Upcoming executive order aims to use AI to enhance federal cybersecurity efforts

An upcoming executive order soon to be signed by President Joe Biden will include language around using artificial intelligence for cyber defense, along with efforts to massively enhance the cybersecurity of federal technologies, according to a summary of the executive order shared with POLITICO.

The order has been in the works since at least last summer and will be the third and final executive order focused on cybersecurity policy issues of Biden’s remaining term in office. It will represent a grab-bag of final cyber requirements before Biden departs, though its future under the incoming Trump administration is uncertain, as Trump has not yet made clear his intentions for strengthening cyber policies.

According to the summary, the executive order would establish a program at the Pentagon for using AI models to plus-up cyber defense efforts. In addition, the executive order would create a pilot program in the energy sector for using AI to enhance cybersecurity.

This would likely build upon work by the Pentagon’s Defense Advanced Research Projects Agency to investigate how to use AI to build up cybersecurity of critical systems. Anne Neuberger, deputy national security adviser for cyber and emerging technology, told POLITICO in August that she was working to connect the Energy Department and DARPA to put the findings into use.

The order also addresses wider issues, like software security, which in recent years has become a headache for the Biden administration. Multiple major cyber incidents have been caused by hackers exploiting vulnerabilities in faulty software used broadly by federal agencies and private companies alike.

The executive order would change federal acquisition regulations to require software companies providing their products to federal agencies to submit documentation to the Cybersecurity and Infrastructure Security Agency proving they have implemented strong cybersecurity efforts. This is a formalization of the process that CISA rolled out early last year.

Cloud security is another focus of the executive order. The order would require the Federal Risk and Authorization Management Program, or FedRAMP, to develop policies to push private sector cloud service providers to step up the security of their systems, particularly if they are securing federal data.

Among the provisions is a requirement, first reported by POLITICO, for federal agencies to move to only purchasing internet-connected devices that have been given the voluntary Cyber Trust Mark label. The program, overseen by the Federal Communications Commission, allows companies to obtain a label certifying the cybersecurity of their products if they are built to specific standards from the National Institute of Standards and Technology.

The summary indicated that there would be efforts to create “digital identity documents and validation services,” though did not go into further details. NextGov reported earlier this week that this will involve a push for agencies to use more digital documents, like driver's licenses, to help speed up the process of applying for public benefits.

The order is also calling to step up the cybersecurity of U.S. satellites, an issue increasingly in the spotlight as nations like Russia and China threaten U.S. assets in space. Another clause in the order would establish working groups at CISA to help with conducting more threat hunting in federal networks, and end point detection and response.

A spokesperson for the White House National Security Council was not immediately able to comment on the details of the executive order, or when Biden plans to sign it. Neuberger, who spearheaded the order, is planning to step down from her role on Jan. 17 at the end of next week, limiting the timeline for signature.

It is unclear whether President-elect Donald Trump will allow the order to remain in place once he takes office, though cybersecurity issues are typically of bipartisan concern, particularly as state-backed cyber intrusions remain major issues of national security. Trump has not commented on the pending order publicly, though he did sign an executive order to strengthen critical infrastructure cybersecurity in 2017.