The Office of Management and Budget is giving them 12 months to implement the critical software protections outlined by the National Institute of Standards and Technology in July.
