Trump Administration Doubles Down on SBOM Security: What the Latest Executive Order Means for Your Organization

The cybersecurity landscape shifted significantly on June 6, 2025, when President Trump signed a comprehensive executive order strengthening the nation's cybersecurity posture. While Software Bill of Materials (SBOMs) aren't explicitly mentioned by name, the order reinforces critical secure software development frameworks that make SBOM implementation more essential than ever for federal agencies and commercial organizations alike.

The executive order amends previous cybersecurity directives with several provisions that directly affect how organizations approach software supply chain security:

The order directs the Secretary of Commerce, through NIST, to establish an industry consortium by August 1, 2025, focused on implementing secure software development practices based on NIST Special Publication 800-218. This framework inherently includes SBOM practices as a cornerstone of secure software development.

By December 1, 2025, NIST must publish a preliminary update to the SSDF that includes "practices, procedures, controls, and implementation examples regarding the secure and reliable development and delivery of software." This update will likely strengthen SBOM requirements and provide clearer implementation guidance for organizations.

Perhaps most notably for the evolving cybersecurity landscape, the order requires federal agencies to incorporate AI software vulnerabilities into existing vulnerability management processes. This expansion makes comprehensive software inventory tracking—the core purpose of SBOMs—even more critical.

The strengthened focus on secure software development frameworks signals the federal government's commitment to supply chain transparency and security. Organizations that haven't yet implemented robust SBOM practices may find themselves at a significant disadvantage when competing for federal contracts or meeting compliance requirements.

With the executive order reinforcing NIST frameworks that incorporate SBOM practices, organizations must align their software security strategies with evolving federal standards. The executive order's emphasis on "secure and reliable development and delivery of software" directly correlates with SBOM capabilities.

The order also addresses quantum computing threats, requiring agencies to support Transport Layer Security protocol version 1.3 by January 2030. Organizations with comprehensive SBOMs will be better positioned to identify and update cryptographic implementations across their software portfolios.

As cybersecurity challenges intensify, organizations need practical guidance on implementing effective SBOM strategies. The SIE Group and Eracent are hosting an essential webinar, "Summer's Here & It's Heating Up: SBOM Smarts for Federal & Commercial Resilience," designed to help federal agencies and commercial organizations navigate these evolving requirements.

This exclusive session will explore how SBOMs strengthen security while addressing regulatory compliance, automation tools, and real-world implementation strategies. Whether you're a federal IT professional, commercial security team member, or compliance leader, this webinar provides actionable insights for enhancing your cybersecurity approach.

Key topics include:

• SBOM standards alignment with Executive Order 14028, NIST, and OMB mandates
• Automated SBOM management through Eracent's SBOM Manager
• Practical implementation examples and case studies
• Integration approaches for both federal and commercial environments

The webinar features expert presenters from The SIE Group, leading IT Asset Management experts serving federal and commercial clients, and Eracent, industry pioneers in SBOM management and software supply chain security solutions.

The latest executive order makes clear that software supply chain security isn't just a best practice—it's becoming a regulatory requirement. Organizations that proactively implement comprehensive SBOM strategies will be better positioned to meet evolving compliance demands and secure their software ecosystems.

Don't let your organization fall behind in the rapidly evolving cybersecurity landscape. Register now for this essential webinar and gain the insights needed to strengthen your software supply chain security before regulatory deadlines arrive.

The heat is on—make sure your SBOM strategy can handle the pressure.