The Biden administration’s legacy in cybersecurity: What to expect under the Trump administration

The cybersecurity landscape in the United States has changed significantly during President Joe Biden’s tenure. Facing persistent cyberattacks from foreign adversaries, such as Russia, China, and Iran, as well as escalating ransomware threats, the Biden administration has made concerted efforts to strengthen the nation’s cyber defenses.

However, with the possibility of a second Trump presidency looming, experts are concerned about the future trajectory of U.S. cybersecurity policies and whether the work begun by the Biden administration will be continued or dismantled.

The rise of cybersecurity challenges

When Biden took office, he inherited a deeply concerning cybersecurity situation. A month before his inauguration, Russian state-sponsored hackers executed one of the most sophisticated cyberattacks in history, breaching SolarWinds—a software provider that works with U.S. government agencies, businesses, and critical infrastructure.

This attack, which affected Fortune 500 companies, hospitals, and key government departments, served as a stark reminder of the vulnerabilities within the country’s digital infrastructure.

The SolarWinds breach underscored the urgent need for comprehensive action to bolster cybersecurity at every level of government and across the private sector. Biden, acknowledging the severity of the threat, ordered a full investigation and swiftly imposed sanctions on Russia.

In his early months in office, the president issued a series of executive orders aimed at improving the nation’s cybersecurity framework, securing critical systems from increasingly sophisticated threats, and strengthening data security measures across key sectors.

Key Biden initiatives: A digital-first approach

Under Biden’s leadership, cybersecurity became a central pillar of national security policy. His administration focused on shifting responsibility for securing the digital landscape from end-users to software developers and organizations best positioned to protect the nation’s infrastructure.

In May 2021, Biden signed an Executive Order on Strengthening the Nation’s Cybersecurity, which included directives aimed at enhancing the security of the federal government’s digital systems, improving collaboration with the private sector, and addressing vulnerabilities in the software supply chain.

One of the most notable initiatives was the push for zero trust architecture in federal systems. Zero trust, an approach that requires continuous verification of users, devices, and applications before granting access to systems, was seen as an essential method to reduce the risk of lateral movement by attackers once inside a network. Additionally, Biden’s team worked on fostering greater public-private information sharing, which would allow private companies to share cyber threat intelligence with the government to improve collective defenses.

The Biden administration’s focus on digital modernization included cloud-first, AI-led approaches to tackling cyber threats. As technology advanced, the U.S. government was urged to adopt systems capable of responding quickly to emerging threats.

Moreover, there was a concerted push to make cybersecurity a more integral part of the federal procurement process, ensuring that agencies prioritized secure technologies when awarding contracts. Data privacy was also a priority, with efforts to ensure that sensitive information was safeguarded against breaches, theft, and unauthorized access.

Mixed results: Challenges in implementation

Despite the progress made on paper, the Biden administration’s cybersecurity policies have faced significant challenges in terms of implementation. While many of the president’s initiatives were visionary, they lacked the structural and bipartisan support necessary to ensure their long-term success. According to experts, policies like zero trust adoption and critical infrastructure protection often faced hurdles due to budgetary constraints, political disagreements, and lack of buy-in from key stakeholders.

Jordan Burris, a former chief of staff to the U.S. Chief Information Officer (CIO), pointed out that many of Biden’s cybersecurity initiatives lacked the necessary momentum for long-lasting impact. “Federal efforts around zero trust adoption and critical infrastructure protection hinge on sustained funding and collaboration, which could falter under a new administration,” he noted.

Another key challenge was the lag in implementing basic transparency measures, such as software bills of materials (SBOMs). SBOMs provide visibility into the components of software, allowing organizations to identify potential vulnerabilities.

While Biden’s team pushed for greater transparency, progress in this area remained slow, particularly about ensuring that software vendors took responsibility for vulnerabilities in their products. This delay also posed risks to both data privacy and data security, as vulnerabilities in software systems could expose sensitive information to cybercriminals.

Global cybersecurity landscape: Emerging threats

The U.S. faced escalating global cyber threats, especially from Russian hackers tied to ransomware targeting hospitals, financial institutions, and critical infrastructure. Cybercriminals increasingly exploited vulnerabilities for financial gain, with high-profile targets including municipalities, educational institutions, and government agencies.

China emerged as a significant cyber adversary, making substantial investments in cyber espionage and intellectual property theft over the past two decades. This shift raised concerns as China began to dominate crucial sectors like AI and semiconductors, posing a growing threat to U.S. private industry and national security. The administration collaborated with international allies, particularly in Europe, to strengthen global norms on cyberattacks and hold nations accountable for cyber misconduct.

Cybersecurity policy under Trump

As President-elect Donald Trump gets ready to take office, cybersecurity experts are raising concerns about the future of U.S. cyber policy. While Trump has expressed support for a strong defense against cyberattacks, there is uncertainty regarding how his administration will approach issues like zero trust, software supply chain security, encryption, and public-private collaboration.

Experts warn that under Trump, U.S. cybersecurity policy could take a more isolationist approach, possibly distancing the U.S. from multilateral efforts and focusing more on unilateral actions. This could have significant ramifications for global cybersecurity, as U.S. leadership in international cooperation is considered crucial for tackling cyber threats that transcend national borders.

Additionally, Trump’s stance on data security and data privacy may shift towards a more lenient regulatory approach, potentially undermining efforts to ensure that American companies adhere to global privacy standards.

The future of cybersecurity: Impacts ahead

The future of U.S. cybersecurity faces a crucial inflection point. Under Biden, the nation made important strides in addressing cybersecurity challenges, but many of these efforts are at risk of being undermined by the lack of bipartisan support and the potential rollback of key policies under the next administration.

One of the biggest concerns for experts is whether the U.S. can maintain its competitive edge in cybersecurity against China, whose growing cyber capabilities could pose a long-term threat to U.S. interests. While Biden’s approach emphasized collaboration with international allies to counter China’s cyber activities, it remains to be seen whether a second Trump administration will maintain this global stance or pursue a more nationalistic cyber policy.

The role of technology in cybersecurity

As cyber threats grow, the importance of technology, particularly AI, increases. AI systems help detect and neutralize threats in real-time, but they require strong infrastructure and regular updates to stay effective.

Encryption is vital for protecting sensitive data, especially as cybercriminals use more advanced methods. Biden focused on improving data privacy to secure personal information against growing cyber risks. Cyber resilience is also critical. With more sophisticated attacks, U.S. organizations need strategies to recover quickly, shifting from just preventing attacks to ensuring continued operation during disruptions. Biden’s policies have emphasized this approach.

Navigating an uncertain future

As the U.S. faces a changing cybersecurity landscape, the future remains uncertain. Biden’s efforts have set the foundation for a more secure digital future, but the next administration’s decisions will determine whether these initiatives continue or are undone. Rising cyber threats require a unified approach to cybersecurity across all sectors.

To stay a global cybersecurity leader, the U.S. must continue investing in advanced technologies, strengthen international cooperation, and ensure its infrastructure is resilient to evolving threats. The next administration’s stance on cybersecurity, especially concerning data security, data privacy, and encryption, will significantly impact national and global security.