<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>EO Archives - Corsec Security, Inc.®</title>
	<atom:link href="https://www.corsec.com/tag/eo/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.corsec.com/tag/eo/</link>
	<description>Corsec helps companies complete security certifications and validations like FIPS 140-3, Common Criteria, CSfC, &#38; the DoDIN APL / UC APL.</description>
	<lastBuildDate>Wed, 01 Jul 2026 19:39:54 +0000</lastBuildDate>
	<language>en-GB</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	

<image>
	<url>https://www.corsec.com/wp-content/uploads/cropped-Corsec-Logo-SiteMap-32x32.png</url>
	<title>EO Archives - Corsec Security, Inc.®</title>
	<link>https://www.corsec.com/tag/eo/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>Post Quantum Compliance: A New White House PQC Order Impacts Federal Product Vendors</title>
		<link>https://www.corsec.com/eo-pqc/</link>
		
		<dc:creator><![CDATA[Jake Nelson]]></dc:creator>
		<pubDate>Thu, 02 Jul 2026 13:30:33 +0000</pubDate>
				<category><![CDATA[Common Criteria]]></category>
		<category><![CDATA[FIPS 140-3]]></category>
		<category><![CDATA[News]]></category>
		<category><![CDATA[PQC]]></category>
		<category><![CDATA[Security]]></category>
		<category><![CDATA[STIG]]></category>
		<category><![CDATA[EO]]></category>
		<category><![CDATA[NIST]]></category>
		<guid isPermaLink="false">https://www.corsec.com/?p=22662</guid>

