In President Biden's final week in office, he signed a sweeping executive order on cybersecurity incorporating lessons learned over the last four years.
From his first days in the White House, Biden was confronted with disruptive digital attacks, from Russian spying on U.S. government agencies through third-party software to ransomware attacks hitting hospitals and Chinese hackers burrowing into critical infrastructure.
Over time, the Biden administration found new ways to confront the spies and cybercriminals. They clawed back ill-gotten gains by targeting cryptocurrency wallets. They published detailed indictments zeroing in on individual hackers from across the globe. They shut down botnets and deleted malicious code off infected devices, to name a few examples.
But hackers continue to steal large amounts of data and dollars, and the threat is far from over.
The power of the purse
With that in mind, the new executive order released Thursday follows up on a previous one issued in Biden's first year in office. It's focused on further securing federal agencies and contractors, and giving the federal government more power to sanction the hackers who target critical infrastructure.
"The goal is to make it costlier and harder for China, Russia, Iran and ransomware criminals to hack, and to also signal that America means business when it comes to protecting our businesses and our citizens," said Anne Neuberger, Biden's outgoing Deputy National Security Advisor for Cyber and Emerging Technology, during a call with journalists.
On the defensive side, the U.S. government is using the power of the purse. Software vendors who sell to the government will have to prove they're using secure development practices to win and keep lucrative federal contracts. Standards for verifying compliance will be developed by the National Institute of Standards and Technology, or NIST. The executive order will also enforce cybersecurity standards for buying new space systems.
There's also a focus on fighting identity theft. The U.S. government is pushing industry to develop secure, privacy-protecting digital identity solutions. There's an emphasis on vendors securely storing private cryptographic keys for identity management.
Internally, the U.S. government will require agencies to adopt quantum-resistant algorithms to protect against theft and decryption by adversaries. And the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, or CISA, will be given more responsibility to hunt for known vulnerabilities across federal systems. They'll have more "centralized visibility," said Neuberger.
The Biden White House is also launching a partnership with the private sector to develop tools to use artificial intelligence to better secure the energy sector, specifically by scanning for vulnerabilities and automatically suggesting potential patches.
"It's a sector that's particularly targeted by countries and criminals," said Neuberger.
Finally, the executive order will make it easier for the federal government to slap sanctions on ransomware groups who target critical infrastructure like schools and hospitals.
Neuberger told reporters that the Biden team had not gone into specifics on the cybersecurity executive order with President-elect Donald Trump's transition team in advance, as he hasn't yet named his senior cybersecurity officials. She said they are open to those discussions once Trump's team is in place.
Incoming Trump officials can cancel or replace Biden's executive actions at will. But the hope, Neuberger said, is that the aims of the executive order are broadly bipartisan.
Industry and policy experts are praising the executive order and encouraging President-elect Trump to maintain and build on the Biden team's cybersecurity efforts.
"Cybersecurity and defending our nation's critical infrastructure against threats has always been a nonpartisan issue," said Ilona Cohen, the chief legal and policy officer for cybersecurity company HackerOne.
"We are particularly encouraged by the order's recognition of the potential for artificial intelligence to enhance cybersecurity and its focus on management of vulnerabilities involving AI systems and software," Cohen said. "We encourage the Trump administration to advance the order's provisions, particularly those aimed at staying ahead of China on security by using AI."
Copyright 2025 NPR
