Quick Take: Executive Order on Improving the Nation’s Cybersecurity

With the recent number of attacks that have had significant impact on critical systems, a new executive order on improving the nation’s cybersecurity has been released, covering many key areas that need to be addressed to protect critical digital infrastructure. This is one of the most detailed U.S. executive orders on cybersecurity and we welcome this effort to improve the trustworthiness of the digital infrastructure. The challenges are many and it is encouraging to see this order addressing the issues from many fronts.  

This executive order will affect many organizations, both in the public and private sector, that work with the government. These typically include financial services, healthcare, the public sector, critical infrastructures, high tech, and education. 

While the order covers a number of key topics, implementing multi-factor authentication (MFA), deploying Zero Trust Architecture, and securing the software supply chain are of particular note.

MFA officially a front line of defense

The executive order recognizes the importance of MFA and how it greatly deters account compromise. All agencies shall adopt MFA within 180 days. Additionally, software vendors must establish MFA across the enterprise. Though the order doesn’t call out specific MFA standards, phishing-resistant hardware backed authentication methods, like FIDO security keys and smart cards, provide the level of security needed to address modern day attacks.

Zero Trust Architecture

To modernize Federal government systems, agencies must develop a plan to implement a Zero Trust Architecture within 60 days. A Zero Trust security model eliminates implicit trust and is designed to only allow the minimal access needed to perform a function. Zero Trust design principles makes a “no-trust” assumption that requires authentication as users cross network boundaries particularly as organizations move to the cloud. The Zero Trust emphasis in the order demonstrates the high priority status the government is placing on modernizing agencies’ infrastructure. Strong, modern authenticators, like the YubiKey, will be essential to reaching Zero Trust goals while providing a low-friction and secure user experience.

Software Supply Chain Security

The Federal Government relies heavily on software developed internally and from technology vendors. The order specifically calls out the lack of transparency and adequate controls to prevent tampering by malicious actors. Recent attacks have shown the importance of software chain of custody. The executive order develops guidelines that will improve the verification of the integrity of the software. A best practice is to ensure code and commits are cryptographically signed, which can be accomplished with a YubiKey.

Phishing attacks continue to evolve and can lead to account takeovers and ransomware attacks, resulting from stolen or phished credentials. The best way to prevent phishing is to embrace the implementation of strong MFA and Zero Trust Architectures — exactly what part of this executive order now mandates. Furthermore, cryptography signed code and commits will be an important way to establish trust and achieve a high level of assurance. 

The recently launched YubiKey 5 FIPS Series is certified at FIPS 140-2, Overall Level 1 and Level 2, and in addition, has achieved Physical Security Level 3; the YubiKey 5 FIPS series is able to meet the requirements for Authenticator Assurance Level 3 (AAL3) as defined in NIST SP800-63B. For more information on the new YubiKey 5 FIPS Series, please visit the Yubico website. The series is also available for purchase on the Yubico store, through Yubico’s dedicated sales team, or from any Yubico-approved channel partners and resellers.

Talk to our teamTalk to our team

Share this article:


  • Works with YubiKey Spotlight: Expanded partnerships redefining phishing-resistance in 20252024 was an exciting year for Yubico and our partners. Together, we achieved remarkable milestones, launching innovative solutions and forging stronger partnerships – all aimed at delivering the most impactful cybersecurity solutions and user experience for our customers and partners. At the heart of these efforts lies a shared commitment to phishing-resistance.  From registration to […]Read moreWorks with YubiKeywwyk
  • Cybersecurity in 2025 – part two: Insights and predictions from Yubico’s expertsIn part one of our 2025 cybersecurity predictions, we highlighted insights from our experts on the topic of passkeys, digital identity wallets and the threats of AI-driven phishing – areas that saw a lot of focus in 2024, and ones that we expect to continue being a major focus this year. If you missed our […]Read morecritical infrastructurefederal governmentfinancial servicespredictions
  • Cybersecurity in 2025: Insights and predictions from Yubico’s expertsWith 2024 behind us, we saw another challenging year in the world of cybersecurity – highlighted by new and evolving threats like Artificial Intelligence (AI)-driven phishing and increasingly sophisticated cyber attacks overall. Yubico’s September Global State of Authentication Survey confirmed the challenges, even underscoring the potential risks of these new threats. The report emphasized the […]Read moreAIdigital identity walletspasskeyspredictions
  • State of Global Authentic(age)ion: A look at cybersecurity habits by generationsNo generations were left untouched when it came to the threat of hackers in 2024: from the impact of political shakeups, to increasingly sophisticated cyber attacks targeting consumers, critical industries and infrastructures, the world was on high alert. Fueled by a dramatic increase in phishing attacks circumventing certain forms of legacy multi-factor authentication (MFA), as […]Read moreState of Global Authenticationsurvey