The Trump administration on Friday released an upgraded cybersecurity executive with nearly a dozen directives aiming to beef up national security, from the adoption of AI and post-quantum cryptology to IoT labeling and defending against nation-state threats.
The new directives are meant to build upon two previous cyber executive orders: EO 13694, signed by then-President Barack Obama in 2015, and former President Joe Biden's Strengthening and Promoting Innovation in the Nation's Cybersecurity EO 14144, signed on January 16, 2025, just before leaving office.
“I am ordering additional actions to improve our nation’s cybersecurity, focusing on defending our digital infrastructure, securing the services and capabilities most vital to the digital domain, and building our capability to address key threats,” Trump’s intro to the amended orders stated.
Replacing roughly eight sections throughout the previous EOs, the president zeroed in on the most “active and persistent” threats to national security, calling out China, Russia, Iran, and North Korea directly by name.
“These [nation-state] campaigns disrupt the delivery of critical services across the nation, cost billions of dollars, and undermine Americans’ security and privacy,” Trump said.
whitehouse.gov
AI integration tops the list for security experts
Some of the most notable amendments direct, by November 1st, 2025, the integration of AI into federal networks to manage vulnerabilities, and by August 1st, 2025, to advance secure software development.
“We are entering a new era of cybersecurity where AI and automation are everywhere, bringing with it new risks,” said Kevin Bocek, Senior Vice President of Innovation at CyberArk, an Identity security and access management solutions firm.
“Over the past few months, we’ve gained clearer insight into adversarial activity, particularly from China. As AI competition accelerates globally, we’re also seeing new attack areas emerge,” Bocek said.
AI will transform cyber defense by rapidly identifying vulnerabilities, increasing the scale of threat detection techniques, and automating cyber defense, the EO says.
Also, by November 1st, the administration expects all cyber defense research datasets to be made accessible to the broader academic research community.
Bocek praises the administration’s directive to refocus AI efforts towards identifying and managing vulnerabilities, rather than censorship.
“Proper AI development is a tool for predictive defense, threat detection at scale, and securing the rapidly growing ecosystem of machine identities, but we must also ensure we secure the AI itself, he explains.
“This is a national security priority, and the US needs a whole-of-government approach that embraces innovation while addressing today’s evolving threat landscape head-on, Bocek said.
📢 President Trump has signed an Executive Order to strengthen the nation's cybersecurity, addressing threats from foreign actors like China, Russia, and Iran. Key directives include:
undefined White House Wire (@whwire) June 6, 2025
🔒 Establishing secure software development practices by August 2025.
🖥️ Promoting post-quantum… pic.twitter.com/PtpyB3Kn5s
Addressing post-quantum cryptology
Another highlight addressed by Friday’s EO is the threats of post-quantum decryption, specifically addressing the time when quantum computers will gain the ability to break “much of the public-key cryptography” currently in use worldwide.
Security insiders warn of a future playground for the savvy hackers already hoarding reams of encrypted data in anticipation.
The directive will require the federal government to transition to cryptographic algorithms incapable of being cracked by a cryptanalytically relevant quantum computer or CRQC, and by December of this year, compile a regularly updated list of products that support post-quantum cryptography (PQC).
Like PQC, one urgent and critical threat Bocek worries about slipping through the cracks refers to something known as "machine identity sprawl."
“Machine identities, driven primarily by AI and cloud, now vastly outnumber human identities 82:1 within organizations – yet most organizations aren’t equipped to secure them,” he said.
Citing a recent CyberArk survey, the senior VP said 68% of organizations lack identity security controls for AI, while 75% of security professionals admit organizations prioritize business efficiencies over robust cybersecurity.
“The risks of not securing their identities are growing exponentially, and without clear federal guidance and accountability, this gap could become a major vulnerability in our national defense posture,” Bocek said.
Other amended directives in Trump's EO include a September 2025 update from the National Instiudte of Standards and Technology (NIST) on how to securely and reliably deploy patches and updates, and by January 2027, to require all internet-of-things (IoT) federal providers “to carry United States Cyber Trust Mark labeling for those products.”
And finally, with a three-year deadline date still a few years away, the EO additionally directs the Office of Management and Budget (OMB) to issue federal agency guidance on how to address critical risks and adapt modern practices and architectures across government IT systems and networks.
Your email address will not be published. Required fields are markedmarked