New White House cyber executive order pushes rules as code | CyberScoop<\/title> <meta name=\"description\" content=\"Organizations must turn Cyber Governance, Risk, and Compliance (GRC) into executable pipelines, a Microsoft security product manager argues.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/new-white-house-cyber-executive-order-pushes-rules-as-code-op-ed\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"New White House cyber executive order pushes rules as code\"> <meta property=\"og:description\" content=\"Organizations must turn Cyber Governance, Risk, and Compliance (GRC) into executable pipelines, a Microsoft security product manager argues.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/new-white-house-cyber-executive-order-pushes-rules-as-code-op-ed\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-07-14T12:00:00+00:00\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg\"> <meta name=\"twitter:creator\" content=\"@gregotto\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1746040294g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1750115417g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1752075323g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/85153\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=85153\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fnew-white-house-cyber-executive-order-pushes-rules-as-code-op-ed%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fnew-white-house-cyber-executive-order-pushes-rules-as-code-op-ed%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-85153 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/new-white-house-cyber-executive-order-pushes-rules-as-code-op-ed\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.9180327868852\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.626970227671\">\n<div class=\"single-article__header-content\" readability=\"36.27\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/new-white-house-cyber-executive-order-pushes-rules-as-code-op-ed\/\"> <span>Commentary<\/span> <\/a> <\/li>\n<\/ul>\n<p> Organizations must turn Cyber Governance, Risk, and Compliance (GRC) into executable pipelines, a Microsoft security product manager argues. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/85153\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"431\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code.jpg?resize=640%2C431&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg 5286w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=300,202 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=768,517 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=1024,689 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=1536,1033 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=2048,1378 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=600,404 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=250,168 250w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=501,337 501w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=1003,675 1003w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-5.jpg?resize=1253,843 1253w\" sizes=\"(max-width: 1003px) 100vw, 1003px\"><figcaption> President Donald Trump signs a series of bills during an event in the East Room of the White House on June 12, 2025 in Washington, DC. (Photo by Win McNamee\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"53.364703394311\"><body readability=\"106.72218096956\"><\/p>\n<p>In an era characterized by escalating cybersecurity threats, rapidly evolving technological landscapes, and heightened regulatory demands, organizations face significant pressure to modernize their <a href=\"https:\/\/www.oceg.org\/ideas\/what-is-grc\/\">Governance, Risk, and Compliance<\/a> (GRC) practices. The federal government is also pivoting toward automation, with <a href=\"https:\/\/www.paloaltonetworks.com\/cyberpedia\/what-is-policy-as-code\">Policy-as-Code (PaC)<\/a> becoming a foundational element in modern cybersecurity governance and compliance.<\/p>\n<p>A critical driver accelerating this urgency is a <a href=\"https:\/\/www.whitehouse.gov\/presidential-actions\/2025\/06\/sustaining-select-efforts-to-strengthen-the-nations-cybersecurity-and-amending-executive-order-13694-and-executive-order-14144\/\">recent executive order<\/a> that explicitly underscores robust cybersecurity frameworks, continuous monitoring, and adaptive compliance strategies. In response, organizations must move toward adopting innovative solutions such as Policy-as-Code methodologies.<\/p>\n<h5 class=\"wp-block-heading\" id=\"h-aligning-with-the-cyber-eo\"><strong>Aligning with the cyber EO<\/strong><\/h5>\n<p>In June, the White House <a href=\"https:\/\/cyberscoop.com\/trump-cyber-executive-order-takes-aim-at-prior-orders-secure-software-more\/\">issued an executive order<\/a> that directs the National Institute of Standards and Technology, the Cybersecurity and Infrastructure Security Agency, and the Office of Management and Budget to launch a pilot within one year that expresses federal cyber policy in a machine\u2011readable format. The same section instructs the Federal Acquisition Regulation Council to revise procurement rules so that by January 2027, agencies may buy only consumer IoT products whose Cyber Trust Mark can be parsed automatically. