Cybersecurity continues to take center stage on Capitol Hill as several high-profile private companies announced initiatives to help strengthen the nation’s cybersecurity, including a $30 billion investment from Google and Microsoft.
Business leaders, including Apple CEO Tim Cook, IBM CEO Arvind Krishna and Google CEO Sundar Pichai, met with the Biden Administration in an effort to discuss how the private sector and government can work together in an effort to advance the nation’s cybersecurity. Representatives from Amazon, Microsoft, ADP, JP Morgan, Bank of America, TIIA Bank and U.S. Bancorp were also in attendance. The summit reportedly focused on maturing existing cybersecurity efforts, protecting critical infrastructure and the cybersecurity workforce itself.
"Most of our critical infrastructure is owned and operated by the private sector, and the federal government can't meet this challenge alone," President Biden told participants at the summit. "I've invited you all here today because you have the power, the capacity and the responsibility, I believe, to raise the bar on cybersecurity."
Following the event, the White House released a press release sharing some of the outcomes and commitments from the private sector, including:
Apple announced it will establish a new program to drive continuous security improvements throughout the technology supply chain. As part of that program, Apple will work with its suppliers—including more than 9,000 in the United States—to drive the mass adoption of multi-factor authentication, security training, vulnerability remediation, event logging and incident response.
Google announced it will invest $10 billion over the next five years to expand zero-trust programs, help secure the software supply chain and enhance open-source security. Google also announced it will help 100,000 Americans earn industry-recognized digital skills certificates that provide the knowledge that can lead to secure high-paying, high-growth jobs.
Microsoft announced it will invest $20 billion over the next five years to accelerate efforts to integrate cybersecurity by design and deliver advanced security solutions. Microsoft also announced it will immediately make available $150 million in technical services to help federal, state and local governments with upgrading security protection, and will expand partnerships with community colleges and non-profits for cybersecurity training.
IBM announced it will train 150,000 people in cybersecurity skills over the next three years, and will partner with more than 20 historically black colleges and universities to establish cybersecurity leadership centers to grow a more diverse cyber workforce.
Amazon announced it will make available to the public at no charge the security awareness training it offers its employees. Amazon also announced it will make available to all Amazon Web Services account holders at no additional cost a multi-factor authentication device to protect against cybersecurity threats like phishing and password theft.
Girls Who Code announced it will establish a micro credentialing program for historically excluded groups in technology. The program will make scholarships and early career opportunities more accessible to underrepresented groups.
The Biden Administration also committed to several new initiatives, including:
The National Institute of Standards and Technology (NIST) will collaborate with industry and other partners to develop a new framework to improve the security and integrity of the technology supply chain. The approach will serve as a guideline to public and private entities on how to build secure technology and assess the security of technology, including open source software. Microsoft, Google, IBM, Travelers and Coalition committed to participating in this NIST-led initiative.
The formal expansion of the Industrial Control Systems Cybersecurity Initiative to a second major sector: natural gas pipelines. The Initiative has already improved the cybersecurity of more than 150 electric utilities that serve 90 million Americans.
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.