Former President Donald Trump signed one executive order. This federal order represents a major rewriting and retreat of the cybersecurity policies established by his Democratic predecessors, former President Barack Obama and Vice President Joe Biden. This executive order updates the scope of the previous Executive Order 13694 and previous Executive Order 14144. Perhaps more importantly, it seeks to radically reorient the nation’s focus on cybersecurity in several important ways.
The new order repeals the existing policies for using sanctions as a response to a cyber attack against the United States. Currently, sanctions may only be levied against “foreign malicious actors.” This approach is a definite break with the former administration’s approach. They were thinking in broader terms, of measures to combat or respond to cybersecurity threats, including sanctioning domestic entities.
In a notable shift, the executive order removes requirements for testing artificial intelligence (AI) systems intended to defend energy infrastructure. On top of that, Trump cut research funding for federal programs aimed at securing AI, siphoning money away from such efforts. In fact, the Pentagon needs to declare a halt to the adoption of AI models for cybersecurity. Experts are already raising alarms about what the future of AI holds to protect national interests.
According to a report by Politico, Trump’s administration justified these changes by stating that previous approaches risked “widespread abuse by enabling illegal immigrants to improperly access public benefits.” As part of this directive, Trump struck down a provision that encouraged agencies to “consider accepting digital identity documents” when public benefit programs require identification.
Mark Montgomery mk. Montgomery is senior director of the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation. He was deeply worried about this particular executive order. He stated that “the fixation on revoking digital ID mandates is prioritizing questionable immigration benefits over proven cybersecurity benefits.”
The White House defended the executive order by asserting that it aims “towards identifying and managing vulnerabilities, rather than censorship.” They criticized prior regulations as enforcing “unproven and burdensome software accounting processes that prioritized compliance checklists over genuine security investments.” Moreover, they lamented the tendency to “sneak problematic and distracting issues into cybersecurity policy.”
