← Back to Archives

Breaking Down the Amendments to Cybersecurity Executive Order 14144

Originally published on LinkedIn

Graphic header displaying 'UP IN YOUR CYBERSPACE' regarding trending cybersecurity events.

The Trump Administration amended the Biden Cybersecurity Executive Order (EO 14144) yesterday. As reported by Eric Geller at Cybersecurity Dive: "Trump scraps Biden software security, AI, post-quantum encryption efforts in new executive order".

You can view a version of EO 14144 as modified by yesterday's changes here.

Here is a quick summary of the major removals and refocusing:

  • Elimination of Anti-Fraud and Digital Identity Sections: The most significant change is the complete removal of the original Section 5, "Solutions to Combat Cybercrime and Fraud". This action eliminates all directives related to using mobile driver's licenses and other digital identity verification pilots to combat fraud in public benefits programs.
  • Streamlining Software Supply Chain Security: The original order's detailed requirements for software providers to submit attestations and artifacts to a government repository were removed. The amended order now focuses on establishing an industry standard for data formats, encouraging the use of open-source research datasets, and directing defense agencies to incorporate AI software vulnerability management.
  • New "Aligning Policy to Practice" Section: The original section on modernizing IT was replaced. This new version directs the OMB to issue revised guidance within three years and establishes a pilot program for a "rules-as-code" approach to make cybersecurity policies machine-readable.