leeroy-jankins/Executive-Order-14144

--- language: - en license: other pretty_name: Executive Order 14144 Cybersecurity Question Answering Dataset size_categories: - n<1K task_categories: - question-answering tags: - cybersecurity - executive-order - executive-order-14144 - federal-cybersecurity - cyber-policy - software-supply-chain - secure-software-development - cisa - nist - omb - fedramp - federal-acquisition - post-quantum-cryptography - digital-identity - artificial-intelligence - cyber-defense - zero-trust - cyber-trust-mark - national-security-systems - question-answering - instruction-tuning - synthetic --- <img src="assets/Executive Order 14144.png" alt="Preview" width="1000"/> # Executive Order 14144 Cybersecurity Question Answering Dataset  ## Dataset Summary The **Executive Order 14144 Cybersecurity Question Answering Dataset** is a synthetic instruction-style question-answering dataset derived from **Executive Order 14144 of January 16, 2025, Strengthening and Promoting Innovation in the Nation’s Cybersecurity**. The dataset is designed to support training, fine-tuning, retrieval evaluation, and domain-specific question-answering use cases related to Federal cybersecurity policy, software supply chain security, secure Federal communications, digital identity, artificial intelligence for cyber defense, post-quantum cryptography, Federal acquisition requirements, cloud security, space system cybersecurity, and malicious cyber-enabled activities. The source document builds on prior Federal cybersecurity modernization efforts and directs additional actions to improve national cybersecurity by defending digital infrastructure, securing critical digital services and capabilities, strengthening Federal identity and communications systems, improving software and cloud provider accountability, and promoting emerging technologies for cybersecurity. ## Source Document - **Title:** Executive Order 14144 — Strengthening and Promoting Innovation in the Nation’s Cybersecurity - **Document Type:** Presidential Document / Executive Order - **Executive Order Number:** 14144 - **Date Issued:** January 16, 2025 - **Federal Register Publication Date:** January 17, 2025 - **Federal Register Citation:** 90 FR 6755 - **Federal Register Document Number:** 2025-01470 - **Primary Subject Area:** Federal cybersecurity policy and national cybersecurity modernization ## Dataset Structure Each record follows a conversational question-answer schema: | Field | Type | Description | |---|---|---| | `ID` | integer | Unique numeric record identifier. | | `Users` | string | Speaker label for the user prompt. | | `Questions` | string | User question derived from Executive Order 14144. | | `Assistants` | string | Speaker label for the assistant response. | | `Answers` | string | Assistant answer grounded in the source document. | ## Example Record | ID | Users | Questions | Assistants | Answers | |---:|---|---|---|---| | 1 | User | What is Executive Order 14144 about? | Assistant | Executive Order 14144 strengthens and promotes innovation in the Nation’s cybersecurity by directing actions on software supply chain security, Federal systems, secure communications, digital identity, artificial intelligence, policy modernization, and malicious cyber-enabled activities. | ## Dataset Creation ### Source Selection The dataset was created from Executive Order 14144, including coverage of: - National cybersecurity policy - Third-party software supply chain transparency - Secure software development attestations - CISA’s Repository for Software Attestation and Artifacts - Machine-readable attestations and artifacts - Federal Acquisition Regulation update actions - NIST Secure Software Development Framework updates - NIST Special Publication 800-53 patch and update guidance - NIST Special Publication 800-161 cybersecurity supply chain risk management - Open source software security and patching - Federal system cybersecurity modernization - Phishing-resistant authentication and WebAuthn - Endpoint detection and response data access - CISA Federal Civilian Executive Branch threat hunting - FedRAMP cloud security baselines - Civil space system cybersecurity - Federal communications security - Border Gateway Protocol security - Route Origin Authorizations - Encrypted Domain Name System support - Email transport encryption - Voice, video, and instant messaging encryption - Post-quantum cryptography transition planning - Cloud cryptographic key and access token management - Digital identity documents - Yes/No attribute validation services - Public benefits fraud prevention - Artificial intelligence for cyber defense - AI-enabled critical infrastructure cyber defense - Large-scale labeled cyber defense datasets - Security of AI-generated code - AI software vulnerability management - Rules-as-code for cybersecurity policy - Minimum cybersecurity practices - United States Cyber Trust Mark requirements - National Security Systems and debilitating impact systems - Space National Security Systems cybersecurity - Significant malicious cyber-enabled activities - Cyber sanctions authority updates - Definitions used in the order ### Generation Method Questions and answers were generated synthetically from the source document. The dataset was structured in a simple conversational format suitable for instruction tuning, retrieval-augmented generation evaluation, cybersecurity education, policy analysis, and Federal cybersecurity training. The generated records summarize and reformulate the source material rather than copying extended passages verbatim. ### Dataset Size The current dataset contains **100 records**. ## Intended Uses This dataset is intended for: - Fine-tuning small language models on Federal cybersecurity policy concepts - Building retrieval-augmented generation evaluation datasets - Testing question-answering systems for Federal cybersecurity and cyber policy domains - Training assistants to answer foundational questions about