Trump Rewrites Cybersecurity Policy in Executive Order
p
Government
Industry Specific
Standards Regulations Compliance
ppPresident Donald Trump signed Friday an executive order reframing US cybersecurity policy eliminating what the Republican White House described as problematic elements inherited from Democratic administrationsppSee Also Cisco Umbrella for Government Helping Agencies Meet Their Enhanced Cybersecurity Mandates and TIC30 StandardsppThe new order strikes a push for digital identity documents made by thenPresident Joe Biden in one of his last acts as commander in chief Digital IDs the White House said risked widespread abuse by enabling illegal immigrants to improperly access public benefits see Final Biden Cybersecurity Order Will Face Political HurdlesppIt reaches back into the presidency of Barack Obama to strike policy in effect since 2015 allowing sanctions against any person engaged in foreigndirected hacking operations The new policy is that only a foreign person can be sanctionedppA White House fact sheet says the order limits cyber sanctions strictly to foreign malicious actors to prevent misuse against domestic political opponents and criticizes the Biden administration for micromanaging technical cybersecurity decisions better handled at the department and agency level ppThe announcement which also says cybersecurity is too important to be reduced to a mere political football comes just days after the White House proposed deep budget and staffing cuts at CISA a move analysts and former officials warn could seriously weaken federal cyber defenses see There Will Be Pain CISA Cuts Spark Bipartisan ConcernsppIn a prepared statement the Better identity Coalition a lobbying association that includes Apple Microsoft Okta and banks decried the White Houses repudiation of digital ID Nothing in Januarys EO included a mandate for the US government to issue digital IDs to anybody immigrants or otherwise said Jeremy Grant association coordinatorppThe Trump order removes a Biden requirement that would have required software developers to submit attestations validating their use of secure software development practices that were outlined in a 2021 executive order The Trump order says the government will lean on voluntary secure software development guidance developed by consortium established by the National Cybersecurity Center of Excellence with industryppIn one change that imposes a deadline rather than lifting it the order directs the Cybersecurity and Infrastructure Security Agency to establish by Dec 1 2025 a list of product categories that widely support postquantum cryptography Experts say a transition to postquantum cryptography should begin immediately to head off harvest now decrypt later attacks in which foreign powers save intercepted encrypted communications for later decryption by a quantum computer Most experts anticipate that a cryptanalytically relevant quantum computer as it is known will likely come online in the first years of the coming decade The Biden administration in 2024 estimated the cost through 2035 for transitioning key federal systems to postquantum encryption will be at least 71 billion see US NIST Formalizes 3 PostQuantum AlgorithmsppThe order places new emphasis on artificial intelligence software flaws within interagency coordination for vulnerability management including through incident tracking response and reporting and by sharing indicators of compromise for AI systemsppIt gives the Trump administration stamp of approval for a cybersecurity labeling program for Internet of Things devices launched by the democratically controlled Federal Communications Commission during its last month in power Federal agencies the order says should start within a year to only but IoT devices that carry a US Cyber Trust Mark see White House Launches US Cyber Trust Mark for IoT DevicesppUpdate June 7 2025 1840 UTC Adds statement from Better Identity CoalitionppEditorial Director News ISMGppPerera is editorial director for news at Information Security Media Group He previously covered privacy and data security for outlets including MLex and Politico pp
ppManaging Editor GovInfoSecurityppRiotta is a journalist based in Washington DC He earned his masters degree from the Columbia University Graduate School of Journalism where he served as 2021 class president His reporting has appeared in NBC News NextgovFCW Newsweek Magazine The Independent and morepp
ppCovering topics in risk management compliance fraud and information securityppBy submitting this form you agree to our Privacy GDPR Statementppwhitepaperpp3rd Party Risk ManagementppData PrivacyppIncident Breach ResponseppEventspp3rd Party Risk ManagementppContinue pp
90 minutes Premium OnDemand
ppOverviewppFrom heightened risks to increased regulations senior leaders at all levels are pressured to
improve their organizations risk management capabilities But no one is showing them how
until nowppLearn the fundamentals of developing a risk management program from the man who wrote the book
on the topic Ron Ross computer scientist for the National Institute of Standards and
Technology In an exclusive presentation Ross lead author of NIST Special Publication 80037
the bible of risk assessment and management will share his unique insights on how toppSr Computer Scientist Information Security Researcher
National Institute of Standards and Technology NISTppWas added to your briefcaseppTrump Rewrites Cybersecurity Policy in Executive OrderppTrump Rewrites Cybersecurity Policy in Executive Orderpp
Just to prove you are a human please solve the equation
ppSign in now ppNeed help registering
Contact support
ppComplete your profile and stay up to dateppContact Support ppCreate an ISMG account now ppCreate an ISMG account now ppNeed help registering
Contact support
ppSign in now ppNeed help registering
Contact support
ppSign in now ppOur website uses cookies Cookies enable us to provide the best experience possible and help us understand how visitors use our website By browsing databreachtodaycom you agree to our use of cookiesp
