It’s about Time:  Biden asks CEOs for help on cybersecurity – “the federal government can’t meet this challenge alone”

Alphabet CEO Sundar Pichai at Wednesday’s Meeting with President Biden

Dear Commons Community,

President Joe Biden had a meeting with the CEOs of some of the world’s biggest tech, energy, and financial services companies on Wednesday to ask their help in dealing with the  nation’s cybersecurity issues.

CEO’s from the biggest technology companies, like newly minted Amazon CEO Andy Jassy, Apple CEO Tim Cook, Alphabet (Google) CEO Sundar Pichai, and Microsoft CEO Satya Nadella were all on the guest list.

Additionally, players from the financial sector like Bank of America CEO Brian Moynihan and JPMorgan Chase CEO Jamie Dimon joined the event, as well as CEOs and leaders in energy — such as energy firm Southern Company CEO Thomas Fanning — insurance, and education.

Speaking to those CEOs, Biden noted some of the administration’s efforts to combat cyberattacks, including bringing together 30 nations to work together to combat ransomware.  As reported by the Reuters and the Associated Press.

“But the reality is, most of our critical infrastructure owned and operated — is owned and operated by the private sector, and the federal government can’t meet this challenge alone,” Biden said. “So I’ve invited you all here today because you have the power, the capacity, and the responsibility, I believe, to raise the bar on cybersecurity.”

Cybersecurity has become a growing concern within the government following the massive hack of government systems, including the Department of Defense, by Russian hackers in December 2020. A ransomware attack on Colonial Pipeline in April, and the revelation in July that China-based hackers attacked 23 U.S. pipeline companies from 2011 through 2013, only added to calls for improved cybersecurity at the national level.

Following the meeting the White House announced that the National Institute of Standards and Technology (NIST) will work with industry partners to create a new framework to improve the security and integrity of the technology supply chain. The Biden administration also announced the expansion of the Industrial Control Systems Cybersecurity Initiative to natural gas pipelines.

The meeting also saw major announcements from the biggest tech firms on hand. Microsoft, for instance, announced it will spend $20 billion over the next 5 years to boost the company’s cybersecurity capabilities. It also will provide $150 million in services to federal, state, and local governments to improve their cyber defenses.

Amazon, meanwhile, announced that it will make the cybersecurity training materials it has developed to keep its employees and sensitive information safe from cyberattacks available to the public. The company will provide qualified AWS customers with a free multi-factor authentication device to help protect them from cyberattacks.

Google said it will invest $10 billion over the next five years to expand its zero-trust programs to help secure the software supply chain and enhance open-source security.

Apple, for its part, said it will create a new program to build out security improvements for the technology supply chain by working with its suppliers to ensure they use multi-factor authentication, have security training, and understand vulnerability remediation, event logging, and incident response.

U.S. Bancorp CEO Andy Cecere, who was also in attendance, thanked Biden for holding the meeting.

“We’re committed to working with the White House, Congress and private sector partners to put the results of today’s productive discussions into action,” he said in the statement.

The gathering also comes as the Biden administration reportedly pursues investigations of Apple, Google, and Amazon for potential antitrust violations and after repeated criticisms of Big Tech’s role in the spread of disinformation from the president and his team.

In May, the Colonial Pipeline hack cut off nearly 50% of the fuel capacity for the East Coast, causing shortages in some states as drivers bought up as much gasoline as possible. Following that incident, the president emphasized the need for “greater private-sector investment in cybersecurity.”

Biden was all set to ask the assembled CEOs for that type of investment on Wednesday. But the meeting came as he and his administration have developed a complicated relationship on many fronts with the tech giants.

On the one hand, the president and his aides have often taken their companies to task for how they operate in their respective industries. In July, Biden said “they’re killing people” when he was asked about his message for platforms like Facebook when it comes to vaccine misinformation. The president later walked back the remarks somewhat but has maintained an aggressive posture towards the industry.

Biden has also staffed his administration with a mix of prominent critics of Big Tech — like the selection of prominent Amazon critic Lina Khan to head the Federal Trade Commission — that seemed to signal his team would take a tough stance towards tech giants like Facebook, Google, Amazon, and Apple.

On the other hand, Biden has also populated his administration with some veterans of the technology industry as the Wall Street Journal reported in May. And just Monday, The New York Times reported that Apple and Google were urging trade officials in Washington to fight a South Korean bill that could hurt their app store businesses.

Despite its mixed past with Big Tech, the Biden administration might need tech giants to help shore up the nation against cyberattacks.

High-profile attacks like those on Colonial Pipeline garner international headlines. But apart from those high-profile cases, states and local municipalities have also been inundated by cyberattacks that impact everything from their records to 9-1-1 systems.

What’s more, the attacks can cost hundreds of thousands of dollars in lost time, labor, and new equipment to remediate, money that many localities don’t have. Such hacks often stem from outdated software, user error, or poorly configured security systems.

In May, Biden acknowledged that he can’t force private companies to take measures to prevent attacks. But, he added, “It’s becoming clear to everyone that we have to do more than is being done now.”

The Biden administration has proposed nearly $1 billion in grants within the $1 trillion infrastructure bill for cybersecurity improvements for state, local, and tribal governments.

The federal government has also moved forward with new cybersecurity rules for pipeline operators, requiring them to report any cyberattacks on their systems to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, and implementmeans to protect against future cyberattacks.

It is about time that the federal government recognized the resources of private companies especially big tech in addressing cybersecurity issues.  They control the infrastructure and more importantly they have the technological expertise to do so.

Tony

Comments are closed.