The US government has adopted an array of new cyber policies and published a National Cybersecurity Strategy over the past few years. Collectively, these policies signal a significant shift in how the Federal government is approaching cybersecurity. Instead of relying primarily on individual organizations to take voluntary measures, the updated approach envisions a more active government role, such as changing the nature of software liability, reallocating some of the security burden, and increasing requirements on critical infrastructure organizations. Further, the US is not the only country adopting a more activist approach, with the EU, Japan, Australia, and others also revisiting previous policies. Tatyana Bolton, Sunjeet Randhawa, Jim Richberg, and Michael Daniel discuss the implications of these changes for the cybersecurity industry.