Apple, Amazon, Google, IBM and Microsoft top executives were among the business leaders who met with the Biden administration at the White House on Wednesday to pledge billions on cybersecurity, and discuss how the government and private sector can work together to improve the nation's cybersecurity. The meeting was announced in July.
Technology leaders in attendance included Amazon CEO Andy Jassy, Apple CEO Tim Cook, Microsoft CEO Satya Nadella, and ADP CEO Carlos Rodriguez.
Nadella tweeted: "Thank you @POTUS for convening a critical conversation on cybersecurity. Microsoft will invest $20 billion to advance our security solutions over the next 5 years, $150 million to help US government agencies upgrade protections, and expand our cybersecurity training partnerships."
Investment banker Jaspreet Singh Padda tweeted: “There is no permanent solution to cybersecurity & we all know it. Time and money should be invested on stopping the adversaries.”
I view the illusion of safety and security. The Biden White House, in
release, detailed how the National Institute of Standards and Technology (NIST) will collaborate with industry and other partners to develop a new framework to improve the security and integrity
of the technology supply chain.
The guidelines, per the White House, will serve public and private companies by providing guidance on how to build secure technology and assess the security of technology, including open-source software.
NIST, founded in 1901, is a non-regulatory federal agency in the U.S. Department of Commerce aimed at promoting U.S. innovation and industrial competitiveness.
Ransomware and cyberattacks have occurred for years. The latest campaign comes in a long series of cyber strategies offered by presidents and lawmakers from both parties spanning decades to curb hackers. Security experts have offered concrete recommendations for governments, companies and other organizations to follow, but they have often been ignored.
Recent victims in government include the Department of Homeland Security, the Illinois Attorney General’s Office, even the Washington, D.C., police department. In the private sector, hackers infiltrated big tech companies like Microsoft Corp., the cyber-security firm FireEye Inc., San Diego-based Scripps Health and even the Houston Rockets of the National Basketball Association, according to one report.
The General Accountability Office ran a series titled Federal Government Needs to Urgently Pursue Critical Actions to Address Major Cybersecurity Challenges in March 2021.
The latest meeting follows several high-profile ransomware attacks and cyberattacks that occurred this year and last year in the U.S. Several federal agencies fell victim to the SolarWinds hack that was uncovered late last year. This year, ransomware attacks shut down a gas pipeline and a major meat producer, fueling concerns that other critical infrastructure is at risk.
According to statistics on cyberattacks in 2020, six in every 10 attacks intended to extort money from companies and individuals. The most notable breach was Garmin, which cost the company a whopping $10 million. CTW Global also lost $4.5 million.
This week’s White House meeting -- part of a broader Biden administration effort to prioritize cyberattacks as a national security and economic threat -- was not the first.
Cybersecurity efforts have been ongoing for years. President Trump issued Executive Order 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure on May 11, 2017, that has since been removed, to improve the nation’s cyber capabilities cybersecurity threats mounted.
EO 13800 focuses Federal efforts on modernizing federal information technology infrastructure, working with state and local governments and private-sector partners to more fully secure critical infrastructure, and collaborating with foreign allies.
Google CEO Sundar Pichai at the meeting said the search giant will invest more than $10 billion during the next five years in cybersecurity, which includes education for up to 100,000 U.S. residents looking to earn digital skill certificates that can provide higher-paying jobs. This is all part of helping to secure the supply chain and strengthen open-source security.
It is wonderful that these companies are willing to step up to try and stop cyberattacks, but it seems a bit odd that The Wall Street Journalannounced this initiative on August 5, and The White House waited to announce it until August 25 in the midst of a crisis in Afghanistan.