Quick Take: Executive Order on Improving the Nation’s Cybersecurity

With the recent number of attacks that have had significant impact on critical systems, a new executive order on improving the nation’s cybersecurity has been released, covering many key areas that need to be addressed to protect critical digital infrastructure. This is one of the most detailed U.S. executive orders on cybersecurity and we welcome this effort to improve the trustworthiness of the digital infrastructure. The challenges are many and it is encouraging to see this order addressing the issues from many fronts.  

This executive order will affect many organizations, both in the public and private sector, that work with the government. These typically include financial services, healthcare, the public sector, critical infrastructures, high tech, and education. 

While the order covers a number of key topics, implementing multi-factor authentication (MFA), deploying Zero Trust Architecture, and securing the software supply chain are of particular note.

MFA officially a front line of defense

The executive order recognizes the importance of MFA and how it greatly deters account compromise. All agencies shall adopt MFA within 180 days. Additionally, software vendors must establish MFA across the enterprise. Though the order doesn’t call out specific MFA standards, phishing-resistant hardware backed authentication methods, like FIDO security keys and smart cards, provide the level of security needed to address modern day attacks.

Zero Trust Architecture

To modernize Federal government systems, agencies must develop a plan to implement a Zero Trust Architecture within 60 days. A Zero Trust security model eliminates implicit trust and is designed to only allow the minimal access needed to perform a function. Zero Trust design principles makes a “no-trust” assumption that requires authentication as users cross network boundaries particularly as organizations move to the cloud. The Zero Trust emphasis in the order demonstrates the high priority status the government is placing on modernizing agencies’ infrastructure. Strong, modern authenticators, like the YubiKey, will be essential to reaching Zero Trust goals while providing a low-friction and secure user experience.

Software Supply Chain Security

The Federal Government relies heavily on software developed internally and from technology vendors. The order specifically calls out the lack of transparency and adequate controls to prevent tampering by malicious actors. Recent attacks have shown the importance of software chain of custody. The executive order develops guidelines that will improve the verification of the integrity of the software. A best practice is to ensure code and commits are cryptographically signed, which can be accomplished with a YubiKey.

Phishing attacks continue to evolve and can lead to account takeovers and ransomware attacks, resulting from stolen or phished credentials. The best way to prevent phishing is to embrace the implementation of strong MFA and Zero Trust Architectures — exactly what part of this executive order now mandates. Furthermore, cryptography signed code and commits will be an important way to establish trust and achieve a high level of assurance. 

The recently launched YubiKey 5 FIPS Series is certified at FIPS 140-2, Overall Level 1 and Level 2, and in addition, has achieved Physical Security Level 3; the YubiKey 5 FIPS series is able to meet the requirements for Authenticator Assurance Level 3 (AAL3) as defined in NIST SP800-63B. For more information on the new YubiKey 5 FIPS Series, please visit the Yubico website. The series is also available for purchase on the Yubico store, through Yubico’s dedicated sales team, or from any Yubico-approved channel partners and resellers.

Talk to our teamTalk to our team

Share this article:


  • State of Global Authentic(age)ion: A look at cybersecurity habits by generationsNo generations were left untouched when it came to the threat of hackers in 2024: from the impact of political shakeups, to increasingly sophisticated cyber attacks targeting consumers, critical industries and infrastructures, the world was on high alert. Fueled by a dramatic increase in phishing attacks circumventing certain forms of legacy multi-factor authentication (MFA), as […]Read moreState of Global Authenticationsurvey
  • Yubico named finalists of German digital identity innovation competitionIn 2023, Yubico began collaborating on an exciting open standards identity project – wwWallet – to shape the future of digital identity across Europe and beyond. The project saw immediate success solving problems for global identity, and was submitted in the German SPRIN-D European Digital Identity (EUDI) Funke competition which aims to develop and test […]Read moreEU Digital Identity WalletEUDIwwWalet
  • Introducing new features for Yubico Authenticator for iOSWe’re excited to share the new features now available for Yubico Authenticator for iOS in the latest app update on the App Store. Many of these improvements aim to address frequently requested features from our customers, while providing additional new functionalities for a seamless authentication experience on iOS.  With increased interest in going passwordless and […]Read moreiOSYubico Authenticator
  • surface blog crownMicrosofts Surface Pro 10 möjliggör NFC-baserad lösenordsfri inloggning med YubiKeys, för företagDra fördel av det långvariga samarbetet mellan Microsoft och Yubico genom att distribuera YubiKeys tillsammans med den nya Surface Pro 10 enheten för ditt företag. Read morenfcpasswordless