Trump terminates Biden's software security, artificial intelligence, and post-quantum encryption initiatives in a fresh executive order

President Donald Trump signed an executive order on Friday that revised several of his Democratic predecessors' major cybersecurity initiatives.

The order marks a significant government reversal on cyber regulation, as it eliminates several projects launched with Biden's Jan. 15 executive order, including software security requirements for federal contractors.

One of the most notable changes is the removal of provisions that would have required federal vendors to comply with new federal security standards, as part of an ongoing collaboration between the National Institute of Standards and Technology (NIST) and industry to update NIST's Software Development Framework.

Trump also eliminated requirements for agencies to start using quantum-resistant encryption and to require vendors to use it when technologically possible. This move significantly reduces Biden's attempts to accelerate the government's adoption of post-quantum cryptography.

The order also scrapped initiatives related to AI's ability to enhance cyber defense, prioritizing AI-related research topics, and using AI for cyber defense in the Pentagon.

Trump removed instructions for the departments of State and Commerce to encourage foreign allies and overseas industries to adopt NIST's PQC algorithms.

The eliminated provisions from Biden's directive also included requirements for federal contractors to submit secure software development attestations and technical data to back up those attestations.

However, Trump preserved one major Biden-era cyber program: a Federal Communications Commission project that will apply government seals of approval to technology products that undergo security testing by federally accredited labs.

The executive order aims to focus on technical and organizational professionalism to improve the security and resilience of the nation's information systems and networks.

It's worth noting that there are no available search results indicating that President Trump issued a new regulation assigning specific authorities or companies to pursue products with a federal government seal certification for security evaluated by federally accredited labs by 2027.

The Biden administration sought to use federal procurement power to improve the software industry's practices, which began with Biden's 2021 cyber order and gained strength in 2024. Trump's elimination of these software security requirements for federal contractors is a departure from this approach.

Trump tweaked the language of Obama-era sanctions on authorities targeting people involved in cyberattacks on the U.S., limiting it to foreigners only.

The Cybersecurity and Infrastructure Security Agency's role in verifying vendors' attestations and the Office of the National Cyber Director's publication of review results were also eliminated.

Trump dropped provisions requiring agencies to test phishing-resistant authentication technologies, explore digital identity documents to prevent fraud, and address risks related to IT vendor concentration.

The executive order does not seem to prioritize research and testing of artificial intelligence for cyber defense, nor does it accelerate the rollout of encryption that withstands the future code-cracking powers of quantum computers, as the projects launched with Biden's Jan. 15 executive order did.

In summary, President Trump's new executive order represents a shift in the government's approach to cybersecurity, eliminating several initiatives launched under the Biden administration and focusing on technical and organizational professionalism instead.

Trump terminates Biden's software security, artificial intelligence, and post-quantum encryption initiatives in a fresh executive order