					<description><![CDATA[<p>The post <a href="https://www.corsec.com/eo-pqc/">Post Quantum Compliance: A New White House PQC Order Impacts Federal Product Vendors</a> appeared first on <a href="https://www.corsec.com">Corsec Security, Inc.®</a>.</p>
]]></description>
										<content:encoded><![CDATA[<div class="wpb-content-wrapper"><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-12"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<p>On June 22, 2026, the White House issued Executive Order 14412, <strong>“Securing the Nation Against Advanced Cryptographic Attacks,”</strong> signaling a major acceleration in the federal government&#8217;s transition to post-quantum cryptography (PQC). The Executive Order recognizes a growing national security concern: adversaries can collect encrypted data today and potentially decrypt it in the future once large-scale quantum computers become operational, a threat commonly referred to as <em>“harvest now, decrypt later.”</em></p>
<p>While the Order is directed primarily at federal agencies, the implications extend far beyond government networks. For technology vendors that sell into the federal market, the message is clear: <strong>quantum readiness is becoming a compliance and procurement issue, not just a technical roadmap discussion.</strong></p>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h3>A Faster Federal Timeline for Post-Quantum Security</h3>
<div>
<p>The Executive Order directs federal agencies to accelerate their migration to NIST-approved post-quantum cryptographic standards and establish agency-wide PQC migration strategies. Agencies must inventory cryptographic assets, designate PQC migration leaders, prioritize high-value systems, and transition critical use cases to PQC by 2030 and 2031. The Order also calls for expanded guidance from NIST, NSA, and DHS, along with pilot implementations to demonstrate successful migrations.</p>
<p>Perhaps most significant for industry, the accompanying White House Fact Sheet states that the Federal Acquisition Regulatory Council will require covered contractors to meet certain federal cybersecurity standards and vulnerability disclosure requirements by the end of 2030.</p>
<div>For federal product companies, this represents another clear signal that cybersecurity certifications and validated security claims will increasingly influence procurement decisions and contract eligibility.</div>
</div>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h3 data-start="2608" data-end="2759"><span style="font-size: 16px;">Why FIPS 140-3 Matters More Than Ever</span></h3>
<div>
<p>One of the most important details in the Executive Order is its direct reference to the <strong>Cryptographic Module Validation Program (CMVP)</strong> and <span style="color: #339966;"><a style="color: #339966;" href="https://www.corsec.com/fips-140-3/" target="_blank" rel="noopener"><strong>FIPS 140-3</strong></a></span>, the federal standard governing cryptographic modules. The Order explicitly defines the CMVP by referencing FIPS 140-3, underscoring the central role validated cryptography will play in the federal government&#8217;s PQC migration. For vendors, the challenge is not simply adopting new post-quantum algorithms.</p>
<p>The federal market will increasingly expect cryptographic implementations to be incorporated into validated cryptographic modules and supported by formal assurance programs. Organizations should begin assessing how their cryptographic architectures will evolve as post-quantum algorithms become integrated into future FIPS 140-3 validations.</p>
<p>Many vendors have historically viewed FIPS validation as a program needed only when a procurement requirement explicitly calls for it. The new Executive Order suggests a broader reality: <strong>validated cryptography is becoming foundational to federal quantum readiness.</strong></p>
</div>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h3>The Growing Connection to Common Criteria and NIAP</h3>
<div>
<p>The Executive Order does not directly mandate <span style="color: #ff6600;"><a style="color: #ff6600;" href="https://www.corsec.com/common-criteria/" target="_blank" rel="noopener">Common Criteria certification</a></span>. However, federal agencies face a practical challenge when adopting quantum-resistant technologies: they must be confident that security functions continue to operate as intended after significant architectural changes.</p>
<p>This is where the National Information Assurance Partnership (NIAP) and Common Criteria evaluations become increasingly relevant.</p>
<p>Historically, federal procurement policies have emphasized the use of NIAP-approved products for many cybersecurity categories. Internal federal guidance has long linked the use of Common Criteria-certified products and FIPS-validated cryptography as complementary assurance mechanisms for technology acquisitions.</p>
<p>As vendors redesign security products to incorporate:</p>
<ul>
<li>Quantum-resistant key exchange</li>
<li>New digital signature algorithms</li>
<li>Hybrid cryptographic implementations</li>
<li>Updated trust architectures</li>
</ul>
<p>those changes may impact both cryptographic validation boundaries and evaluated security functionality.</p>
<p>For organizations already maintaining NIAP certifications, quantum migration should be viewed through a compliance lens rather than solely a technical one. Engineering changes introduced to support PQC may have implications for future certification maintenance, evaluation activities, and product roadmaps.</p>
</div>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h3><span style="font-size: 16px;">What About DoD STIGs?</span></h3>
<div>
<p>The Department of Defense will face many of the same quantum migration challenges outlined in the Executive Order. Although <span style="color: #3366ff;"><a style="color: #3366ff;" href="https://www.corsec.com/stig/" target="_blank" rel="noopener">DoD Security Technical Implementation Guides (STIGs)</a></span> are not specifically addressed in the Order, they play an important role in how secure technologies are deployed within defense environments.</p>
<p>Historically, STIG requirements evolve to reflect emerging federal cybersecurity mandates and approved technologies. As NIST, NSA, and other agencies publish guidance for post-quantum implementation, vendors should expect quantum-resilient cryptography to gradually influence secure configuration baselines and deployment expectations across defense environments.</p>
<p>For products deployed within DoD environments, compliance teams should monitor future updates for:</p>
<ul>
<li>Cryptographic configuration requirements</li>
<li>Key management practices</li>
<li>Certificate and PKI guidance</li>
<li>Approved algorithm usage</li>
<li>Secure communications controls</li>
</ul>
<p>Vendors that proactively align product roadmaps with emerging federal quantum guidance will be better positioned when future requirements are incorporated into operational frameworks.</p>
</div>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h3><span style="font-size: 16px;">Compliance Is Becoming a Competitive Advantage</span></h3>
<div>
<p>The most important takeaway from the Executive Order is that quantum readiness is no longer a distant research topic. It is entering the realm of procurement policy, cybersecurity requirements, and compliance strategy.</p>
<p>Federal buyers are not simply looking for products that support post-quantum cryptography; they will increasingly need assurance that those capabilities are implemented securely, validated appropriately, and deployable in regulated environments.</p>
<p>Organizations that begin planning now by developing a post-quantum migration strategy will be better positioned to maintain eligibility for federal opportunities as the government&#8217;s quantum transition accelerates.</p>
</div>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<p data-start="1449" data-end="1741" data-is-last-node="" data-is-only-node=""><span style="color: #339966;"><strong>To help organizations navigate PQC requirements and FiPS 140-3, <a style="color: #339966;" href="https://ww3.corsec.com/get-in-touch" target="_blank" rel="noopener">Corsec is setting calls with product vendors</a> to outline security roadmaps.</strong></span></p>

