In a significant move to bolster the cybersecurity of the United States, President Donald Trump has amended Executive Order 14144, originally issued on January 16, 2025, which focuses on strengthening and promoting innovation in the nation’s cybersecurity.
The executive order outlines a comprehensive strategy to confront persistent cyber threats posed by foreign nations and malicious entities.
The newly amended order emphasizes that both the People’s Republic of China and other nations, including Russia, Iran, and North Korea, are actively engaged in cyber campaigns that significantly threaten U.S. government and private sector operations.
These campaigns are noted to disrupt critical services, incur substantial economic costs, and undermine the security and privacy of American citizens.
As part of the amendments, multiple sections related to existing guidelines and responsibilities have been restructured for clarity and effectiveness.
Specifically, the order revises key subsections, including directives to the Department of Commerce and the National Institute of Standards and Technology (NIST) regarding software security and development practices.
The order mandates that, by August 1, 2025, the Secretary of Commerce, through NIST, will establish a consortium with industry stakeholders to create guidance on secure software development frameworks based on NIST’s Special Publication 800-218.
Furthermore, the Secretary has until September 2, 2025, to update NIST Special Publication 800-53 to include more robust strategies for securely deploying updates and patches, ensuring that agencies implement best practices in software reliability and security.
In a push towards future-proofing U.S. cybersecurity, the order addresses the emerging threat posed by quantum computing to public-key cryptography.
The directive outlines that by December 1, 2025, the Secretary of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), will publish a list of available products supporting post-quantum cryptography.
Moreover, the National Security Agency is instructed to issue requirements for agencies to transition to updated Transport Layer Security protocols to counteract potential vulnerabilities from quantum computing technologies.
As artificial intelligence (AI) rapidly transforms the cyber defense landscape, the order recognizes the importance of incorporating AI technologies into cybersecurity protocols.
The Secretary of Commerce, the Secretary of Homeland Security, and the Secretary of Defense, among others, are tasked to ensure that datasets for cyber defense research become accessible to the academic community, promoting innovation in cybersecurity methodologies.
In addition, the executive order calls for agencies to align their cybersecurity policies with modern practices and focuses on improved security controls and network visibility.
Agencies are given a timeline of 3 years to issue revised guidance addressing critical risks and adapting to modern architectures, while OMB is directed to establish rules based on a ‘rules-as-code’ approach within a year.
Further, the Federal Acquisition Regulation Council is instructed to implement standards for consumer Internet-of-Things products sold to the federal government, ensuring they meet cybersecurity labeling requirements by January 4, 2027.
In a separate amendment to Executive Order 13694, which deals with actions against individuals engaging in malicious cyber-enabled activities, the definition of involved entities is refined.
The order specifies that it now only applies to ‘foreign persons,’ thus narrowing the scope of enforcement and reflecting a targeted approach towards external cyber threats.
This amendment is part of a broader effort to streamline and enhance the government’s capacity to manage cybersecurity efficiently while ensuring protections against foreign adversaries.
In line with his administration’s emphasis on combating cyber threats, President Trump underscored the necessity of these actions to safeguard the nation’s digital infrastructure.
As the executive order is set in motion, the President has urged relevant departments and agencies to prioritize these mandates effectively, moving swiftly to implement the outlined measures and strategies.
Through these revisions, the U.S. hopes to address the evolving challenges in cybersecurity, emphasizing the need for proactive and adaptive measures in technological defense strategies.
Overall, President Trump’s amendments signify a renewed commitment to enhancing national cybersecurity resilience, addressing vulnerabilities, and preparing against the next generation of cyber threats.
The administration aims to foster collaboration between the public sector and private industry, ensuring that best practices in cybersecurity are shared and widely adopted.
This comprehensive overhaul of Executive Orders demonstrates the urgency felt by the administration to respond to the shifting landscape of cybersecurity risks.
As the situation continues to evolve, it remains essential for the government to maintain vigilance and adapt to the dynamic threat environment characterized by rapid technological advancements and increasing sophistication of cyber criminals.
image source from:https://www.whitehouse.gov/presidential-actions/2025/06/sustaining-select-efforts-to-strengthen-the-nations-cybersecurity-and-amending-executive-order-13694-and-executive-order-14144/
