Trump cyber executive order takes aim at prior orders, secure software, identity
President Donald Trump signed an executive order Friday that the White House says promotes developing secure software, adopting the latest encryption protocols, securing internet routing and rolling back parts of two executive orders from the Biden and Obama administrations.
“Cybersecurity is too important to be reduced to a mere political football,” a fact sheet on the executive order reads, criticizing President Joe Biden for attempting “to sneak problematic and distracting issues into cybersecurity policy” in an executive order just before he left office.
The White House released the full text on Friday evening, saying that it prevents misuse of sanctions “against domestic political opponents and clarifying that sanctions do not apply to election-related activities,” while also saying that “it refocuses artificial intelligence (AI) cybersecurity efforts towards identifying and managing vulnerabilities, rather than censorship.”
It’s unclear from the fact sheet which domestic political opponents the White House alleges sanctions have been used against; congressional Republicans released a report claiming the Biden administration used AI to promote censorship, which the executive order might be referencing. The White House did not immediately respond to requests for comment.
“President Trump has made it clear that this Administration will do what it takes to make America cyber secure — including focusing relentlessly on technical and organizational professionalism to improve the security and resilience of the nation’s information systems and networks,” the fact sheet states. The administration has triggered bipartisan concern about cuts to the budget of the Cybersecurity and Infrastructure Security Agency.
The order introduces several notable shifts from the policies established during the Biden administration, including the revocation of a central provision in the Biden-era order that promoted the expansion of federal digital identity initiatives. The previous policy encouraged the use of digital ID documents, such as mobile driver’s licenses, to improve identity verification and combat cybercrime and fraud in public benefit programs. Trump’s order dismisses this approach, warning that such initiatives could increase the risk of fraud and improper access to benefits by undocumented immigrants.
Identity protection advocates told CyberScoop the White House’s order is “disappointing,” further saying the Biden executive order was focused on hostile nation-states, not undocumented immigrants.
“The core of the identity section focused on having NIST create guidance that agencies at all levels of government could use to make digital identity tools more secure, as well as encouraging Federal agencies to start accepting these secure credentials as a way to help prevent fraud in public benefits programs,” said Jeremy Grant, coordinator of the Better Identity Coalition. “Nothing in [Biden’s] January’s [order] included a mandate for the U.S. government to issue digital IDs to anybody – immigrants, or otherwise.”
Additionally, the new executive order rolls back requirements that federal software vendors must attest to following secure development guidelines as defined by the National Institute of Standards and Technology (NIST). Instead, Trump is directing NIST to work with industry partners to develop practical guidance on secure software development and to update the relevant frameworks, placing more emphasis on collaboration than on compliance checklists.
The order further directs federal action on post-quantum cryptography, as well as other steps to ensure that “Americans can know that their personal and home devices meet basic security engineering principles.” It also “strips away inappropriate measures outside of core cybersecurity focus, including removing a mandate for U.S. government issued digital IDs for illegal aliens that would have facilitated entitlement fraud and other abuse,” according to the fact sheet.
There is also a concentration placed on artificial intelligence. Where the Biden order directed agencies to develop advanced cyber defense programs using AI and to study ways to secure AI systems, Trump’s policy narrows the focus to expanding academic access to datasets for cyber defense research, taking caution to protect business confidentiality and national security interests.
You can read the full order on the White House’s website.
Greg Otto contributed to this report.
Update: June 8, 12:52 p.m.: This story was updated to include details from the full text of the executive order.
