Sign up to save your podcasts
Or
Share Federal Cybersecurity Rollbacks: What Got Cut—And What Still Stands
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Federal Cybersecurity Rollbacks: What Got Cut—And What Still Stands
In June 2025, the White House issued an executive order that quietly eliminated several key federal cybersecurity requirements. In this episode of Cyberside Chats, Sherri and Matt break down exactly what changed—from the removal of secure software attestations to the rollback of authentication requirements—and what remains in place, including post-quantum encryption support and the FTC’s Cyber Trust Mark. We’ll talk about the practical impact for security leaders, why this mirrors past challenges like PCI compliance, and what your organization should do next.
Key Takeaways (for CISOs and Security Leaders)
Even without a federal requirement, insist on SBOMs and secure development attestations in vendor agreements. Transparency reduces your risk.
With no centralized validation, it's up to you to verify vendors' claims. Strengthen your third-party risk management processes accordingly.
Don’t assume basic protections are baked in. Federal rollback may signal declining baseline expectations—so enforce your own.
Expect cyber insurers, large enterprises, ISACs/ISAOs, and professional groups to lead on software transparency. Get ahead by aligning now.
Resources:
View all episodes
By ChatcybersideIn June 2025, the White House issued an executive order that quietly eliminated several key federal cybersecurity requirements. In this episode of Cyberside Chats, Sherri and Matt break down exactly what changed—from the removal of secure software attestations to the rollback of authentication requirements—and what remains in place, including post-quantum encryption support and the FTC’s Cyber Trust Mark. We’ll talk about the practical impact for security leaders, why this mirrors past challenges like PCI compliance, and what your organization should do next.
Key Takeaways (for CISOs and Security Leaders)
Even without a federal requirement, insist on SBOMs and secure development attestations in vendor agreements. Transparency reduces your risk.
With no centralized validation, it's up to you to verify vendors' claims. Strengthen your third-party risk management processes accordingly.
Don’t assume basic protections are baked in. Federal rollback may signal declining baseline expectations—so enforce your own.
Expect cyber insurers, large enterprises, ISACs/ISAOs, and professional groups to lead on software transparency. Get ahead by aligning now.
Resources: