President Donald Trump signed an executive order Friday that revises several cybersecurity policies established by his Democratic predecessors, Barack Obama and Joe Biden. The White House released a fact sheet claiming Biden’s Executive Order 14144, signed just days before the end of his presidency, introduced “problematic and distracting issues” into cybersecurity policy.
One key change in Biden’s order encouraged federal agencies to consider accepting digital identity documents when verifying eligibility for public benefit programs. Trump’s administration has removed this language, citing concerns that such policies could lead to “widespread abuse by enabling illegal immigrants to improperly access public benefits.” However, Mark Montgomery, senior director at the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation, told Politico that the administration’s focus on rescinding digital ID mandates “prioritizes questionable immigration benefits over proven cybersecurity benefits.”
Shifting AI Cybersecurity Priorities
Trump’s executive order also rescinds Biden’s requirements related to artificial intelligence in cybersecurity. This includes removing directives to test AI tools for defending energy infrastructure, cutting funding for federal AI security research programs, and directing the Pentagon to “use AI models for cybersecurity.” According to the White House, these moves represent a refocus of AI cybersecurity strategy “towards identifying and managing vulnerabilities, rather than censorship.” The decision follows ongoing complaints from Trump’s Silicon Valley allies regarding perceived threats of AI “censorship.”
Other Key Policy Reversals
Additional rollbacks include eliminating Biden’s mandate for agencies to adopt quantum-resistant encryption “as soon as practicable” and removing requirements for federal contractors to attest to the security of their software. The White House criticized these requirements as “unproven and burdensome software accounting processes” that emphasized compliance checklists over actual security improvements. The executive order also repeals Obama-era policies that allowed sanctions on cybersecurity attacks targeting the United States broadly. Under Trump’s order, sanctions will now only apply to “foreign malicious actors,” which the administration says will prevent “misuse against domestic political opponents” and clarify that sanctions “do not apply to election-related activities.”
Author’s Opinion
This executive order reflects a clear intent to redefine cybersecurity by trimming regulatory burdens and focusing on targeted threats rather than broad measures. While some rollbacks may reduce red tape and appease certain industries, the removal of safeguards like digital identity acceptance and software security attestations could expose vulnerabilities. The shift away from expansive sanctions also raises questions about domestic cybersecurity protections. Striking the right balance between security, innovation, and civil liberties remains a delicate challenge.
Featured image credit: Gage Skidmore via Flickr
For more stories like it, click the +Follow button at the top of this page to follow us.