Former President Joe Biden issued an Executive Order (EO) entitled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity” on January 16, 2025. The EO is designed to
- Remove Barriers to Threat Information Sharing Between Government and the Private Sector
- Modernize and Implement Stronger Cybersecurity Standards in the Federal Government
- Improve Software Supply Chain Security
- Establish a Cyber Safety Review Board
- Create Standardized Playbook for Responding to Cybersecurity Vulnerabilities and Incidents
- Improve Investigative and Remediation Capabilities
According to the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA), the EO – which is not posted to the new White House website – aims to “improve accountability for software and cloud service providers, strengthen the security of Federal communications and identity management systems, and promote innovative developments and the use of emerging technologies for cybersecurity.”
The EO charges NIST with:
- Operationalizing Transparency and Security in Third-Party Software Supply Chains
- Securing Federal Communications
- Solutions to Combat Cybercrime and Fraud
- Promoting Security with and in Artificial Intelligence
- Aligning Policy to Practice.
NIST is to complete these tasks between March and November 2025.
CISA’s role in implementing the EO includes:
- Removing Barriers to Threat Information Sharing Between Government and the Private Sector
- Modernizing and Implementing Stronger Cybersecurity Standards across the Federal Government
- Improving Software Supply Chain Security
- Establishing a Cyber Safety Review Board
- Creating Standardized Playbook for Responding to Cybersecurity Vulnerabilities and Incidents
- Improving Detection of Cybersecurity Incidents on Federal Government Networks
- Improving Investigative and Remediation Capabilities
These goals are all needed and admirable. We will see how this develops throughout the year.