The overlooked changes that two Trump executive orders could bring to cybersecurity | CyberScoop<\/title> <meta name=\"description\" content=\"Two executive orders President Donald Trump has signed in recent months could prove to have a more dramatic impact on cybersecurity than first thought, for better or for worse.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/trump-administration-cybersecurity-executive-orders-policy-changes-2025\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"The overlooked changes that two Trump executive orders could bring to cybersecurity\"> <meta property=\"og:description\" content=\"Two executive orders President Donald Trump has signed in recent months could prove to have a more dramatic impact on cybersecurity than first thought, for better or for worse.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/trump-administration-cybersecurity-executive-orders-policy-changes-2025\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-08-13T19:04:01+00:00\"> <meta property=\"article:modified_time\" content=\"2025-08-13T19:04:04+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Tim Starks\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@timstarks\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1754500264g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1755021799g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1753281318g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/85564\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=85564\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Ftrump-administration-cybersecurity-executive-orders-policy-changes-2025%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Ftrump-administration-cybersecurity-executive-orders-policy-changes-2025%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-85564 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/trump-administration-cybersecurity-executive-orders-policy-changes-2025\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.790322580645\">\n<div class=\"single-article__header-content\" readability=\"36.47619047619\">\n<p> Good, bad, puzzling \u2014 a March order and June order could have bigger ripples than realized when the president signed them. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/85564\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> President Donald Trump holds up an executive order on creating a White House 2028 Olympics task force after signing it in the South Court Auditorium of the White House on Aug. 5, 2025. (Photo by Brendan SMIALOWSKI \/ AFP) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"97.186033292732\"><body readability=\"205.33239362171\"><\/p>\n<p>Two executive orders President Donald Trump has signed in recent months could prove to have a more dramatic impact on cybersecurity than first thought, for better or for worse.<\/p>\n<p>Overall, some of Trump\u2019s executive orders have been more about <a href=\"https:\/\/www.nytimes.com\/2025\/05\/12\/health\/trump-drug-prices.html\">sending a message<\/a> than spurring lasting change, as there are <a href=\"https:\/\/kansasreflector.com\/2025\/01\/21\/trumps-executive-orders-can-make-change-but-are-limited-and-can-be-undone-by-the-courts\/#:~:text=Finally%2C%20executive%20orders%20are%20not,First%2Dyear%20revocations\">limits to their powers<\/a>. Specifically, some of the provisions of the two executive orders with cyber ramifications \u2014 <a href=\"https:\/\/www.whitehouse.gov\/presidential-actions\/2025\/03\/achieving-efficiency-through-state-and-local-preparedness\/\">one from March<\/a> on state and local preparedness generally, and <a href=\"https:\/\/www.whitehouse.gov\/presidential-actions\/2025\/06\/sustaining-select-efforts-to-strengthen-the-nations-cybersecurity-and-amending-executive-order-13694-and-executive-order-14144\/\">one from June<\/a> explicitly on cybersecurity \u2014 are more puzzling to cyber experts than anything else, while others preserve policies of the prior administration which Trump has criticized in harsh terms. Yet others might fall short of the orders\u2019 intentions, in practice.<\/p>\n<p>But amid the flurry of <a href=\"https:\/\/cyberscoop.com\/cisa-workforce-cuts-house-leaders-legislation\/\">personnel changes<\/a>, <a href=\"https:\/\/cyberscoop.com\/cisa-budget-135m-dhs-2026-house-appropriations\/\">budget cuts<\/a> and other executive branch activity in the first half of 2025 under Trump, the full scope of the two cyber-related executive orders might have been somewhat overlooked. And the effects of some of those orders could soon begin coming to fruition as key top Trump cyber officials assume their posts.<\/p>\n<p>The Foundation for Defense of Democracies\u2019 Mark Montgomery said the executive orders were \u201cmore important\u201d than he originally understood, noting that he \u201cunderestimated\u201d the March order after examining it more closely. Some of the steps would be positive if fully implemented, such as the preparedness order\u2019s call for the creation of a national resilience strategy, he said.