Government
Industry Specific
Standards Regulations Compliance
ppPresident Donald Trump signed Friday an executive order reframing US cybersecurity policy eliminating what the Republican White House described as problematic elements inherited from Democratic administrationsppSee Also Cisco Umbrella for Government Helping Agencies Meet Their Enhanced Cybersecurity Mandates and TIC30 StandardsppThe new order strikes a push for digital identity documents made by thenPresident Joe Biden in one of his last acts as commander in chief Digital IDs the White House said risked widespread abuse by enabling illegal immigrants to improperly access public benefits see Final Biden Cybersecurity Order Will Face Political HurdlesppIt reaches back into the presidency of Barack Obama to strike policy in effect since 2015 allowing sanctions against any person engaged in foreigndirected hacking operations The new policy is that only a foreign person can be sanctionedppA White House fact sheet says the order limits cyber sanctions strictly to foreign malicious actors to prevent misuse against domestic political opponents and criticizes the Biden administration for micromanaging technical cybersecurity decisions better handled at the department and agency level ppThe announcement which also says cybersecurity is too important to be reduced to a mere political football comes just days after the White House proposed deep budget and staffing cuts at CISA a move analysts and former officials warn could seriously weaken federal cyber defenses see There Will Be Pain CISA Cuts Spark Bipartisan ConcernsppIn a prepared statement the Better identity Coalition a lobbying association that includes Apple Microsoft Okta and banks decried the White Houses repudiation of digital ID Nothing in Januarys EO included a mandate for the US government to issue digital IDs to anybody immigrants or otherwise said Jeremy Grant association coordinatorppThe Trump order removes a Biden requirement that would have required software developers to submit attestations validating their use of secure software development practices that were outlined in a 2021 executive order The Trump order says the government will lean on voluntary secure software development guidance developed by consortium established by the National Cybersecurity Center of Excellence with industryppIn one change that imposes a deadline rather than lifting it the order directs the Cybersecurity and Infrastructure Security Agency to establish by Dec 1 2025 a list of product categories that widely support postquantum cryptography Experts say a transition to postquantum cryptography should begin immediately to head off harvest now decrypt later attacks in which foreign powers save intercepted encrypted communications for later decryption by a quantum computer Most experts anticipate that a cryptanalytically relevant quantum computer as it is known will likely come online in the first years of the coming decade The Biden administration in 2024 estimated the cost through 2035 for transitioning key federal systems to postquantum encryption will be at least 71 billion see US NIST Formalizes 3 PostQuantum AlgorithmsppThe order places new emphasis on artificial intelligence software flaws within interagency coordination for vulnerability management including through incident tracking response and reporting and by sharing indicators of compromise for AI systemsppIt gives the Trump administration stamp of approval for a cybersecurity labeling program for Internet of Things devices launched by the democratically controlled Federal Communications Commission during its last month in power Federal agencies the order says should start within a year to only but IoT devices that carry a US Cyber Trust Mark see White House Launches US Cyber Trust Mark for IoT DevicesppUpdate June 7 2025 1840 UTC Adds statement from Better Identity CoalitionppEditorial Director News ISMGppPerera is editorial director for news at Information Security Media Group He previously covered privacy and data security for outlets including MLex and Politico pp
ppManaging Editor GovInfoSecurityppRiotta is a journalist based in Washington DC He earned his masters degree from the Columbia University Graduate School of Journalism where he served as 2021 class president His reporting has appeared in NBC News NextgovFCW Newsweek Magazine The Independent and morepp
ppCovering topics in risk management compliance fraud and information securityppBy submitting this form you agree to our Privacy GDPR Statementppwhitepaperpp3rd Party Risk ManagementppData PrivacyppIncident Breach ResponseppEventspp3rd Party Risk ManagementppContinue pp
90 minutes Premium OnDemand
ppOverviewppFrom heightened risks to increased regulations senior leaders at all levels are pressured to
improve their organizations risk management capabilities But no one is showing them how
until nowppLearn the fundamentals of developing a risk management program from the man who wrote the book
on the topic Ron Ross computer scientist for the National Institute of Standards and
Technology In an exclusive presentation Ross lead author of NIST Special Publication 80037
the bible of risk assessment and management will share his unique insights on how toppSr Computer Scientist Information Security Researcher
National Institute of Standards and Technology NISTppWas added to your briefcaseppTrump Rewrites Cybersecurity Policy in Executive OrderppTrump Rewrites Cybersecurity Policy in Executive Orderpp
Just to prove you are a human please solve the equation
ppSign in now ppNeed help registering
Contact support
ppComplete your profile and stay up to dateppContact Support ppCreate an ISMG account now ppCreate an ISMG account now ppNeed help registering
Contact support
ppSign in now ppNeed help registering
Contact support
ppSign in now ppOur website uses cookies Cookies enable us to provide the best experience possible and help us understand how visitors use our website By browsing databreachtodaycom you agree to our use of cookiesp
