President Donald Trump has signed a new cybersecurity executive order that, according to the White House, amends problematic elements of executive orders from the Biden and Obama administrations.
Executive Order 14306 aims to improve software development, border gateway (BGP) security, post-quantum cryptography (PQC), AI security, IoT security, encryption, and sanctions, as well as to prevent the abuse of digital identities.
It targets EO 14144 — signed by Biden in January 2025 — removing a section that encourages the acceptance of digital identity documents, over fraud concerns.
For software security, the Biden EO mandated attestations for federal contractors, which the new EO removes. In the case of PQC, the Trump EO simplifies the implementation roadmap.
The new executive order also targets EO 13694, which Obama signed back in 2015 to enable authorities to sanction entities that conduct cyberattacks against the US. Trump and Biden had extended that order, but the president has now changed the phrasing to allow sanctions only against foreign persons rather than any person.
Some professionals have pointed to the changes they see as being good for the industry, while others say they don’t agree with the modifications, or highlighted some important aspects that need to be considered.
