Sustaining Select Efforts To Strengthen the Nation's Cybersecurity and Amending Executive Order 13694 and Executive Order 14144
Headline: Federal Agencies Ordered to Strengthen Cybersecurity Standards and Practices
What it does: Agencies must update cybersecurity standards, adopt quantum-resistant and AI security practices, and implement IoT product labeling and vendor requirements.
- Requires software developers to follow updated secure development guidance.
- Pushes agencies to prepare for post-quantum cryptography by 2030.
- Creates labeling requirement for consumer Internet-of-Things products sold to government.
Summary
This order strengthens the Nation's cybersecurity by directing federal agencies to update standards and require improved software and system protections. It focuses on secure software development and patching, preparing for quantum-resistant encryption, improving AI system security, and creating a trust label for Internet-connected devices purchased by the government.
The order affects the agency that sets cybersecurity standards (NIST), the agency that protects critical infrastructure (CISA), defense and intelligence components, federal buyers, technology vendors, software developers, and academic researchers.
It aims to reduce disruptions, protect privacy, and prepare federal systems for future cyber threats.
Ask about this order
Ask questions about this executive order and its implications.
What agencies are affected by this order?
How does this order change existing policy?
What are the practical implications of this order?