President Trump signed an executive order on June 6, 2025, dismantling key cybersecurity regulations established during the Biden and Obama administrations, marking a considerable shift in federal digital security policy. The thorough order supersedes previous directives issued by Obama in April 2015 and Biden in January 2021, fundamentally altering how federal agencies approach digital security threats.
The White House characterized the move as necessary modernization, claiming Biden “attempted to sneak problematic and distracting issues into cybersecurity policy” during his final days in office. Trump administration officials framed existing regulations as “ideologically driven” mandates that hindered effective cybersecurity implementation, particularly targeting federal software acquisition rules with newly established strict deadlines.
Among the most notable changes, the order completely eliminates digital identity document recognition in federal benefits programs. The administration justified this removal by alleging that digital ID frameworks created pathways for undocumented immigrants to exploit public systems, directly blaming “illegal aliens” for identification-related fraud. Critics contend these provisions represented legitimate fraud reduction measures designed to improve government service access.
The order greatly narrows cybersecurity-related sanctions authority, limiting enforcement actions to foreign malicious actors only. This restriction reverses broader powers previously held under Biden and Obama policies, with officials stating the change prevents “misuse against domestic political opponents” and clarifies that sanctions do not apply to election-related activities.
Trump’s directive also discards Biden’s artificial intelligence integration initiatives within national cyber defense systems. Requirements for testing AI models defending energy infrastructure have been eliminated, with resources previously allocated to AI security research being redirected.
Federal agencies must now track AI vulnerabilities using traditional cyber risk frameworks rather than specialized protocols. CISA’s capacity to monitor and respond to these vulnerabilities faces significant constraints due to anticipated workforce reduction of 30%-40% under the Trump Administration.
Software security standards face thorough revision under the new order. Mandates requiring vendors to prove compliance with federal security standards have been removed, while implementation timelines for remaining provisions have been greatly accelerated. The administration characterizes former certification requirements as unnecessary regulatory burdens affecting federal software procurement processes. Security experts warn that voluntary guidelines often result in reduced safeguards and slower adoption rates across government systems.
The order further rolls back Biden’s accelerated post-quantum encryption deployment, reversing requirements for encryption technologies capable of withstanding future quantum computing threats to federal systems.