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The Center for Democracy & Technology said the June order, which would unravel some elements of executive orders under presidents Joe Biden and Barack Obama, would have a negative effect on cybersecurity.<\/p>\n<p>\u201cRolling back numerous provisions focused on improving cybersecurity and identity verification in the name of preventing fraud, waste, and abuse is like claiming we need safer roads while removing guardrails from bridges,\u201d said the group\u2019s president, Alexandra Reeve Givens. \u201cThe only beneficiaries of this step backward are hackers who want to break into federal systems, fraudsters who want to steal taxpayer money from insecure services, and legacy vendors who want to maintain lucrative contracts without implementing modern security protections.\u201d<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-the-big-changes-and-the-in-betweens\">The big changes and the in-betweens<\/h4>\n<p>Perhaps <a href=\"https:\/\/cyberscoop.com\/trump-cyber-executive-order-takes-aim-at-prior-orders-secure-software-more\/\">the largest shift<\/a> in either order is the deletion of a section of an executive order Biden signed in January on digital identity verification that was intended to fight cybercrime and fraud. In undoing the measures in that section, the White House asserted that it was removing mandates \u201cthat risked widespread abuse by enabling illegal immigrants to improperly access public benefits.\u201d<\/p>\n<p>One critic, speaking on condition of anonymity to discuss the changes candidly, said \u201cthere\u2019s not a single true statement or phrase or word in\u201d the White House\u2019s claim. The National Security Council did not respond to requests for comment on the order.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Some, though, such as Nick Leiserson of the Institute for Security and Technology, observed that <a href=\"https:\/\/securityandtechnology.org\/blog\/rapid-reaction-trump-47s-first-cybersecurity-executive-order\/\">the digital identities language<\/a> in the Biden order was among the \u201cweakest\u201d in the document, since it only talked about how agencies should \u201cconsider\u201d ways to accept digital identities.<\/p>\n<p>The biggest prospective change in the March order was a stated shift for state and local governments to handle disaster preparedness, including for cyberattacks, a notion that <a href=\"https:\/\/cyberscoop.com\/trump-executive-order-cybersecurity-state-local-impact\/\">drew intense criticism<\/a> from cyber experts at the time who said states don\u2019t have the resources to defend themselves against Chinese hackers alone. But that shift could have bigger ripples than originally realized.<\/p>\n<p>Errol Weiss, chief security officer at the Health-ISAC, an organization devoted to exchanging threat information in the health sector, said that as the Cybersecurity and Infrastructure Security Agency has scaled back the free services it offers like vulnerability scanning, states would hypothetically have to step into that gap to aid entities like the ones Weiss serves. \u201cIf that service goes away, and pieces of it probably already have, there\u2019s going to be a gap there,\u201d he said.<\/p>\n<p>Some of the changes from the March order might only be realized now that the Senate has confirmed <a href=\"https:\/\/cyberscoop.com\/tag\/sean-cairncross\/\">Sean Cairncross<\/a> as national cyber director, or after the Senate takes action on <a href=\"https:\/\/cyberscoop.com\/tag\/sean-plankey\/\">Sean Plankey<\/a> to lead CISA, said Jim Lewis, a fellow at the Center for European Policy Analysis.<\/p>\n<p>For instance: The order directs a review of critical infrastructure policy documents, including National Security Memorandum 22, <a href=\"https:\/\/cyberscoop.com\/critical-infrastructure-memorandum-ppd-21\/\">a rewrite<\/a> of a decade-old directive meant to foster better threat information sharing and respond to changing threats. There are already signs the administration <a href=\"https:\/\/www.cybersecuritydive.com\/news\/critical-infrastructure-cybersecurity-federal-support-risk\/753686\/\">plans to move away<\/a> from that memorandum, a development that a Union of Concerned Scientists analyst said <a href=\"https:\/\/blog.ucs.org\/shana-udvardy\/7-takeaways-from-trumps-disaster-preparedness-executive-order-and-what-it-means-for-us\/\">was worrisome<\/a>, but critics of the memo such as Montgomery said a do-over could be a good thing.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Most of the other biggest potential changes, however, are in the June order. This is a partial list:<\/p>\n<ul class=\"wp-block-list\">\n<li>It eliminates a requirement under the January Biden order that government vendors provide certifications about the security of their software development to CISA for review. \u201cI just don\u2019t think that you can play the whole, \u2018We care about cyber,\u2019 and, \u2018Oh, by the way, this incredible accountability control? We rolled that back,\u2019\u201d said Jake Williams, director of research and development at Hunter Strategy.