The Inner Circle

 View Only
Back to discussions
Expand all | Collapse all

EO 14144 Strengthening and Promoting Innovation in the Nation's Cybersecurity

  • 1.  EO 14144 Strengthening and Promoting Innovation in the Nation's Cybersecurity

    Posted Jan 18, 2025 02:09:00 PM

    Hi All,

    Purpose:

    Address growing cybersecurity threats, from adversaries, by improving government, private sector, and critical infrastructure defenses.

    Key Actions:

    Software Security:

    • Enforce secure software development practices for Federal suppliers.
    • Require software providers to submit development attestations and validation artifacts.
    • Strengthen supply chain risk management.

    Open Source and Emerging Tech:

    • Provide guidance for secure use and contribution to open-source software.
    • Update cybersecurity frameworks, including NIST SP 800-218 and 800-53, for better secure software practices.

    Federal Systems:

    • Improve identity and access management with phishing-resistant authentication.
    • Expand threat detection with endpoint monitoring tools.
    • Strengthen cloud configurations using updated FedRAMP policies.

    Critical Infrastructure:

    • Launch AI pilots for cybersecurity in critical infrastructure, focusing on detection and patching.
    • Prioritize research on AI-driven cybersecurity solutions.

    Space and Communications:

    • Enhance cybersecurity for Federal space systems.
    • Improve internet traffic routing and DNS encryption.
    • Strengthen email security with transport and end-to-end encryption.

    Quantum Cryptography:

    • Transition Federal systems to post-quantum cryptographic standards by 2030.
    • Work with international partners to adopt these standards.

    Digital Identity and Fraud Prevention:

    • Promote secure digital identity documents for accessing public programs.
    • Introduce privacy-focused tools to verify identity with minimal data sharing.

    Cybercrime Response:

    • Expand sanctions against entities involved in cyberattacks on U.S. systems.
    • Block assets tied to malicious cyber activities.


    Zero Trust and IT Modernization:

    • Require zero trust architectures in Federal systems.
    • Emphasize multi-factor authentication and network segmentation.

    Minimum Cybersecurity Standards:

    • Set baseline cybersecurity requirements for Federal contractors and IoT devices by 2027.

    EO 14144: Strengthening and Promoting Innovation in the Nation's Cybersecurity

    https://www.federalregister.gov/documents/2025/01/17/2025-01470/strengthening-and-promoting-innovation-in-the-nations-cybersecurity



    ------------------------------
    Michael Roza CPA, CISA, CIA, CC, CCSKv5, CCZTv1, MBA, EMBA, CSA
    ------------------------------