Key Points
On Wednesday, May 12, 2021, President Biden issued EO 14,028, Improving the Nation s
Cybersecurity. The EO sets out an ambitious schedule of
reviews and rulemakings that portend significant changes in the
software and cybersecurity industries, particularly for government
contractors and cybersecurity and software solution providers. In
the view of the administration, these changes should be regarded as
the new normal of what will be considered reasonable
cyber and supply chain security practices applicable to the
government and potentially the private sector in other
industries and sectors.
Most importantly, the EO sets in motion a series of reviews and
rulemakings around two initiatives that will directly affect
Key Points
On Wednesday, May 12, 2021, President Biden issued EO 14,028, “Improving the Nation’s Cybersecurity.” The EO sets out an ambitious schedule of reviews and rulemakings that portend significant changes in the software and cybersecurity industries, particularly for government contractors and cybersecurity and software solution providers. In the view of the administration, these changes should be regarded as the new normal of what will be considered “reasonable” cyber and supply chain security practices applicable to the government and potentially the private sector in other industries and sectors.
Most importantly, the EO sets in motion a series of reviews and rulemakings around two initiatives that will directly affect certain government contractors and those who sell software and related services to U.S. federal agencies: enhancing and expanding cyber and supply chain incident reporting and threat information sharing (Section 2); and creating and enforcing softw