Government Systems Face Increasing Cybersecurity Threats, Prompting Calls for Systemic Overhaul by House Members
The U.S. government is taking significant steps to bolster its cybersecurity defenses, with a focus on enhancing domestic digital infrastructure protection and leveraging next-generation technologies.
Under the Trump administration’s Executive Order 14306, issued on June 6, 2025, there are sweeping amendments designed to refine prior orders by Presidents Biden and Obama. The new order emphasizes strengthening secure software development practices, narrowing sanctions to focus on foreign actors engaged in malicious cyber activities, and integrating advanced technologies into cybersecurity defenses.
To strengthen secure software development practices, the government plans to update the NIST’s Secure Software Development Framework (SSDF) by December 2025. This update will require software suppliers to provide attestations of security compliance, though federal acquisition regulations for mandatory attestations remain in flux.
The government also aims to narrow sanctions to focus on foreign actors engaged in malicious cyber activities, supporting national security priorities by protecting domestic infrastructure from foreign cyber threats.
In addition, the integration of advanced technologies, including artificial intelligence (AI) and post-quantum cryptography, is a key aspect of the proposed reforms. These technologies are expected to help anticipate future threat landscapes and bolster the nation's defenses.
Beyond these specific proposals, there are additional recommendations from broader cybersecurity strategy discussions. For instance, there's a push to extend key legislative authorities like the Cybersecurity Information Sharing Act of 2015 (CISA 2015), which facilitates critical threat intelligence sharing between government and private sector entities without imposing additional regulations. The act’s potential expiration in September 2025 poses risks of diminished information sharing, especially threatening small and medium-sized businesses (SMBs).
Other proposals include deploying AI-enabled cyber defenses, standardizing unified incident reporting across agencies and private sector partners, and consolidating certification processes to simplify compliance and increase effectiveness.
Moreover, there's an emphasis on addressing cybersecurity in tandem with innovations in AI, as highlighted in recent White House plans to foster secure AI adoption while balancing deregulation with security imperatives. This indirectly impacts cyber risk management.
Collaborations between private entities and government agencies are also considered vital for crafting robust security measures, with key players such as top cybersecurity firms strategically involved in the reforms.
Sarah Thompson from the Government Accountability Office (GAO) stated that the allocation of resources for the nation's digital infrastructure is necessary. Interagency cooperation is emphasized as a formidable barrier against threats, and increased security budgets are a crucial need for these reforms.
The proposed reforms aim to build a robust defensive wall around America's digital assets, marking a significant shift in the U.S. government's approach to cybersecurity.
[1] Executive Order 14306: Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure [2] Cybersecurity Information Sharing Act of 2015 (CISA 2015) [3] National Institute of Standards and Technology (NIST) [4] White House AI R&D Strategic Plan [5] National Cybersecurity Strategy of the United States of America
- The U.S. government's renewed focus on enhancing cybersecurity defenses includes updates to the National Institute of Standards and Technology's (NIST) Secure Software Development Framework (SSDF), with the aim of integrating advanced technologies such as artificial intelligence (AI) and post-quantum cryptography.
- As part of the proposed cybersecurity reforms, there is a push to extend legislation like the Cybersecurity Information Sharing Act of 2015 (CISA 2015), which facilitates threat intelligence sharing between government and private sector entities, in order to maintain effective information security.
- The new Executive Order 14306 also highlights the importance of addressing cybersecurity in conjunction with innovations in AI, as part of a broader strategy to foster secure AI adoption while striking a balance between deregulation and security imperatives.
