Biden to sign executive order on AI and software security
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Shoshana Gordon/Axios
President Biden will sign a wide-reaching cybersecurity executive order today that looks to strengthen the federal government's cybersecurity practices and improve AI-powered cyber defenses.
Why it matters: The order comes as the U.S. grapples with several high-profile Chinese government hacks of its systems and top officials' communications.
Zoom in: The executive order kicks off the process of setting up a slew of new cybersecurity requirements for government contractors and agency security teams.
- CISA will require government vendors to prove they're meeting specific cybersecurity requirements. Government cloud providers and aerospace contractors will also have their own unique set of requirements.
- Starting in 2027, the government will only buy smart devices certified through the U.S. Cyber Trust Mark program — a new "Energy Star" type program that verifies a devices' security.
- Federal agencies are required to start encrypting emails and other internal messages.
- CISA will develop tools so it can better see if a newly uncovered cyber threat at one agency is also affecting other offices.
- The Department of Energy will set up a pilot program later this year to look at ways critical infrastructure organizations can use AI to beef up their cyber defenses. The Pentagon will also stand up its own program to "use advanced AI models for cyber defense."
Reality check: It's unclear if President-elect Trump will keep the executive order in place once he's sworn in Monday.
- Trump is expected to sign new orders and revoke many of Biden's on his first day.
The big picture: The executive order is a grab bag of projects that the administration had been working on based on its time fighting a large number of high-profile hacks, including SolarWinds and Colonial Pipeline.
- "We've spent the last seven months carefully reviewing each hacking incident to determine exactly how the Chinese, other governments and criminals got through the gates," Anne Neuberger, deputy national security adviser for cyber and emerging threats at the White House, told reporters during a briefing.
- "The goal was to better understand how to better protect and secure these systems and stay ahead of new threats," she added.
What we're watching: Cybersecurity remains a bipartisan issue, and it's possible some of these new requirements hold up.
- Neuberger told reporters that her team has had broader conversations about cyber-specific national security issues, but her team has not had specific talks about the executive order given Trump has yet to name her replacement.
