Outgoing U.S. President Joe Biden signed a cybersecurity-related executive order today that’s aimed at strengthening national cybersecurity and making it easier to pursue foreign adversaries and hacking groups that try to undermine U.S. systems.

The “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity” covers a range of initiatives designed to address the evolving nature of cyberthreats and reinforce the country’s defenses.

The order calls for the establishment of minimum cybersecurity standards for government technology contractors to ensure that contractors demonstrate compliance with specific security benchmarks, reducing vulnerabilities in federal systems. The government aims to close gaps often exploited by threat actors in the supply chain by making sure that contractors are in compliance with minimum standards.

To enhance national capabilities against foreign cyber adversaries, the order expands the scope of sanctions available under previous directives, including increased penalties targeting individuals and entities responsible for ransomware attacks on critical infrastructure, healthcare systems and other essential services.

Quantum computing and artificial intelligence get a look-in in the executive order. Federal agencies are being directed to adopt new cryptographic standards that can withstand the computational power of quantum attacks to ensure the long-term resilience of sensitive data and communication systems. On the AI front, the order mandates the development of AI-powered tools to automate the detection and response to vulnerabilities across government networks.

The order also requires that all vendors to the U.S. government of internet of things devices be compliant and labeled with a U.S. Cyber Trust Mark by Jan. 4, 2027. The Trust Mark, announced by the White House earlier this month, is a cybersecurity labeling program for internet-connected devices that aims to help consumers easily identify products that meet established cybersecurity standards.

Finally, the order also allocates resources for workforce development in the cybersecurity sector, including funding for training programs and partnerships with educational institutions to create a pipeline of skilled professionals. The initiative aims to address the growing shortage of cybersecurity talent while promoting innovation in both the public and the private sectors.

Exactly how many of these policies introduced in the executive order will live past the inauguration of President-elect Trump on Monday are unclear, although there doesn’t appear to be any obvious partisan politics in the orders. On the surface, they seem reasonable and that’s a view shared by cybersecurity experts.

“President Biden’s final cybersecurity executive order takes a bold step in addressing the evolving threats our nation faces, particularly from adversarial states like China, Russia and North Korea,” Andrew Borene, executive director of global security for cyberthreat intelligence company Flashpoint and a former Office of the Director of National Intelligence senior official, told SiliconANGLE via email. “With its focus on secure software standards, emerging technologies, and critical infrastructure, the order demonstrates a clear understanding of the challenges at hand and the need for decisive action.”

Recognizing the issues with the timing, Lorri Janssen-Anessi, director of external cyber assessments at supply chain defense firm BlueVoyant LLC., noted that the timing of the new order, coming at the tail end of an administration, raises legitimate concerns regarding the possibility of its implementation.

“That being said, it’s important to recognize that cybersecurity is largely viewed as a bipartisan issue,”  Janssen-Anessi added. “Protecting national infrastructure and data from cyberthreats is a shared priority across political divides. Given the critical nature of the threats and the fact that cyber incidents do not respect political boundaries, it is likely that the incoming administration will recognize the value in continuing to support and implement many of the executive order’s objectives.”

One interesting takeaway is that despite the last-minute on-the-way-out timing, the executive order was apparently known to be coming.

“This final executive order has been somewhat of an open secret in Washington, with drafts being circulated to a limited audience for a few weeks now,” Casey Ellis, founder of crowdsourced cybersecurity platform provider Bugcrowd Inc., told SiliconANGLE. “The White House and especially departments like the Office of the National Cyber Director have built up a lot of technical expertise on the topics covered by this EO over a particularly transformational time in technology and many of those involved are political appointees or staffers whose tours are coming to a close.”

Ellis is not confident that the executive order will remain in place, though, adding that “despite the strong chance that the order will be promptly reversed with the administration change, this EO is a clear effort to ensure that the core cybersecurity, safety and international relations equities conclusions developed over the past four years are a part of the U.S. policy zeitgeist.”

Image: SiliconANGLE/Ideogram