Trump administration takes aim at Biden and Obama cybersecurity rules

The Trump administration has issued an executive order that significantly revises and rolls back several cybersecurity policies established by former Presidents Barack Obama and Joe Biden. The administration criticized Biden’s recent cybersecurity order, particularly opposing its encouragement for agencies to accept digital identity documents for public benefit programs, citing concerns about potential abuse by illegal immigrants. Experts like Mark Montgomery argue that revoking digital ID mandates prioritizes immigration concerns over cybersecurity benefits. The new order also shifts the federal AI cybersecurity strategy to focus on identifying and managing vulnerabilities rather than censorship, promotes AI use in defending energy infrastructure and Pentagon cybersecurity, and supports federal AI security research. Additionally, the order removes previous requirements for agencies to adopt quantum-resistant encryption promptly and eliminates mandates for federal contractors to attest to software security, labeling these as burdensome and ineffective compliance measures. It also repeals Obama-era policies that allowed sanctions for cybersecurity attacks, restricting sanctions only to foreign malicious actors to avoid misuse against domestic political opponents and clarify that election-related activities are exempt. Overall, the Trump administration’s changes reflect a move away from some compliance-heavy and expansive cybersecurity measures toward a narrower, security-focused approach with an emphasis on AI and foreign threats.