Sustaining Select Efforts To Strengthen the Nation's Cybersecurity and Amending Executive Order 13694 and Executive Order 14144
- Executive Order Number
- 14306
- President
- Donald Trump
- Signed
- June 6, 2025
- Published
- June 11, 2025
- Source
- Federal Register
- Original Document
- https://www.govinfo.gov/content/pkg/FR-2025-06-11/pdf/2025-10804.pdf
AI-Generated Summary
Executive Order Summary
Purpose
The purpose of this executive order is to amend and enhance the nation's cybersecurity policies as outlined in previous executive orders, particularly Executive Order 14144 and Executive Order 13694. It aims to strengthen cybersecurity against foreign and criminal cyber threats, promote innovation in cybersecurity practices, and align policy with practical implementation.
Key Actions and Directives
- Amendments to Executive Order 14144:
- Redesignation and removal of specific subsections and sections to streamline the order.
- Revision of the policy statement to emphasize threats from foreign nations, particularly the People’s Republic of China, Russia, Iran, North Korea, and others.
- Establishment of a consortium at the National Cybersecurity Center of Excellence to develop secure software development guidance.
- Updates to NIST Special Publications to enhance software security and deployment practices.
- Actions to prepare for the transition to post-quantum cryptography (PQC).
- Promotion of security with and in artificial intelligence (AI) by enhancing data accessibility and vulnerability management.
- Alignment of agency policies with cybersecurity practices through guidance and pilot programs.
- Amendments to Executive Order 13694:
- Modification of language to limit the scope of sanctions to foreign persons engaged in malicious cyber activities.
Significant Changes to Policy or Law
- Cybersecurity Policy: The order refines the focus on cybersecurity threats from foreign nations, particularly highlighting the People’s Republic of China as the most significant threat.
- Software Security: It mandates the development of new guidelines and updates to existing standards to enhance software development and deployment security.
- Post-Quantum Cryptography: The order sets deadlines for transitioning to PQC to protect against future quantum computing threats.
- Artificial Intelligence: It requires enhanced data accessibility for AI research and the integration of AI vulnerability management into existing processes.
- Policy Alignment: Agencies must align their policies with cybersecurity practices, including the use of machine-readable policy and guidance.
- Sanctions: The scope of sanctions under Executive Order 13694 is narrowed to target only foreign persons.
Potential Impacts
- Government Agencies: Agencies will need to adapt to new cybersecurity guidelines, update their systems for PQC, and integrate AI security measures. The Office of Management and Budget (OMB) and the National Institute of Standards and Technology (NIST) will play central roles in implementing these changes.
- Citizens: Improved cybersecurity measures may enhance the security and privacy of digital services, though citizens may also face new requirements for products like consumer Internet-of-Things devices.
- International Relations: The order's focus on foreign cyber threats, particularly from China, could impact diplomatic relations and lead to increased scrutiny and potential sanctions against foreign entities.
Main Stakeholders
- Federal Agencies: Particularly the Department of Commerce, Department of Defense, Department of Homeland Security, and the Office of Management and Budget.
- Private Sector: Companies involved in cybersecurity, software development, and AI research.
- Foreign Nations: Countries identified as cyber threats, especially China, Russia, Iran, and North Korea.
- Consumers: Users of digital services and products, especially those involving IoT devices.
Legal, Constitutional, or Political Implications
- Legal: The order is based on existing legal authorities, including the International Emergency Economic Powers Act and the National Emergencies Act, which provide the President with the power to amend these policies.
- Constitutional: The order exercises the President's authority over foreign affairs and national security, which are within the executive's purview.
- Political: The focus on foreign cyber threats, particularly from China, may be seen as a continuation of existing tensions and could influence U.S. foreign policy and national security strategies. The changes to sanctions under Executive Order 13694 may also have political implications in terms of how the U.S. addresses cyber threats from foreign entities.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.