Tech giants pledge billions for cyber security after Presidential meeting

Tech giants pledge billions for cyber security after Presidential meeting

Image:
Tech giants pledge billions for cyber security after Presidential meeting

Biden wants the industry to "raise the bar on cybersecurity"

President Joe Biden met with the heads of tech firms including Apple, Google and Microsoft at the White House on Wednesday, to discuss how the public and private sectors can work together to improve the USA's critical infrastructure and supply chain cyber security.

The President appealed to business leaders to "raise the bar on cybersecurity," and take further steps to tackle the growing threat of cyber attacks to the US economy.

"Most of our critical infrastructure is owned and operated by the private sector, and the federal government can't meet this challenge alone," he said.

"I've invited you all here today because you have the power, the capacity and the responsibility, I believe, to raise the bar on cybersecurity."

The US government is launching new initiatives to strengthen the security of supply chain and critical infrastructure.

In one case, the National Institute of Standards and Technology (NIST) will work together with the tech industry and other partners to develop guidelines for building secure technology, and to assess the security of existing technology, including open source software.

The government is also planning to formally expand its Industrial Control Systems Cyber Security Initiative to include natural gas pipelines.

Tech leaders addressed a wide range of pressing cyber security issues in the meeting with the President.

Microsoft CEO Satya Nadella discussed steps the tech industry could take to counter security threats, while JPMorgan Chase chief executive Jamie Dimon spoke about issues affecting financial services.

Microsoft said it would invest $20 billion over the next 5 years to speed up efforts to integrate security by design in software products and to deliver advanced security solutions.

The company will also immediately make $150 million available in technical services, to help federal and state governments upgrade their security protection.

Google said it would invest more than $10 billion over five years to bolster cyber security. The company also committed to train 100,000 Americans in fields such as data analytics and IT support. It will also provide training to over 10 million Americans in digital skills, ranging from basic to advanced, in the next two years.

IBM promised to train 150,000 people in cyber security skills, and to work with historically Black universities and colleges to establish educational centres focused on cyber security.

Amazon said it would make the cyber security awareness training it has developed for its own employees available to the public at no charge. The company will also offer a free multi-factor authentication device to all AWS account holders, to protect against cyber threats like phishing and password theft.

These latest efforts from the government and the tech industry follow a series of ransomware attacks on American entities in recent months.

In May, US fuel distributor Colonial Pipeline suffered a massive ransomware attack that crippled fuel delivery in southeastern US states.

Florida-based IT firm Kaseya and Brazil-based meat-packer JBS have also been hit with similar attacks in the past three months.

Taking note of these high-profile attacks, President Biden signed a national security memorandum in July, aimed at strengthening cybersecurity for the country's critical infrastructure like power and water suppliers, public health organisations and transport systems.

President Biden also discussed the issue of cyber security with Russian President Vladimir Putin, during a summit in Geneva in June.

Biden told his Russian counterpart that critical infrastructure should be off-limits to cyber attacks, and that Russia must act against ransomware groups operating within its territory.

Biden warned Putin that the US has "significant cyber capability," which could be used in offensive cyber operations in the future unless Russia clamps down on hackers targeting US entities.

The warning seems to have had an effect, as shortly afterwards the well-known REvil group vanished from the internet, suspected to be down to Russian and/or American law enforcement operations.