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>This isn\u2019t just a technical experiment: It\u2019s a blueprint for the future of cyber governance. This is a decisive endorsement of automation-based compliance and signals a governmentwide expectation that policy implementation must be verifiable, scalable, and code-driven.<\/p>\n<p>These deadlines extend beyond federal departments. Any company that sells software, cloud services, or connected devices to the public sector will soon need to prove that its security controls are written and enforced through machine\u2011readable rules. The fastest and most reliable way to supply that proof is Policy-as-Code. Teams that move early will gain an advantage when the new rules shape purchasing decisions. Teams that wait risk a backlog of manual controls and a shrinking share of government business.<\/p>\n<h5 class=\"wp-block-heading\" id=\"h-what-nbsp-is-nbsp-policy-as-code\"><strong>What is Policy-as-Code?<\/strong><\/h5>\n<p>Policy-as-Code refers to the practice of translating governance, risk management, and compliance policies into machine-readable formats by leveraging automation, and creating a more structured, dynamic, and scalable compliance environment. Policy-as-Code removes ambiguity from interpretation and puts security policies on equal footing with infrastructure and application logic. The result is a proactive compliance governance that scales as fast as today\u2019s threats. <\/p>\n<p>The Risk Management Framework (RMF) has long provided structured guidelines for organizations to categorize, select, implement, assess, authorize, and continuously monitor their information systems. However, traditional RMF processes often rely heavily on manual efforts, making them less responsive and increasingly prone to errors in today\u2019s fast-paced digital environment. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>As of today:<\/p>\n<ul class=\"wp-block-list\">\n<li><strong>Release velocity has accelerated: <\/strong>Development teams merge code many times each day; manual assessment packages cannot keep pace.<\/li>\n<li><strong>Architectural complexity has grown: <\/strong>Hybrid clouds, containers, edge devices, and software\u2011as\u2011a\u2011service platforms create connections too dense for spreadsheet mapping.<\/li>\n<li><strong>Regulatory concurrency has intensified: <\/strong>Programs must show conformance with <a href=\"https:\/\/csrc.nist.gov\/topics\/laws-and-regulations\/laws\/fisma\">FISMA<\/a>, <a href=\"https:\/\/www.fedramp.gov\/\">FedRAMP<\/a>, <a href=\"https:\/\/dodcio.defense.gov\/cmmc\/About\/\">CMMC<\/a>, the Secure Software Development Framework, multiple state privacy laws, and sector\u2011specific rules at the same time.<\/li>\n<\/ul>\n<p>Policy-as-Code resolves these gaps because rules run continuously, update quickly, and leave a clear evidence trail. <\/p>\n<h5 class=\"wp-block-heading\" id=\"h-strategic-benefits-of-implementing-policy-as-code\"><strong>Strategic benefits of implementing Policy-as-Code<\/strong><\/h5>\n<p>Organizations adopting Policy-as-Code experience several transformative benefits, positioning themselves advantageously within a highly competitive regulatory environment:<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<ul class=\"wp-block-list\">\n<li><strong>Risk reduction: <\/strong>Automated enforcement minimizes risks associated with human error, improving compliance accuracy and reducing vulnerabilities.<\/li>\n<li><strong>Audit efficiency:<\/strong> Immutable logs replace screenshots, shared drives, and labor\u2011intensive walk\u2011throughs.<\/li>\n<li><strong>Operational efficiency: <\/strong>Automating policy enforcement streamlines processes, significantly reducing the administrative burden and enabling teams to focus on strategic tasks rather than routine compliance checks.<\/li>\n<li><strong>Regulatory agility:<\/strong> When NIST updates a control catalog, teams change one file and push the update across every environment with a pull request.<\/li>\n<li><strong>Enhanced security posture:<\/strong> Real-time monitoring capabilities bolster an organization\u2019s security posture, swiftly identifying and addressing potential threats or breaches.<\/li>\n<li><strong>Cost savings:<\/strong> By reducing the manual effort needed for compliance monitoring and enforcement, Policy-as-Code can lead to considerable cost reductions over time.<\/li>\n<li><strong>Greater resilience:<\/strong> Codified governance reduces ambiguity and enhances organizational readiness under stress.<\/li>\n<\/ul>\n<h5 class=\"wp-block-heading\" id=\"h-making-it-work-practical-steps-for-effective-implementation\"><strong>Making it Work: practical steps for effective implementation<\/strong><\/h5>\n<p>To effectively adopt Policy-as-Code and maximize its benefits, organizations should consider the following structured approach:<\/p>\n<ul class=\"wp-block-list\">\n<li><strong>Comprehensive policy mapping and evaluation: <\/strong>Begin by evaluating every policy, regulation and policy applicable to your organization, map all the frameworks (e.g. NIST SP 800-53, ISO\/IEC 27002 etc.) applicable to your organization, and assign a unique identifier to each of the mapped control. This mapping forms the foundation for robust automation.<\/li>\n<li><strong>Select an open declarative machine-readable language:<\/strong> Choose a well\u2011supported machine-readable format \u2014 like <a href=\"https:\/\/pages.nist.gov\/OSCAL\/\">NIST\u2019s Open Security Controls Assessment Language (OSCAL)<\/a> or <a href=\"https:\/\/www.openpolicyagent.org\/\">Open Policy Agent (OPA)<\/a> \u2014 that integrates with existing infrastructure\u2011as\u2011code (IaC), container orchestration, and pipeline tools.