President Trump dismantled key components of the Biden administration’s cybersecurity framework on June 6, 2025, signing an executive order that eliminates digital identity mandates, strips artificial intelligence security requirements, and redirects federal cyber policy toward what the White House characterized as “critical protections against foreign cyber threats.”
Trump eliminated Biden’s digital identity and AI security mandates while refocusing cybersecurity policy on foreign threats.
The sweeping order targets Biden’s Executive Order 14144, which Trump criticized for attempting to “sneak problematic and distracting issues into cybersecurity policy,” whilst maintaining focus on post-quantum cryptography standards and software security initiatives.
The executive order eliminates mandates requiring U.S. government agencies to increase use of digital ID technologies, with the White House arguing that digital IDs would be exploited by “illegal aliens” and facilitate “entitlement fraud and other abuse.”
The changes struck Biden’s directive encouraging agencies to “consider accepting digital identity documents” for public benefit programs.
Mark Montgomery criticized this modification as “prioritizing questionable immigration benefits over proven cybersecurity benefits.”
Trump’s order removes Biden’s requirements for testing AI in energy infrastructure defense, eliminates funding directives for federal research programs around AI security, and strikes Pentagon mandates to “use AI models for cyber security.”
The White House described these AI changes as refocusing strategy “towards identifying and managing vulnerabilities, rather than censorship,” aligning with complaints from Trump’s Silicon Valley allies about AI “censorship” threats.
The administration mandates agencies address significant flaws in AI software as cybersecurity threats, with compliance required by November deadlines.
The order maintains emphasis on post-quantum cryptography, directing the NSA and Office of Management and Budget to issue government agency standards by December 2025, with implementation goals set for 2030. The administration eliminated requirements for quantum-resistant encryption adoption mandates for federal contractors.
These provisions address risks from quantum computers potentially compromising modern encryption standards.
Software security initiatives remain intact, with the Commerce Department directed to collaborate with private industry beginning August 2025, focusing on improving software development and security protocols.
The order preserves directives on protecting internet traffic routes whilst removing Biden-era explanatory language about risks like border gateway hijacking.
The executive order identifies the People’s Republic of China as the “most active and persistent cyber threat” to U.S. government and infrastructure, whilst naming Russia, Iran, and North Korea as additional significant threat sources.
The timing occurred less than 24 hours after Trump’s public dispute with Elon Musk.
