On May 12, 2021, the Biden administration released a far-reaching executive order intended to improve the U.S. government’s cybersecurity posture, both internally and in any private information technology systems that “touch” federal IT systems. The executive order is available here, and a related fact sheet is available here. This executive order will work in tandem with existing initiatives, such as the Cybersecurity Maturity Model Certification, the Federal Risk and Authorization Management Program, and National Institute of Standards and Technology (NIST) publications. Notably, and unlike CMMC, the executive order is concerned more with improving the entire government’s IT systems to protect all information residing on those systems, and less with scaling protections based on types of information residing on contractor systems. If your contracts require you to access any government systems using your own internal IT systems or if you develop software for or on behalf of the government, this executive order will likely impact you.
Source: