Trump Massively Rolls Back Biden and Obama's Cybersecurity Policies

June 7, 2025: President Donald Trump signed an executive order comprehensively revising and withdrawing major cybersecurity policies established during the Obama and Biden administrations. This action simultaneously targets Obama 2015 cyber sanctions order (Executive Order 13694) and Biden January 2025 cybersecurity strengthening directive (Executive Order 14144 -- signed in Biden final days). The Trump administration judged that existing policies caused unrealistic regulation and excessive government intervention -- presenting a strategy to reorganize around essential security strengthening and autonomous response. Key Biden EO 14144 provisions being reversed: mandatory AI security testing requirements for federal AI procurement; quantum-resistant cryptography adoption timelines; digital identity verification standards; software supply chain security requirements (SBOM mandates); incident reporting obligations for critical infrastructure. What is being maintained: the public-private information sharing frameworks (ISACs) that were established under Obama and expanded under Biden; the CISA role in coordinating civilian government cybersecurity (though with reduced funding and authority); international cyber cooperation agreements. The strategic rationale offered: the Trump administration argues that prescriptive federal mandates create compliance burden without improving security; industry-led voluntary approaches allow more flexible and faster adaptation to threats; government regulation crowds out private innovation in cybersecurity. The criticism: cybersecurity experts argue that voluntary approaches have historically underperformed -- the SolarWinds, Microsoft Exchange, and Colonial Pipeline attacks all occurred under voluntary frameworks; the reversal of AI and quantum security requirements is particularly concerning given the 10-year timeline needed for organizations to migrate to quantum-resistant cryptography.