<\/li>\n<li><strong>Convert prose to machine\u2011readable schemas: <\/strong>Translate Word and PDF controls into structured formats such as OSCAL.<\/li>\n<li><strong>Integration into development pipelines:<\/strong> Evaluate and deploy specialized automation platforms capable of integrating seamlessly into existing DevSecOps workflows and lifecycle. These platforms should offer real-time compliance verification, automated remediation capabilities, and ensure continuous validation of compliance at every stage of the software development process, from initial coding through deployment and operation.<\/li>\n<li><strong>Ongoing monitoring and continuous improvement: <\/strong>Implement robust tools for continuous compliance monitoring. Regularly review and update policy logic to accommodate evolving regulatory landscapes and cybersecurity threats.<\/li>\n<li><strong>Automate evidence collection:<\/strong> Connect cloud APIs, container scanners, and endpoint telemetry to a central repository so evidence accrues automatically.<\/li>\n<li><strong>Training and capacity building:<\/strong> Invest in targeted training programs to equip your teams with the necessary technical and conceptual understanding of Policy-as-Code methodologies and Git workflows, and teach developer teams regulatory vocabulary.<\/li>\n<li><strong>Cultural alignment and leadership support: <\/strong>Actively cultivate a culture that values compliance automation and proactive risk management. Secure buy-in and sustained support from senior leadership to ensure smooth adoption and integration.<\/li>\n<li><strong>Pilot and iterate:<\/strong> Begin with a high-priority control (e.g., encryption at rest) and run a focused pilot. Measure its effectiveness, gather stakeholder feedback, and iterate. Success here builds momentum.<\/li>\n<li><strong>Inform and measure impact:<\/strong> Codified controls should feed into your broader risk dashboards and compliance reporting mechanisms, track policy coverage, mean time to remediation, audit hours saved, and defects prevented. Share results with executive stakeholders.<\/li>\n<\/ul>\n<h5 class=\"wp-block-heading\" id=\"h-the-road-nbsp-ahead\"><strong>The road ahead<\/strong><\/h5>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The future of cybersecurity governance clearly points toward increased automation, dynamic regulatory adaptation, and highly responsive compliance frameworks. Policy-as-Code is not merely a temporary trend but a fundamental shift in how organizations approach GRC. Soon, federal contracts may require delivery of not only human-readable SSPs but also machine-verifiable compliance packages. Audits may involve running scripts instead of reviewing PDFs. And AI-powered governance engines will cross-check deployments against codified policies in real time.<\/p>\n<p>The EO\u2019s emphasis on rules-as-code is just the beginning. The EO also sets timelines for managing AI vulnerabilities and adopting post\u2011quantum cryptography. Agencies must publish an AI vulnerability dataset by Nov. 1 and must transition to quantum\u2011resistant encryption by 2030. <\/p>\n<p>The clock is ticking. Agencies must pilot rules as code by June 2026, and suppliers must attach machine-readable security labels by January 2027. Organizations that translate policy into executable pipelines now will close vulnerabilities faster, cut assessment costs, and enter bid rooms as trusted partners. Those that wait will face manual backlogs, increased expenses, and shrinking market share once the grace period ends. Policy-as-Code is no longer experimental, but an operational and compliance imperative that will distinguish tomorrow\u2019s security-ready organizations from everyone else.<\/p>\n<p>The future of cyber and AI governance won\u2019t be documented; it will be deployed!<\/p>\n<p><em>Ibrahim Waziri Jr. is a principal security product manager in Microsoft\u2019s Cybersecurity, Cloud, AI & Trust Engineering Team, a cybersecurity fellow at New America, and an adjunct professor of cybersecurity at Marymount University.<\/em><\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1\">\n<div class=\"author-card\" readability=\"7\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-1.jpg?w=640&ssl=1\" alt=\"Ibrahim Waziri Jr.\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Ibrahim Waziri Jr.<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<div class=\"popular-stories__stories\">\n<div class=\"popular-stories__cards\">\n<article class=\"post-item post-item--popular-stories-cards \" readability=\"19.5\">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/sec-withdrawals-cyber-rules-for-investment-companies-advisers\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"506\" height=\"337\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-2.jpg?resize=506%2C337&ssl=1\" class=\"attachment-ratio-16-9-md size-ratio-16-9-md wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-6.jpg?resize=1265,843 1265w\" sizes=\"auto, (max-width: 506px) 100vw, 506px\"> <\/a><figcaption class=\"screen-reader-text\"> The Securities and Exchange Commission headquarters is seen on April 25, 2025 in Washington, D.C. (Photo by Anna Moneymaker\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\" readability=\"1.0140845070423\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/sec-withdrawals-cyber-rules-for-investment-companies-advisers\/\"> SEC