<\/li>\n<li>It removes another January Biden order requirement that the National Institute of Standards and Technology develop new guidance on minimum cybersecurity practices, <a href=\"https:\/\/www.dwt.com\/blogs\/privacy--security-law-blog\/2025\/06\/trump-cyber-order-changes-biden-eo-14144\">thought to be<\/a> among that order\u2019s \u201cmost ambitious prescriptions.\u201d<\/li>\n<li>It would move CISA in the direction of implementing a <a href=\"https:\/\/federalnewsnetwork.com\/cybersecurity\/2023\/10\/cisa-hails-progress-on-cyber-risk-visibility-but-lawmakers-eye-expanded-shared-services\/\">\u201cno-knock\u201d<\/a> or \u201cno-notice\u201d approach to hunting threats within federal agencies, Leiserson noted.<\/li>\n<li>It strikes language saying that the internet data routing rules known as <a href=\"https:\/\/cyberscoop.com\/tag\/border-gateway-protocol\/\">Border Gateway Protocol<\/a> are \u201cvulnerable to attack and misconfiguration,\u201d something Williams said might ease pressure on internet service providers to make improvements. \u201cThe ISPs know it\u2019s going to cost them a ton to address the issue,\u201d he said.<\/li>\n<li>It erases a requirement from the Biden order that contained no deadline, but said that federal systems must deploy phishing-resistant multi-factor authentication. <\/li>\n<li>It deletes requirements for pilot projects stemming from the Defense Advanced Research Projects Agency-led Artificial Intelligence Cyber Challenge. DARPA recently completed its 2025 challenge, <a href=\"https:\/\/cyberscoop.com\/darpa-ai-cyber-challenge-winners-def-con-2025\/\">awarding prize money<\/a> at this year\u2019s DEF CON cybersecurity conference.<\/li>\n<li>It says that \u201cagencies\u2019 policies must align investments and priorities to improve network visibility and security controls to reduce cyber risks,\u201d a change security adviser and New York University adjunct professor Alex Sharpe praised.<\/li>\n<\/ul>\n<p>Some of the changes led to analysts concluding, alternatively, a continuation or rollback of directives from the January Biden executive order on things like federal agency email encryption or post-quantum cryptography.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-the-head-scratchers-and-the-mysteries\">The head-scratchers and the mysteries<\/h4>\n<p>Some of the moves in the June order perplexed analysts.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>One was specifying that cyber sanctions must be limited, in the words of a White House <a href=\"https:\/\/www.whitehouse.gov\/fact-sheets\/2025\/06\/fact-sheet-president-donald-j-trump-reprioritizes-cybersecurity-efforts-to-protect-america\/\">fact sheet<\/a>, \u201cto foreign malicious actors, preventing misuse against domestic political opponents and clarifying that sanctions do not apply to election-related activities.\u201d The Congressional Research Service could find no indication that cyber sanctions had been used domestically, and said the executive order appears to match prior policy.<\/p>\n<p>Another is the removal of the NIST guidance on minimum cybersecurity practices. \u201cIf you\u2019re trying to deregulate, why kill the effort to harmonize the standards?\u201d Sharpe asked. <\/p>\n<p>Yet another is deletion of a line from the January Biden order to the importance of open-source software. \u201cThis is a bit puzzling, as open source software <em>does<\/em> underlie almost all software, including federal systems,\u201d Leiserson wrote (emphasis his).<\/p>\n<p>Multiple sources told CyberScoop it\u2019s unclear who wrote the June order and whom they consulted with in doing so. One source said some agency personnel complained about the lack of interagency vetting of the document. Another said Alexei Bulazel, the NSC director of cyber, appeared to have no role in it.<\/p>\n<p>Another open question is how much force will be put behind implementing the June order.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>It loosens the strictness with which agencies must carry out the directives it lays out, at least compared with the January Biden order. It gives the national cyber director a more prominent role in coordination, Leiserson said. And it gives CISA new jobs.<\/p>\n<p>\u201cSince President Trump took office \u2014 and strengthened by his Executive Order in June \u2014 CISA has taken decisive action to bolster America\u2019s cybersecurity, focusing on critical protections against foreign cyber threats and advancing secure technology practices,\u201d said Marci McCarthy, director of public affairs for CISA.<\/p>\n<p>California Rep. Eric Swalwell, the top Democrat on the House Homeland Security Committee\u2019s cyber subpanel, told CyberScoop he was skeptical about what the June executive order signalled about Trump\u2019s commitment to cybersecurity.<\/p>\n<p>\u201cThe President talks tough on cybersecurity, but it\u2019s all for show,\u201d he said in a statement. \u201cHe signed the law creating CISA and grew its budget, but also rolled back key Biden-era protections, abandoned supply chain efforts, and drove out cyber experts. CISA has lost a third of its workforce, and his FY 2026 budget slashes its funding \u2026<\/p>\n<p>\u201cEven if his cyber and AI goals are sincere, he\u2019s gutted the staff needed to meet them,\u201d Swalwell continued. \u201cHe\u2019s also made the government less secure by giving unvetted allies access to sensitive data. His actions don\u2019t match his words.