding can escalate the situation,” he stated. “There is a concern that offensive cyber could be seen as escalatory, but allowing continual adversarial hacking establishes an unacceptable norm. We must communicate that such actions are not acceptable.”