Back to New Tab

Trump reshapes federal cybersecurity, cutting Biden-era digital ID and AI initiatives

New Tab News Team
September 18, 2025
Industry News

President Trump signs an executive order revoking key Biden and Obama-era cybersecurity directives, focusing on technical and organizational professionalism.

Credit: Outlever

President Trump signed a new executive order last week, substantially overhauling federal cybersecurity policy by revoking or revising key Biden and Obama-era directives on software security, digital identity, and the use of AI in cybersecurity. The administration frames the changes as a move to address "real technical challenges and enduring cybersecurity threats" by focusing on "technical and organizational professionalism."

  • Red tape reduction: A central change scraps requirements for federal software vendors to attest to their secure development practices, a Biden-era push following major cyberattacks. The Trump administration called these "unproven and burdensome software accounting processes." Instead, the National Institute of Standards and Technology (NIST) will now form an industry consortium to demonstrate secure software methods, with an updated framework due by early December.

  • Digital ID dropped: Biden initiatives promoting digital identity solutions, including for public benefits access and mobile driver's licenses, have been eliminated. The White House cited risks of "widespread abuse by enabling illegal immigrants to improperly access public benefits" and offered no alternative federal digital ID strategy.

  • AI priorities pivot: The new order revises the government's AI cybersecurity strategy, cutting programs that tested AI for critical infrastructure defense and funded secure AI research. The focus shifts to identifying and managing vulnerabilities, with a directive to make existing government cyber defense datasets more accessible for academic research, as reported by Cybersecurity Dive.

The U.S. policy shift on cybersecurity arrives as the EU advances stricter mandatory standards like NIS2 and the AI Act, potentially creating divergence for global tech companies. Meanwhile, the relaxation of PQC adoption timelines in the U.S. contrasts with aggressive quantum-readiness plans by international partners. This executive order also limits cyber sanctions strictly to foreign actors, a move the administration says protects against political misuse.

Related content

An Insider's Guide to Rewiring Orgs as Agents Move From Tools to Core Operators

Omer Grossman, former Chief Trust Officer and Head of the CYBR Unit at CyberArk, explains why nearly every enterprise claims to use AI but almost none have transformed the way their organizations actually operate.

Shadow AI and Departmental Silos Force Enterprises to Rethink Resilience

Nethusha Ravisuthan, Sales Support and Operations Manager at Microsoft, argues that Shadow AI, departmental silos, and ungoverned AI agents are compounding enterprise risk, and that operational trust and holistic system resilience must become foundational to AI deployment.

How Higher Education Puts Boundaries Around AI Agents With Sanctioned Access Models

Vijay Samtani, CISO at Cambridge University, discusses how blocking AI agents is a losing battle for security leaders. Their best course of action is to build clear rules and guidelines for AI access to control vulnerable surfaces.

You might also like

See all →
Powered by Island.
ISLAND, All rights reserved ©