Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[open-regulatory-compliance] FYI: NIST taking leadership role with new US Executive Order published June 6, 2026

FYI:

I see this as a net positive for future collaboration on SBOM and vulnerability reporting standards and implementations across the EU and US given NIST’s successful collaborations on a broad scale over the years, i.e. the CSF and SCRM generally with NIST SP 800-161 and SP 800-53.

 

It appears that NIST will be essentially taking over Secure by Design implementation following NIST Guidance and standards, including SBOM, based on Executive Order 14028 recommendations starting in August 2025.

 

NIST provided the SBOM implementation guidance for Executive Order 14028 all along, so this is not surprising, especially when you consider that all US Government Agencies are implementing NIST Guidance for SCRM already;

https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecurity/software-security-supply-chains-software-1

 

https://www.whitehouse.gov/presidential-actions/2025/06/sustaining-select-efforts-to-strengthen-the-nations-cybersecurity-and-amending-executive-order-13694-and-executive-order-14144/

 

 

Thanks,

 

Dick Brooks

  

Active Member of the CISA Critical Manufacturing Sector,

Sector Coordinating Council – A Public-Private Partnership

 

Never trust software, always verify and report!

Risk always exists, but trust must be earned and awarded.

https://businesscyberguardian.com/

Email: dick@xxxxxxxxxxxxxxxxxxxxxxxxx

Tel: +1 978-696-1788

 

 

Back to the top