In brief: President Biden this week met with private sector and educational leaders to discuss opportunities to bolster the nation’s cybersecurity following a string of nasty cyberattacks including the Colonial Pipeline ransomware attack and the SolarWinds hack. With any luck, renewed efforts will also help to fill the nearly 500,000 open public and private cybersecurity jobs.
As rumored, representatives for some of the nation’s top tech companies were in attendance, and it sounds as if it was a relatively productive meeting.
The National Institute of Standards and Technology (NIST) will work with industry partners including Google, Microsoft, IBM, Travelers and Coalition to create a new framework that improves the security and integrity of the technology supply chain. Hopefully, their work will serve as a guideline to public and private entities on how to assess and build secure technology.
Google plans to invest $10 billion over the next half decade to enhance open-source security, expand zero-trust programs and help secure the software supply chain. The search giant will additionally help 100,000 Americans earn technical certificates that can lead to high-quality, high-growth jobs.
Microsoft said it will invest $20 billion over the next five years to accelerate efforts to “integrate cyber security by design” and deliver advanced security solutions to customers. The Redmond-based tech giant will also immediately make available $150 million in technical services to help local, state and federal governments upgrade their security measures, in addition to expanding partnerships with non-profits and community colleges for cybersecurity training.
Amazon, meanwhile, vowed to make the security awareness training used by its employees available to the public for free. Furthermore, the e-commerce titan will supply Amazon Web Services account holders a multi-factor authentication device free of charge.
IBM plans to train 150,000 people in the field of cybersecurity over the next three years. Furthermore, the tech company will partner with more than 20 historically black colleges and universities to establish cybersecurity leadership centers in hopes of growing a more diverse workforce.
Apple said it will create a new program designed to seed continuous security improvements throughout the tech supply chain. The company’s plan includes pushing for mass adoption of multi-factor authentication and bolstering areas like vulnerability remediation, incident response, event logging and security training.
Resilience, Coalition, Code.org, Girls Who Code and the University of Texas System also made pledges to the industry, but for the sake of brevity, we’ll leave those details over in the White House press release for anyone that wants to learn more about them.
The Biden Administration also formally expanded the Industrial Control Systems Cybersecurity Initiative to include natural gas pipelines. According to the White House, this initiative has already succeeded in improving the cybersecurity of more than 150 electric utilities across the country that collectively serve some 90 million Americans.