On January 16, 2025, during his final days in office, former President Joe Biden signed Executive Order 14144, “Strengthening and Promoting Innovation in the Nation’s Cybersecurity.” EO 14144 introduces cybersecurity standards for federal agencies and contractors, mandates secure software development practices, and seeks to enhance the nation’s resilience against cyber threats.
Key Highlights of Biden’s EO 14144:
- Enhanced Cybersecurity Standards: Federal agencies and contractors must adhere to specific agency-created cybersecurity protocols, ensuring the protection of sensitive data and infrastructure.
- Secure Software Development: Vendors must demonstrate secure software development practices, providing evidence of compliance to bolster the security of software supply chains.
- Sanctions on Cyber Adversaries: The order facilitates placing sanctions on foreign entities involved in cyberattacks, particularly targeting nations like China, Iran, Russia, and North Korea.
- Quantum Computing Preparedness: Federal agencies have been instructed to enhance their cybersecurity measures against the emerging threats posed by quantum computing technologies on the cutting edge of cyberwarfare.
The Future of EO 14144 under the Trump Administration:
Cybersecurity is crucial to national security and consistently has received bipartisan support in Congress. As of this writing, President Donald Trump has not rolled back EO 14144 or made any announcement regarding the future of this specific cybersecurity order.[1] However, it is anticipated that the new administration may modify EO 14144 by reducing compliance requirements, shifting focus to emerging threats, or emphasizing partnerships with private firms over direct federal enforcement. The Trump Administration could also repeal the order entirely, citing overregulation, or pause implementation in order to assess the order’s effectiveness and potential consequences.
Managing Your Company’s Cybersecurity Risk:
The ever-evolving cybersecurity landscape creates risks that businesses must navigate. To manage cybersecurity risk effectively, it is essential to adopt flexible, scalable cybersecurity practices, monitor regulatory updates, and invest in resilience to adapt to potential policy shifts.
As we enter the new year, this is an ideal opportunity to reassess your company’s cybersecurity posture. This can be achieved through several key initiatives:
- Compliance Assessment: Ensure your current cybersecurity measures align with the latest federal requirements.
- Secure Software Development Consulting: Assist your development teams in adopting and demonstrating secure coding practices.
- Vendor Management Strategies: Strengthen your vendor ecosystem to withstand future threats from regulatory and technological advancements.
Contact Shields Legal to start a conversation regarding cybersecurity risk management.
[1] On Inauguration Day, January 20, 2025, President Trump revoked Biden’s 2023 Executive Order, “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.”