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Montgomery said there was a contradiction between the June order giving more responsibilities to agencies like NIST while the administration was proposing around a 20% cut to that agency, and the March order shifting responsibilities to state and local governments without giving them the resources to handle it.<\/p>\n<p>A <a href=\"https:\/\/www.wilmerhale.com\/en\/insights\/client-alerts\/20250613-new-executive-order-modifies-cybersecurity-requirements-to-be-imposed-on-federal-contractors-and-subcontractors\">WilmerHale analysis<\/a> said that as the administration shapes cyber policy, the June order \u201csignals what that approach is likely to be: removing requirements perceived as barriers to private sector growth and expansion while preserving key requirements that protect the U.S. government\u2019s own systems against cyber threats posed by China and other hostile foreign actors.\u201d<\/p>\n<p>For all of <a href=\"https:\/\/arstechnica.com\/security\/2025\/06\/cybersecurity-take-a-big-hit-in-new-trump-executive-order\/\">the changes<\/a> it could make, analysts agreed the June order does continue a fair number of Biden administration policies, like commitments to the <a href=\"https:\/\/cyberscoop.com\/tag\/u-s-cyber-trust-mark\/\">Cyber Trust Mark<\/a> labeling initiative, space cybersecurity policy and requirements for defense contractors to protect sensitive information.<\/p>\n<p>Some of those proposals didn\u2019t get very far before the changeover from Biden to Trump. But it might be easier for the Trump administration to achieve its goals.<\/p>\n<p>\u201cIt\u2019s hard to say the car is going in the wrong direction when they haven\u2019t started the engine,\u201d Lewis said. \u201cThese people don\u2019t have the same problem, this current team, because they\u2019re stripping stuff back. They\u2019re saying, \u2018We\u2019re gonna do less.\u201d So it\u2019s easier to do less.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"author-card\" readability=\"7.7216117216117\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/08\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity-1.jpg?w=640&ssl=1\" alt=\"Tim Starks\"> <\/figure>\n<\/p><\/div>\n<div class=\"author-card__details\" readability=\"10.901098901099\">\n<h4 class=\"author-card__name\">Written by Tim Starks<\/h4>\n<p> Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he’s covered cybersecurity since 2003. Email Tim here: <a href=\"mailto:tim.starks@cyberscoop.com\">tim.starks@cyberscoop.com<\/a>. <\/div>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/trump-administration-cybersecurity-executive-orders-policy-changes-2025\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The overlooked changes that two Trump executive orders could bring<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3789,622,1928,1112,1720,271,1126,78,452,2465,742,4808,3898,1599,3426,117,4809,1093,4439,4810,656,1207,1967,927,3492,521,1073,439,268,817,2229,3698,2564,1276,1173,290,3420],"tags":[3791,627,1938,1113,1725,277,1128,86,454,2466,744,4811,3902,1601,3428,119,4812,1095,4440,4813,658,1208,1969,929,3495,524,1076,443,274,821,2231,3700,2580,1278,1177,296,3424],"class_list":["post-7894","post","type-post","status-publish","format-standard","hentry","category-alexei-bulazel","category-biden-administration","category-border-gateway-protocol","category-budget","category-center-for-democracy-technology","category-china","category-cyber-workforce","category-cybersecurity","category-cybersecurity-and-infrastructure-security-agency-cisa","category-darpa","category-def-con","category-digital-identity","category-eric-swalwell","category-executive-order","category-foundation-for-defense-of-democracies","category-government","category-health-isac","category-house-homeland-security-committee","category-institute-for-security-and-technology","category-mark-montgomery","category-national-cyber-director","category-national-security-council-nsc","category-national-security-memorandum-22","category-nist","category-obama-administration","category-office-of-the-national-cyber-director","category-open-source","category-policy","category-privacy","category-regulation","category-resilience","category-sean-cairncross","category-sean-plankey","category-secure-by-design","category-threat-hunting","category-trump-administration","category-u-s-cyber-trust-mark","tag-alexei-bulazel","tag-biden-administration","tag-border-gateway-protocol","tag-budget","tag-center-for-democracy-technology","tag-china","tag-cyber-workforce","tag-cybersecurity","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-darpa","tag-def-con","tag-digital-identity","tag-eric-swalwell","tag-executive-order","tag-foundation-for-defense-of-democracies","tag-government","tag-health-isac","tag-house-homeland-security-committee","tag-institute-for-security-and-technology","tag-mark-montgomery","tag-national-cyber-director","tag-national-security-council-nsc","tag-national-security-memorandum-22","tag-nist","tag-obama-administration","tag-office-of-the-national-cyber-director","tag-open-source","tag-policy","tag-privacy","tag-regulation","tag-resilience","tag-sean-cairncross","tag-sean-plankey","tag-secure-by-design","tag-threat-hunting","tag-trump-administration","tag-u-s-cyber-trust-mark"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/alexei-bulazel\/\" rel=\"category tag\">Alexei Bulazel<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/biden-administration\/\" rel=\"category tag\">Biden administration<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/border-gateway-protocol\/\" rel=\"category tag\">Border Gateway Protocol<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/budget\/\" rel=\"category tag\">budget<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/center-for-democracy-technology\/\" rel=\"category tag\">Center for Democracy & Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/china\/\" rel=\"category tag\">China<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cyber-workforce\/\" rel=\"category tag\">cyber workforce<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/darpa\/\" rel=\"category tag\">DARPA<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/def-con\/\" rel=\"category tag\">DEF CON<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/digital-identity\/\" rel=\"category tag\">digital identity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/eric-swalwell\/\" rel=\"category tag\">Eric Swalwell<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/executive-order\/\" rel=\"category tag\">Executive order<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/foundation-for-defense-of-democracies\/\" rel=\"category tag\">Foundation for Defense of Democracies<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/health-isac\/\" rel=\"category tag\">Health-ISAC<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/house-homeland-security-committee\/\" rel=\"category tag\">House Homeland Security Committee<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/institute-for-security-and-technology\/\" rel=\"category tag\">Institute for Security and Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mark-montgomery\/\" rel=\"category tag\">Mark Montgomery<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/national-cyber-director\/\" rel=\"category tag\">National Cyber Director<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/national-security-council-nsc\/\" rel=\"category tag\">National Security Council (NSC)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/national-security-memorandum-22\/\" rel=\"category tag\">National Security Memorandum 22<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/nist\/\" rel=\"category tag\">NIST<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/obama-administration\/\" rel=\"category tag\">Obama administration<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/office-of-the-national-cyber-director\/\" rel=\"category tag\">Office of the National Cyber Director<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/open-source\/\" rel=\"category tag\">open source<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/policy\/\" rel=\"category tag\">Policy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/privacy\/\" rel=\"category tag\">Privacy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/regulation\/\" rel=\"category tag\">regulation<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/resilience\/\" rel=\"category tag\">resilience<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/sean-cairncross\/\" rel=\"category tag\">Sean Cairncross<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/sean-plankey\/\" rel=\"category tag\">Sean Plankey<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/secure-by-design\/\" rel=\"category tag\">secure-by-design<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threat-hunting\/\" rel=\"category tag\">Threat hunting<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/trump-administration\/\" rel=\"category tag\">Trump administration<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/u-s-cyber-trust-mark\/\" rel=\"category tag\">U.S. Cyber Trust Mark<\/a>","tag_info":"U.S. Cyber Trust Mark","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7894"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7894\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7894"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7894,"date":"2025-08-13T14:04:01","date_gmt":"2025-08-13T19:04:01","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=85564"},"modified":"2025-08-13T14:04:01","modified_gmt":"2025-08-13T19:04:01","slug":"the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/08\/13\/the-overlooked-changes-that-two-trump-executive-orders-could-bring-to-cybersecurity\/","title":{"rendered":"The overlooked changes that two Trump executive orders could bring to cybersecurity"},"content":{"rendered":"