EO 14306
Sustaining Select Efforts To Strengthen the Nation's Cybersecurity and Amending Executive Order 13694 and Executive Order 14144
National SecurityTechnologyGovernment Reform
Ad Space (leaderboard)
Summary
This executive order amends two previous cybersecurity executive orders (14144 and 13694) to refocus cybersecurity efforts by removing certain provisions and establishing new timelines for federal agencies to develop guidance on secure software development practices, update cryptographic security standards, and prepare for post-quantum computing threats.
Key Points
- 1Amends Executive Order 14144 by removing multiple subsections and establishing new deadlines for NIST to develop secure software development guidance (by August 1, 2025) and update security control standards (by September 2, 2025)
- 2Requires development of a preliminary update to the Secure Software Development Framework by December 1, 2025, with a final version due within 120 days
- 3Directs CISA and NSA to create and maintain a list of product categories supporting post-quantum cryptography by December 1, 2025, in preparation for potential quantum computing threats
- 4Names China as the most active and persistent cyber threat, with Russia, Iran, and North Korea identified as significant threats to U.S. government, private sector, and critical infrastructure
This summary is for informational purposes only. It may not capture all nuances of the executive order. Always refer to the official text for authoritative information.
Ad Space (rectangle)
Related Executive Orders
EO 14152National Security
Holding Former Government Officials Accountable for Election Interference and Improper Disclosure of Sensitive Governmental Information
EO 14157National Security
Designating Cartels and Other Organizations as Foreign Terrorist Organizations and Specially Designated Global Terrorists
EO 14166National Security