withdraws cyber rules for investment companies, advisers <\/a> <\/h3>\n<p> The move last week came amid the pullback of other SEC regulations. <\/p>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/tim-starkscyberscoop-com\/\"> Tim Starks <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/trump-cyber-executive-order-takes-aim-at-prior-orders-secure-software-more\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"245\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-3.jpg?resize=245%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg 4889w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=300,206 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=768,527 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=1024,703 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=1536,1054 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=2048,1405 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=600,412 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=245,168 245w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=491,337 491w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=984,675 984w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-7.jpg?resize=1228,843 1228w\" sizes=\"auto, (max-width: 245px) 100vw, 245px\"> <\/a><figcaption class=\"screen-reader-text\"> U.S. President Donald Trump speaks to guests from South Portico of the White House during an event on the South Lawn on June 04, 2025 in Washington, DC. Trump held the \u201cSummer Soir\u00e9e\u201d for guests including staff, cabinet members and supporters to visit the grounds and enjoy the recent onset of summer heat. (Photo by Anna Moneymaker\/Getty Images) <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/trump-cyber-executive-order-takes-aim-at-prior-orders-secure-software-more\/\"> Trump cyber executive order takes aim at prior orders, secure software, identity <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/tim-starkscyberscoop-com\/\"> Tim Starks <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<article class=\"post-item post-item--popular-stories-cards \">\n<figure class=\"post-item__thumbnail\"> <a class=\"post-item__thumbnail-link\" href=\"https:\/\/cyberscoop.com\/trump-executive-order-cybersecurity-state-local-impact\/\" tabindex=\"-1\"> <img data-recalc-dims=\"1\" loading=\"lazy\" width=\"300\" height=\"168\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-4.jpg?resize=300%2C168&ssl=1\" class=\"attachment-ratio-16-9-sm size-ratio-16-9-sm wp-post-image\" alt decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg?resize=300,168 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg?resize=768,432 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg?resize=1024,576 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg?resize=1536,864 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg?resize=600,337 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg?resize=1200,675 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/07\/new-white-house-cyber-executive-order-pushes-rules-as-code-8.jpg?resize=1500,843 1500w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\"> <\/a><figcaption class=\"screen-reader-text\"> traffic_analyzer, Getty Images <\/figcaption><\/figure>\n<header class=\"post-item__meta\">\n<h3 class=\"post-item__title\"> <a class=\"post-item__title-link\" href=\"https:\/\/cyberscoop.com\/trump-executive-order-cybersecurity-state-local-impact\/\"> Trump\u2019s \u2018preparedness\u2019 executive order would shift cyber defense burden where it doesn\u2019t belong, experts say <\/a> <\/h3>\n<div class=\"post-item__byline\"> <span class=\"post-item__author\"> <span>By <\/span> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/tim-starkscyberscoop-com\/\"> Tim Starks <\/a> <a class=\"post-item__author-link\" href=\"https:\/\/cyberscoop.com\/author\/colin-wood\/\"> Colin Wood <\/a> <\/span> <\/div>\n<p> <\/header>\n<p> <\/article>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/new-white-house-cyber-executive-order-pushes-rules-as-code-op-ed\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New White House cyber executive order pushes rules as code<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[280],"tags":[284],"class_list":["post-7796","post","type-post","status-publish","format-standard","hentry","category-commentary","tag-commentary"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/commentary\/\" rel=\"category tag\">Commentary<\/a>","tag_info":"Commentary","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7796","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7796"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7796\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7796"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7796"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7796"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7796,"date":"2025-07-14T07:00:00","date_gmt":"2025-07-14T12:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=85153"},"modified":"2025-07-14T07:00:00","modified_gmt":"2025-07-14T12:00:00","slug":"new-white-house-cyber-executive-order-pushes-rules-as-code","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/07\/14\/new-white-house-cyber-executive-order-pushes-rules-as-code\/","title":{"rendered":"New White House cyber executive order pushes rules as code"},"content":{"rendered":"