<p>For years, federal cybersecurity policy has primarily focused on protecting government systems and critical infrastructure. Executive Order 14390: “Combating Cybercrime, Fraud, and Predatory Schemes Against American Citizens” signals a broader shift in emphasis. Signed on March 6, 2026, the order reframes cybercrime not only as a national security threat, but also as an economic and societal threat that directly affects citizens, businesses and the digital ecosystem on which they depend.</p>
<p>The executive order lands amid escalating <a href=”https://www.techtarget.com/searchsecurity/tip/How-to-prevent-and-protect-against-ransomware”>ransomware campaigns</a>, AI-enabled fraud schemes, large-scale <a href=”https://www.techtarget.com/searchsecurity/feature/How-to-avoid-phishing-hooks-A-checklist-for-your-end-users”>phishing operations</a> and financially motivated attacks linked to <a href=”https://www.techtarget.com/searchsecurity/feature/What-executives-must-know-about-nation-state-threat-actors”>transnational criminal organizations</a>. Unlike earlier cybersecurity directives that focused heavily on federal modernization, critical infrastructure protection and software supply chain security, EO 14390 emphasizes operational disruption of cybercriminal networks, victim restitution and expanded coordination between government agencies and the private sector.</p>
<p>For enterprise security leaders, the order does not immediately impose a new regulatory framework. However, it signals the direction of federal cyber policy, with greater emphasis on private-sector accountability, expanded information sharing, increased scrutiny of enterprise cyber practices and stronger expectations for cooperation with government-led cyberdefense initiatives.</p>
<p>Skadden, Arps, Slate, Meagher & Flom LLP, <a target=”_blank” href=”https://www.skadden.com/insights/publications/2026/03/white-house-announces-cybercrime-executive-order” rel=”noopener”>in its legal analysis of EO 14390</a>, said that it “is further indication that the Trump administration intends to broaden the role of the private sector in the government’s offense-oriented approach to cyberthreats.”</p>
<p>In practical terms, the order raises an important question for businesses. Is cybersecurity still just an IT risk, or is it becoming a broader legal, operational and governance obligation tied directly to national resilience?</p>
<section class=”section main-article-chapter” data-menu-title=”A sign of the times”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>A sign of the times</h2>
<p>The order was issued as the federal government confronted a sharp rise in cyber-enabled fraud and online criminal groups targeting Americans. The administration specifically identified ransomware, <a href=”https://www.techtarget.com/searchsecurity/tip/10-common-types-of-malware-attacks-and-how-to-prevent-them”>malware</a>, phishing, impersonation scams, sextortion schemes and financial fraud as major threats increasingly tied to foreign-based criminal networks.</p>
<p>EO 14390 directs multiple federal agencies — including the Departments of Homeland Security, Treasury, Justice, State and Defense — to review existing operational and regulatory frameworks within 60 days and produce a coordinated action plan within 120 days to identify, disrupt and dismantle cybercriminal organizations. The order also calls for expanded threat intelligence sharing, enhanced cooperation with state and local governments, increased law enforcement coordination, the development of a victim restoration program using seized criminal assets and international diplomatic pressure against nations that tolerate cybercrime operations.</p>
<p>What distinguishes EO 14390 from previous federal cyber directives is its operational focus on cyber-enabled financial crime and fraud ecosystems rather than purely defensive cybersecurity modernization. This matters for enterprises because the federal government increasingly views private-sector organizations not merely as victims of cybercrime, but as active participants in national cyberdefense.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”Increased public-private collaboration”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Increased public-private collaboration</h2>
<p>One of the most immediate implications for enterprises is deeper collaboration with federal agencies. The order directs agencies to strengthen coordination through an operational cell, intelligence-sharing initiatives and resilience-building programs. For CISOs, this could translate into expanded expectations around sharing indicators of compromise, participating in sector-specific informati
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: