President Trump Orders Federal Cyber Security Responsibilities Be Reduced

Uploaded on 2025-07-17 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

Donald Trump has signalled a major change in US cyber security policy. Government Executive Order (EO) 14306 reduces federal cyber security responsibilities in favor of the private sector,  changing the earlier Biden and Obama initiatives, which focused on centralising cyber security governance. 

While some Government agencies maintain some cyber security obligations, including threat hunting and IoT security, under the new Cyber Trust Mark standards, the overall federal involvement in cyber governance is reduced.

Order14306 called 'Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity' and unlike prior administrations that consolidated cyber security authority within federal agencies, this Order redistributes or removes federal responsibilities, promotes private sector leadership, and amends Obama’s Executive Order 13694 and Biden’s 14144. 

Key Points include:-

  • Removes federal requirements for secure software attestations from contractors, shifting cyber security best practices to voluntary NIST guidelines.
  • Eliminates digital identity initiatives, including mobile driver’s licenses and digital identity verification. 
  • Restricts cyber sanctions to foreign persons only, reaffirming but narrowing existing IEEPA-based sanction authorities 
  • Limits the use of  AI within agencies to cybersecurity automation rather than broader AI integration.
  • Reduces requirements for post-quantum cryptography adoption, potentially delaying quantum-resistant cyber readiness.
  • Continues programs such as Cyber Trust Mark IoT security, supply chain risk management under  NIST regulations, threat hunting, and securing federal Internet/email traffic.   

The impact of these changes are signifiant for several reasons: 

  • Decentralises US cyber policy raises questions about the private sector’s capacity to handle nation-state threats without robust federal leadership.
  • Reverses or weaken previous regulatory gains, potentially affecting national digital security standards and supply chain integrity.
  • Signals a deregulatory posture, aligning with broader Trump administration goals to limit federal mandates on industry.

By removing federal cyber security mandates and pushing responsibilities to the private sector, the US may face fragmented cyber defense readiness against nation-state adversaries like China, Russia, Iran, and North Korea.

The White House  |  Oodaloop  |  Cyberscoop  |  UC Santa Barabara  |  N. Dakota Monitor  |  FCC  |  

Image:

You Might Also Read: 

Former CISA Director Accused Of 'Bad Faith':

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Britain Imposes Sanctions On Russian Cyber Spies

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

InfoSec World

InfoSec World

InfoSec World conference and expo covers all aspects of information security with a broad agenda of sessions on key security issues.

CybergymIEC

CybergymIEC

CybergymIEC is a global leader in cyber defense solutions and training services.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

App-Ray

App-Ray

App-Ray provides fully automated security analysis of mobile applications to find security issues, privacy breaches and data leaking potentials.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

InfoGuard

InfoGuard

InfoGuard is a leading Swiss company providing comprehensive cyber security and network solutions.

Altron

Altron

Altron provides locally relevant innovative and integrated ICT solutions to business, government and consumers.

CUJO AI

CUJO AI

CUJO AI is the global leader in the development and application of artificial intelligence to improve the security, control and privacy of connected devices in homes and businesses.

Wolf Hill Group

Wolf Hill Group

Wolf Hill Group, a Slone Partners company, is a national recruitment firm focused on Cybersecurity.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

1Kosmos

1Kosmos

1Kosmos provide Digital Identity and Passwordless Authentication for workforce and customers. Powered by advanced biometrics and blockchain technology.

Kordia

Kordia

Kordia is a leading provider of mission-critical technology solutions throughout Australasia. We have the most comprehensive cyber security offering in New Zealand.

E2E Technologies

E2E Technologies

E2E Technologies are a proactive, SLA-beating, managed service provider that busts the common stereotypes surrounding IT.

Resillion

Resillion

Resillion (formerly Eurofins Digital Testing) is a global leader in quality engineering and cyber security services with operations in Europe, US, UK, India and China.

Acumenis

Acumenis

At Acumenis, we help organisations of all sizes to manage information security effectively. Our key services are penetration testing, ISO 27001 implementations, and security

CyberSentriq

CyberSentriq

CyberSentriq provides an unmatched combination of proactive AI-driven email and web security, advanced data protection, and operational resilience.