Skip to main content
IT Strategy

Potential Biden cybersecurity EO could survive the incoming administration, one expert says

“I see this as kind of an accumulation of what’s already been happening,” one expert says.
article cover

Win Mcnamee/Getty Images

3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

With just under two months left, President Joe Biden’s White House is preparing a second executive order on cybersecurity—but with an incoming ideologically opposite administration, some experts are raising concerns over how policy is made.

Jay Trinckes, CISO at Thoropass, told IT Brew that he sees the ups and downs from president to president as somewhat immaterial when it comes to security. There’s a bipartisan aspect to how security is approached, in Trinckes’s view, and Biden’s executive order should be seen as part of that consensus.

“The new administration coming back in is going to be very serious about cybersecurity and making sure that our proprietary information or protective information isn’t going to get out into the wrong hands,” Trinckes said. “I see this as kind of an accumulation of what’s already been happening.”

Changes. But the Biden move can also be seen indicative of the overall problems of utilizing executive orders to set cyber policy. Orders can be as easily undone as made, leaving organizations confused and insecure in the face of a changing threat landscape. As Michael Bahar, Eversheds Sutherland co-lead of global cybersecurity and data privacy, told Urgent Communications, the incoming administration isn’t known for its caution.

“We are going to see—at the federal level—a deprioritization of cybersecurity regulations and cybersecurity enforcement,” Behar said.

The optimistic way to look at it, Cyber Threat Alliance head Michael Daniel told NextGov/FCW before the election, is that the White House was making sure whoever came into office would have the best tools available.

“Doing an EO like this is—it’s the administration trying to lay the foundation for the next wave of work that needs to happen,” Daniel said.

According to CyberScoop, the order in development addresses a number of evolving concerns, including AI, cloud security, and identity access management. In September, White House Deputy National Security Advisor Anne Neuberger told an audience at the Billington Cybersecurity Summit that AI’s potential means that the outgoing administration needs to focus on giving guidance.

“As we work on the Biden administration’s potentially second executive order on cybersecurity, we’re looking to incorporate some particular work in AI, so that we’re leaders in the federal government in breaking through in each of these three areas and making the tech real and proving out what’s possible,” Neuberger said.

Private to public. Trinckes told IT Brew he’s generally skeptical about the role of the government in dictating industry safety and processes. Still, executive orders can be useful to set policy priorities.

“Things are a little bit slow when it comes to the federal space and regulations, those are always going to be behind what the technology is at,” Trinckes said. “But it’s a start, right? You need to start somewhere. You need to set your baselines.”

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.