Executive Order 14144 - Creating educational tools for cybersecurity governance and policy training - Supporting internal organizational learning about Federal cyber modernization - Supporting policy analysis involving cybersecurity, acquisition, identity, cloud security, artificial intelligence, and cryptographic modernization - Building synthetic benchmark records for cyber policy retrieval tasks ## Out-of-Scope Uses This dataset should not be used as: - A substitute for the official Executive Order - Legal, regulatory, compliance, procurement, cybersecurity, sanctions, or audit advice - A complete implementation guide for Federal cybersecurity requirements - A certification basis for cybersecurity programs, systems, services, or vendors - A source for determining whether an agency, contractor, cloud provider, software provider, or information system is compliant - A replacement for expert review by legal, acquisition, cybersecurity, privacy, cloud security, identity, sanctions, or enterprise risk professionals - A complete authority for interpreting obligations under Federal law, OMB guidance, CISA directives, NIST publications, FedRAMP requirements, or the Federal Acquisition Regulation ## Limitations This dataset is synthetic and educational. Although it is based on Executive Order 14144, the answers are summarized and reformulated. Known limitations include: - The dataset does not reproduce the full Executive Order. - The dataset may simplify nuanced legal, acquisition, cybersecurity, privacy, sanctions, or implementation requirements. - The dataset does not include formal citations at the record level. - The dataset does not provide legal, regulatory, procurement, sanctions, audit, or compliance determinations. - The dataset should be reviewed before use in high-stakes government, acquisition, cybersecurity, or legal settings. - The dataset may not reflect later amendments, implementation guidance, Federal Acquisition Regulation updates, OMB memoranda, CISA directives, NIST publications, FedRAMP updates, or agency-specific policy. - The dataset does not determine whether specific organizations, products, systems, or vendors satisfy Executive Order requirements. ## Bias, Risk, and Responsible Use The source document addresses national cybersecurity threats, Federal system security, software supply chain accountability, artificial intelligence for cyber defense, digital identity, fraud prevention, cryptographic modernization, and malicious cyber-enabled activity. This dataset reformulates those concepts for educational and model-training purposes. Users should evaluate the dataset for: - Accuracy against the official Executive Order - Completeness for the intended use case - Suitability for the target model or retrieval system - Potential overgeneralization - Missing implementation context - Later amendments or superseding guidance - Applicability to specific Federal agencies, contractors, systems, products, or vendors - Alignment with organizational legal, acquisition, cybersecurity, sanctions, privacy, and enterprise risk review processes For operational, legal, procurement, sanctions, or cybersecurity use, users should consult the official Executive Order, subsequent Federal implementation guidance, and qualified subject-matter experts. ## Security Considerations This dataset discusses cybersecurity modernization, threat hunting, identity security, cryptographic transition planning, supply chain risk management, software attestations, artificial intelligence for cyber defense, cloud security, and malicious cyber-enabled activity. It should be used for defensive education, policy analysis, governance training, retrieval evaluation, and responsible cybersecurity knowledge development. Model outputs trained or evaluated with this dataset should not be used as direct operational security, procurement, sanctions, or legal guidance without expert review. ## Licensing This dataset is derived from a United States Federal Government publication. The metadata field is set to `license: other` as a conservative placeholder. Before publishing or redistributing the dataset, verify the appropriate license or public-domain metadata expected by the target hosting platform. ## Attribution This dataset is derived from: Executive Order 14144 of January 16, 2025. Strengthening and Promoting Innovation in the Nation’s Cybersecurity. Federal Register, Vol. 90, No. 11, January 17, 2025, Presidential Documents, pages 6755-6771. ## Citation If you use this dataset, cite the source document: Executive Order 14144 of January 16, 2025. Strengthening and Promoting Innovation in the Nation’s Cybersecurity. Federal Register, Vol. 90, No. 11, January 17, 2025, Presidential Documents, 90 FR 6755. ## Recommended Citation for This Dataset Executive Order 14144 Cybersecurity Question Answering Dataset. Synthetic question-answering dataset derived from Executive Order 14144, Strengthening and Promoting Innovation in the Nation’s Cybersecurity. ## Maintenance This dataset should be reviewed and updated when: - Executive Order 14144 is amended, superseded, or revoked - OMB issues implementation guidance under Executive Order 14144 - CISA issues related directives, guidance, technical controls, or reporting requirements - NIST updates referenced cybersecurity publications or implementation guidance - The FAR Council issues relevant proposed, interim, or final acquisition rules - FedRAMP updates requirements related to cloud baselines or cryptographic key management - Federal guidance on post-quantum cryptography changes - Federal policy on digital identity documents or attribute validation changes - Federal policy on AI vulnerability management or AI cyber defense changes - Federal sanctions policy for malicious cyber-enabled activity changes - The dataset is expanded with additional records or record-level citations ## Version - **Dataset Version:** 1.0 - **Source Document:** Executive Order 14144 - **Initial Record Count:** 100