		</div>
	</div>
</div></div></div></div><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-12"><div class="vc_column-inner"><div class="wpb_wrapper"><div class="vc_separator wpb_content_element vc_separator_align_center vc_sep_width_100 vc_sep_pos_align_center vc_separator_no_text vc_sep_color_grey wpb_content_element  wpb_content_element" ><span class="vc_sep_holder vc_sep_holder_l"><span class="vc_sep_line"></span></span><span class="vc_sep_holder vc_sep_holder_r"><span class="vc_sep_line"></span></span>
</div></div></div></div></div><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-12"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<div class="wpb_text_column wpb_content_element ">
<h5 class="wpb_wrapper"><strong>About Corsec Security, Inc.</strong></h5>
</div>
<div class="wpb_text_column wpb_content_element ">
<div class="wpb_wrapper">
<p>For 28+ years Corsec has guided companies through the IT security certification process for <span style="color: #008000;"><strong><a style="color: #008000;" href="https://www.corsec.com/fips-140-2/" target="_blank" rel="noopener">FIPS 140-2</a> / <a style="color: #008000;" href="https://www.corsec.com/fips-140-3/" target="_blank" rel="noopener">FIPS 140-3</a></strong>,</span> <span style="color: #ff6600;"><a style="color: #ff6600;" href="https://www.corsec.com/common-criteria/" target="_blank" rel="noopener"><strong>Common Criteria</strong></a></span> (CC), <strong><span style="color: #872b2b;"><a style="color: #872b2b;" href="https://www.corsec.com/csfc/" target="_blank" rel="noopener">CSfC</a></span></strong>, and the <span style="color: #0000ff;"><strong>DoD (<a style="color: #0000ff;" href="https://www.corsec.com/stig/" target="_blank" rel="noopener">STIGs</a>, <a style="color: #0000ff;" href="https://www.corsec.com/dodin-apl/" target="_blank" rel="noopener">DoDIN APL, UC APL</a>)</strong></span>. From mobile devices to satellites, Corsec helps companies reduce validation risk, shorten timelines, and expand into regulated markets.</p>
</div>
</div>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<div class="wpb_text_column wpb_content_element ">
<div class="wpb_text_column wpb_content_element "></div>
<div class="wpb_text_column wpb_content_element ">
<div class="wpb_wrapper">
<p style="text-align: center;">###</p>
</div>
</div>
</div>

		</div>
	</div>
</div></div></div></div><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-6"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h5 class="wpb_wrapper" style="text-align: left;"><strong style="color: #000000;"><a style="color: #000000;" href="https://www.corsec.com/company/contact-us/">Connect With Us:</a></strong></h5>
<p>Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – <a href="https://ww3.corsec.com/subscribe" target="_blank" rel="noopener"><span style="color: #0000ff;">Subscribe</span></a></p>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h5 class="wpb_wrapper" style="text-align: left;"><a href="https://ww3.corsec.com/linkedin"><img decoding="async" class="alignnone" src="https://www.corsec.com/wp-content/uploads/LinkedIn.png" sizes="(max-width: 40px) 100vw, 40px" srcset="https://www.corsec.com/wp-content/uploads/LinkedIn.png 128w, https://www.corsec.com/wp-content/uploads/LinkedIn-150x150.png 150w" alt="LinkedIn" width="35" height="35" /></a>     <a href="https://ww3.corsec.com/twitter"><img decoding="async" class="alignnone" title="https://ww3.corsec.com/twitter" src="https://www.corsec.com/wp-content/uploads/Twitter.png" sizes="(max-width: 40px) 100vw, 40px" srcset="https://www.corsec.com/wp-content/uploads/Twitter.png 128w, https://www.corsec.com/wp-content/uploads/Twitter-150x150.png 150w" alt="Twitter" width="35" height="35" /></a>    <a href="https://ww3.corsec.com/facebook"><img decoding="async" class="alignnone" src="https://www.corsec.com/wp-content/uploads/Facebook.png" sizes="(max-width: 40px) 100vw, 40px" srcset="https://www.corsec.com/wp-content/uploads/Facebook.png 128w, https://www.corsec.com/wp-content/uploads/Facebook-150x150.png 150w" alt="Facebook" width="35" height="35" /></a></h5>

		</div>
	</div>
</div></div></div><div class="wpb_column vc_column_container vc_col-sm-6"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<div class="wpb_text_column wpb_content_element ">
<div class="wpb_text_column wpb_content_element ">
<h5 class="wpb_wrapper" style="text-align: left;"><strong style="color: #000000;"><a style="color: #000000;" href="https://www.corsec.com/company/contact-us/">Press Contact:</a></strong></h5>
<p><span style="color: #3366ff;"><a style="color: #3366ff;" href="https://www.linkedin.com/in/jake-r-nelson/" target="_blank" rel="noopener">Jake Nelson</a></span><br />
Corsec Head of Marketing &amp; BD<br />
jnelson@corsec.com</p>
</div>
</div>

		</div>
	</div>
</div></div></div></div>
</div><p>The post <a href="https://www.corsec.com/eo-pqc/">Post Quantum Compliance: A New White House PQC Order Impacts Federal Product Vendors</a> appeared first on <a href="https://www.corsec.com">Corsec Security, Inc.®</a>.</p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
