White House Issues Memo to Bolster NSS Cybersecurity
Security WeekArchived Jun 16, 2026✓ Full text saved
NSPM-12 establishes a clear structure for NSS cybersecurity governance and accountability and reestablishes CNSS. The post White House Issues Memo to Bolster NSS Cybersecurity appeared first on SecurityWeek .
Full text archived locally
✦ AI Summary· Claude Sonnet
President Trump on Friday signed National Security Presidential Memorandum-12 (NSPM-12) to bolster the cybersecurity of National Security Systems (NSS).
NSS includes the most sensitive computer systems in the US, used for the processing of classified information and for military and intelligence mission support.
The new memorandum establishes a clear structure for NSS governance and NSS cybersecurity requirements accountability, to ensure that NSS owned or operated by civilian agencies receive the same level of protection as those of the government.
“It shall be the policy of the United States Government to foster a proactive, adaptive, and resilient cybersecurity ecosystem for all NSS to better safeguard the Nation against persistent cyber threats from sophisticated adversaries,” NSPM-12 reads.
The memo also reestablishes the Committee on National Security Systems (CNSS), modernizing it to set baseline cybersecurity requirements across all NSS.
Per NSPM-12, CNSS will oversee NSS cybersecurity across the government, will issue emergency directives, provide authoritative minimum requirements, and promote coordination and information sharing to provide collaboration, standardization, and resource management.
“The CNSS will leverage the combined authorities and resources of the Federal Chief Information Officer, the Chief Information Officers of the DOW and IC, and the Director of the National Security Agency (NSA) to ensure that there are no gaps or weak links in NSS defenses,” the White House’s NSPM-12 fact sheet reads.
Per the memorandum, the director of the NSA will serve as the National Manager for NSS to bolster NSS security, and a Policy Coordination Committee (PCC) will work with the CNSS on an NSS cybersecurity posture assessment.
The National Manager will provide technical advice to the CNSS, recommendations on incident response, and may issue emergency directives to protect the NSS in response to “intelligence of adversary capability and intent to target NSS,” the memo reads.
Per NSPM-12, within the next three months, CNSS shall revise specific directives, issue a roadmap and policy priority areas, decide which existing policies must be maintained and incorporated into directives, and “review all existing CNSS policies, directives, and instructions to determine which should be rescinded or harmonized”.
Agencies are required to maintain an inventory of NSS they own or operate, update it annually, and make it available to the National Manager.
Related: CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk
Related: US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems
Related: White House Scraps ‘Burdensome’ Software Security Rules
Related: CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over
WRITTEN BY
Ionut Arghire
Ionut Arghire is an international correspondent for SecurityWeek.
More from Ionut Arghire
Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges
ShinyHunters Claims Council of Europe Hack
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks
Iranian Cyber Group Handala Claims Cal Water Hack
Ivanti Sentry Exploitation Attempts Hitting Honeypots
Chrome 149 Update Patches 28 Vulnerabilities
CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk
Latest News
Cal Water Investigating Iranian Hackers’ Claims
Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages
Cybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI Models
Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure
Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks
Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer
Chinese Hackers Target Medical, Military, and AI Research in North America
NewCore Emerges From Stealth Mode With $66 Million in Funding
Trending
Webinar: How Modern Breaches Bypass MFA And Evade Detection
June 17, 2026
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
Register
Webinar: Modern Exposure Validation In The AI Era
June 24, 2026
AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
Register
People on the Move
Stephen Garcia has been named Chief Information Security Officer at BreachRx.
Kasper Lindgaard has been appointed Vice President of Security Strategy at CoreView.
Chaim Mazal has been named Chief Information Security Officer at GitLab.
More People On The Move
Expert Insights
After AI Reaches Production: 12 Ways Security Teams Can Take Control
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb)
Everybody Is Vibe Coding But Nobody Told The Security Team
AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au)
The Zero-Knowledge Threat Actor And The End Of Responsible Disclosure
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor)
Raising The Cybersecurity Stakes: Ante Up For The Agentic Era
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. (Nadir Izrael)
Caught Off Guard: Securing AI After It Hits Production
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb)
Flipboard
Reddit
Whatsapp
Email