Executive Order Summary
The President signed the Order on May 12, as part of an effort to modernize the nation’s approach to cybersecurity and protect federal government networks. While focused in large part on shoring up federal agencies’ cyber defenses and incident response capabilities, the Order also instructs federal officials to begin work on reforms to federal procurement policies that would impose new cyber threat information-sharing obligations on government contractors. In addition, the Order envisions new mandatory secure software development standards for companies that develop software used on government networks. The Order is widely understood to be a response to recent high-profile software supply chain cyberattacks, as announced in late 2020 and early 2021, that affected many private and public sector entities.
Goals of the NIST Workshop
Government officials who presented at the workshop underscored NIST’s desire for ongoing and robust engagement with industry leaders as new cybersecurity standards take shape. For instance, Jeff Greene, Acting Senior Director for Cybersecurity on the National Security Council, likened the workshop to early discussions…
