Tech Policy Roundup – November 2025

Stay informed with additional tech policy highlights by following Voices for Innovation on LinkedIn!

Microsoft recently released its 2025 Digital Defense Report, which identifies the greatest cybersecurity threats, what’s on the horizon, and how government and the private sector can collaborate to strengthen digital defenses.

The report highlights how nation-state actors are increasing attacks—both for espionage and financial gain. Governments can help fight back by imposing consequences on attackers, including nation-states, such as sanctions and indictments. For a summary of the report, check out this Microsoft on the Issues blog.

Last month, the National Task Force on Fraud and Scam Prevention called for a coordinated national strategy to address rampant financial fraud, underscoring that scams represent a national security crisis. The Task Force is made up of more than 80 high-profile members, including financial institutions, non-profits, trade associations, U.S. government agencies, and technology companies. The Task Force calls for stronger public-private coordination to stop scams and recommends that the federal government consider establishing a national anti-scam center, as other nations have done. Coverage of this development can be found from Nextgov/FCW.

The Cybersecurity and Information Sharing Act (CISA) of 2015, a cornerstone of U.S. cyber policy, expired when Congress failed to reach an agreement to extend it. CISA encouraged companies to share cyber threat information—and provided liability protections for information sharing. The law enabled threat information to be shared rapidly before attacks could spread. It is possible that the law will be reinstated and extended—and the administration has voiced support for a 10-year extension.

We’ll email you our weekly tech policy executive briefing when you subscribe here.