Preparing for Executive Order 14028
We are parsing through the text of President Biden's Executive Order 14028 so you don't have to. The Order is 18 pages long, with plenty of deadlines but no dates, dependencies that are hard to unravel, and an alphabet's soup of acronyms.
The aDolus team has converted our previous EO Timeline to a web page that more easily handles all the sections and associated dates & deadlines. Bookmark it and stay on top of the EO! |
We are working through the Order section by section. To get updates, Subscribe over on the right and we'll share when we have new EO14028 Timelines and commentary as we finish them. Below are a list of blog posts with more detailed observations from Eric Byres.
Blog Posts With Commentary |
Part 4: Sec 3. Modernizing Federal Government Cybersecurity
Highlights: less fog more cloud, multi-factor authentication, encryption, secure cloud adoption practices, incident response services
Part 3: So You Don’t Sell to the Feds…
Highlights: a break from analyzing a specific section of the EO to focus on who will be impacted by the order.
Part 2: Sec 2. Removing Barriers to Sharing Threat Information
Highlights: contract language, reporting requirements, time periods, Federal Acquisition Regulation changes
Part 1: Sec. 4. Enhancing Software Supply Chain Security
Highlights: SBOMS, source code testing, "critical software" definition, software supply chain security practices, legacy products
For those of you who found the PDF versions of the EO Timeline helpful, you can still access them here:
Sec. 4. Enhancing Software Supply Chain Security
Sec 2. Removing Barriers to Sharing Threat Information