EPISODE · Jul 8, 2025 · 19 MIN
Federal Cybersecurity Rollbacks: What Got Cut—And What Still Stands
from Cyberside Chats: Cybersecurity Insights from the Experts · host Chatcyberside
In June 2025, the White House issued an executive order that quietly eliminated several key federal cybersecurity requirements. In this episode of Cyberside Chats, Sherri and Matt break down exactly what changed—from the removal of secure software attestations to the rollback of authentication requirements—and what remains in place, including post-quantum encryption support and the FTC’s Cyber Trust Mark. We’ll talk about the practical impact for security leaders, why this mirrors past challenges like PCI compliance, and what your organization should do next. Key Takeaways (for CISOs and Security Leaders) Don’t Drop SBOMs or Attestations — Build Them Into Contracts Anyway Even without a federal requirement, insist on SBOMs and secure development attestations in vendor agreements. Transparency reduces your risk. Re-Evaluate Third-Party Software Risk Practices Now With no centralized validation, it's up to you to verify vendors' claims. Strengthen your third-party risk management processes accordingly. Watch for Gaps in MFA, Encryption, and Identity Standards Don’t assume basic protections are baked in. Federal rollback may signal declining baseline expectations—so enforce your own. Prepare for Industry-Led Enforcement — From Insurers, Buyers, and Info-Sharing Groups Expect cyber insurers, large enterprises, ISACs/ISAOs, and professional groups to lead on software transparency. Get ahead by aligning now. Resources: Full Text of the June 6, 2025 Executive Order: https://www.whitehouse.gov/presidential-actions/2025/06/sustaining-select-efforts-to-strengthen-the-nations-cybersecurity-and-amending-executive-order-13694-and-executive-order-14144 LMG Security: Software Supply Chain Security – Understanding and Mitigating Major Risks: https://www.lmgsecurity.com/software-supply-chain-security-understanding-and-mitigating-major-risks/ The Record’s Breakdown: Trump Order Rolls Back Key Federal Cybersecurity Rules: https://therecord.media/trump-cybersecurity-executive-order-june-2025
What this episode covers
In June 2025, the White House issued an executive order that quietly eliminated several key federal cybersecurity requirements. In this episode of Cyberside Chats, Sherri and Matt break down exactly what changed—from the removal of secure software attestations to the rollback of authentication requirements—and what remains in place, including post-quantum encryption support and the FTC’s Cyber Trust Mark. We’ll talk about the practical impact for security leaders, why this mirrors past challenges like PCI compliance, and what your organization should do next. Key Takeaways (for CISOs and Security Leaders) Don’t Drop SBOMs or Attestations — Build Them Into Contracts AnywayEven without a federal requirement, insist on SBOMs and secure development attestations in vendor agreements. Transparency reduces your risk. Re-Evaluate Third-Party Software Risk Practices NowWith no centralized validation, it's up to you to verify vendors' claims. Strengthen your third-party risk management processes accordingly. Watch for Gaps in MFA, Encryption, and Identity StandardsDon’t assume basic protections are baked in. Federal rollback may signal declining baseline expectations—so enforce your own. Prepare for Industry-Led Enforcement — From Insurers, Buyers, and Info-Sharing GroupsExpect cyber insurers, large enterprises, ISACs/ISAOs, and professional groups to lead on software transparency. Get ahead by aligning now. Resources: Full Text of the June 6, 2025 Executive Order: https://www.whitehouse.gov/presidential-actions/2025/06/sustaining-select-efforts-to-strengthen-the-nations-cybersecurity-and-amending-executive-order-13694-and-executive-order-14144 LMG Security: Software Supply Chain Security – Understanding and Mitigating Major Risks: https://www.lmgsecurity.com/software-supply-chain-security-understanding-and-mitigating-major-risks/ The Record’s Breakdown: Trump Order Rolls Back Key Federal Cybersecurity Rules: https://therecord.media/trump-cybersecurity-executive-order-june-2025
NOW PLAYING
Federal Cybersecurity Rollbacks: What Got Cut—And What Still Stands
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m