A major step to strengthen national cybersecurity, recent modifications to Executive Orders (EO) 13694 and 14144 reflect a reemphasis on the protection of critical infrastructure and federal systems.
These revisions, including a new Executive Order dated June 6, 2025, seek to reflect the changes of the cyber threat landscape, simplify current policies and strengthen the nation’s cyber resilience.
The Obama-era order, first signed in 2015 to seize the property of those involved in malicious cyber activities including stealing commercial secrets, was additionally cited so the orders are now a surefire weapon against foreign cyber attacks.
But the most recent amendments narrow the terms, including by specifically exempting domestic political opponents from any cyber sanctions misuse.
In the meantime, EO 14144, “Strengthening and Invigorating Innovation in America’s Cybersecurity,” has also been extensively updated,signed on January 16, 2025.
This directive had been first presented to strengthen security when it comes to the software supply chain, obtain stronger cybersecurity requirements for federal contractors, fight against cybercrime and help promote digital identity verification. The new amendments adopt a focused approach highlighting important protection from foreign cyber threats and requirements for safe technology.
Common themes between both EOs include a firm call to action for the Federal government to promote secure software development, departing from what one source saw as a soul-crushing compliance checklist towards actual security investment.
There’s also a fresh emphasis on department and agency by action on border gateway security to address network interconnection hijacking.
Moreover, the revised guidelines provide guidance on the quantum threat, as it calls for action on post-quantum cryptography in order to ensure the resilience against further computational developments.
Better security protocols are also required. We have said AI should be used in more narrowly defined approaches looking for vulnerability and vulnerability eradication solution applications.
The amendments also require technical work on cybersecurity policy dissemination, such as machine readable policy, as well as formal trust designations in smart “Internet of Things” (“IoT”) devices, that will give consumers confidence that their personal and home devices comply with minimal security engineering principles.
These updates reflect a marked evolution, focusing on concrete technical and organizational improvements that organizations can make now to better defend themselves against persistent and increasingly sophisticated cyber threats.
