United States of America: President signed Executive Order Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144

On 6 June 2025, the President issued an Executive Order titled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144”. The Order modifies certain initiatives from previous Executive Orders and outlines cybersecurity priorities. Its aims include focusing on securing third-party software supply chains, quantum cryptography, artificial intelligence (AI), and Internet of Things (IoT) devices, and directing cybersecurity-related sanctions authorities towards foreign malicious actors. The Order makes several specific changes to existing federal government policies. It removes certain requirements for secure software development attestations from federal government contractors, including the need for a machine-readable format and centralised validation by the Cybersecurity and Infrastructure Security Agency (CISA). It also removes requirements for the Federal Civilian Executive Branch (FCEB) to deploy commercial phishing-resistant standards. Furthermore, the Order removes a previous directive to the Office of Management and Budget (OMB) requiring the expanded use of authenticated Transport Layer Security (TLS) between FCEB email servers.