Trump's first week back in office sees major changes in cybersecurity, with repeals, restructurings, and controversial pardons shaping the new landscape.
Trump’s first days back in office have been a flurry of executive orders and drastic government cuts. In addition to several laws on immigration, the environment, crime, and federal DEI initiatives, Trump also made moves that could affect the nation’s cybersecurity. Here are some of the cyber-related actions that may have slipped under the radar in the storm of federal changes.
Artificial Intelligence
Shortly after being inaugurated, President Donald Trump repealed Biden’s 2023 executive order on artificial intelligence (AI). The original order set up guidelines for safely developing and using AI, to limit “societal harms such as fraud, discrimination, bias, and disinformation; displace and disempower workers; stifle competition; and pose risks to national security.” The order also asked for a stronger understanding of AI’s cybersecurity risks and required tech companies creating powerful AI models to discuss details with the government before a public release.
On January 23, 2025, Trump signed an executive order on artificial intelligence (AI) that called Biden’s executive order “dangerous” as it “hinder[ed] AI innovation and impose[d] onerous and unnecessary government control over the development of AI.” Trump also said that the leaders of OpenAI, Oracle, and SoftBank have committed up to $500 billion to the Stargate project, which could build AI infrastructure in the US.
Restructuring Federal Agencies
In a January 20, 2025 memo, Acting Secretary Benjamine Huffman terminated “all current memberships on advisory committees within DHS” as part of the Department of Homeland Security’s “commitment to eliminating the misuse of resources and ensuring that DHS activities prioritize our national security”. The ‘misuse of resources’ is the main focus of the newly created Department of Government Efficiency (DOGE), which was also officially established through an executive order. While the order charges the department with upgrading information technology (IT) systems, the DHS move to terminate advisory committees (effectively dismantling the current Cyber Safety Review Board (CSRB)) may have serious consequences for cybersecurity oversight.
The CSRB was established through Biden’s Executive Order on Improving Nation’s Cybersecurity to “make concrete recommendations for improving cybersecurity” after a significant cyber incident. Last year, the board released a report calling out errors Microsoft made that allowed a China-based nation-state group to breach several organizations. Until this week, the board was in the middle of investigating the Salt Typhoon hack, which was called the “worst telecom hack in our nation’s history”, along with the other Typhoon hacks. These cyberattacks came from PRC-sponsored hackers and pose a serious national security threat, particularly because of the vast reach of their intrusions. Representative Mark Green (R-Tenn) suggested that the DHS memo does not spell the end of the CSRB: “as with any new administration, President Trump is assembling his team.”
The Cybersecurity and Infrastructure Security Agency (CISA) may also be affected by the push to downsize federal agencies. South Dakota Governor and Trump’s nominee for the Secretary of the DHS, Kristi Noem said “CISA needs to be much more effective, smaller, more nimble, to really fulfill their mission, which is to hunt and to help harden our nation’s critical infrastructure,” when asked about CISA in her confirmation hearing. Noem suggested that CISA was too invested in their efforts to stop misinformation and disinformation to complete this mission.
Pardons
While most media coverage on Trump’s pardons focuses on the January 6 Capitol attackers, his pardoning of Ross Ulbricht on January 21, 2025, has also garnered some attention. Ulbricht created and managed the ‘Silk Road’, an anonymous marketplace that ran from 2011 to 2013. The site was known for cybercrime and drug trafficking, and Ulbright himself was convicted of “distributing narcotics, distributing narcotics by means of the Internet, conspiring to distribute narcotics, engaging in a continuing criminal enterprise, conspiring to commit computer hacking, conspiring to traffic in false identity documents, and conspiring to commit money laundering.” Trump commuted UIbright’s lifetime sentence as part of a campaign promise to the libertarian party.
This long list is only from week one of Trump’s second term - time will tell just how transformative these actions are on the nation’s cybersecurity.