Major changes are underway, with new rules for federal agencies and updated requirements for public-private partnerships. We discuss the implementation plans for the strategy’s first two pillars: defend critical infrastructure and disrupt and dismantle threat actors.