President Joe Biden met with executives from some of the country’s leading technology companies and financial institutions at the White House on Wednesday, as part of his ongoing effort to tighten U.S. cyber defenses and help protect the private sector against a string of increasingly sophisticated online attacks.
The meeting came amid a relentless stretch of ransomware attacks and supply-chain attacks that have targeted major companies and other areas of U.S. critical infrastructure. In some cases, the attackers extorted multimillion-dollar payouts from major corporations, as well as other illicit cyber operations that U.S. authorities have linked to foreign hackers.
In brief remarks ahead of the Wednesday meeting, Biden characterized cybersecurity as a “core national challenge” for the U.S.
“The reality is most of our critical infrastructure is owned and operated by the private sector, and the federal government can’t meet this challenge alone,” Biden told attendees. "I’ve invited you all here today because you have the power, the capacity and the responsibility, I believe, to raise the bar on cybersecurity.”
Though ransomware was one focus of Wednesday’s gathering, the purpose of the meeting was broader and centered on identifying the “root causes of malicious cyber activities” and ways in which the private sector can help bolster cybersecurity, per an administration official.
The guest list for Wednesday’s meeting included Apple chief executive Tim Cook, Amazon chief executive Andy Jassy and Sundar Pichai, the CEO of Alphabet Inc., Google’s parent company. Also on the list were the leaders of IBM, Microsoft and Automatic Data Processing. Besides Biden, multiple Cabinet secretaries and national security officials attended.
Following the meeting, a number of major tech companies announced initiatives aimed at bolstering cybersecurity.
Microsft CEO Satya Nadella announced that the company will invest $150 million "to help US government agencies upgrade protections," and $20 billion over the next 5 years to advance the company's security solutions.
Google committed $10 billion to "strengthen cybersecurity, including expanding zero-trust programs, helping secure the software supply chain, and enhancing open-source security."
"We are also pledging, through the Google Career Certificate program, to train 100,000 Americans in fields like IT Support and Data Analytics, learning in-demand skills including data privacy and security," the company wrote in a blog post.
IBM CEO Arvind Krishna wrote in a blog post on LinkedIn that the company will offer cybersecurity training for more than 150,000 people, calling cybersecurity "the issue of this decade."
Amazon announced two new cybersecurity initiatives, including offering Amazon Web Services customers access to free multi-factor authentication (MFA) tokens.
“A fundamental problem when addressing current cybersecurity threats is education, which is why we’re excited to share our Amazon Security Awareness training for free to help organizations and individuals understand how to navigate and fight against security events,” Steve Schmidt, Chief Information Security Officer of AWS, wrote in a statement. “And by giving qualified AWS customers access to free MFA tokens, we’ve made it even easier for companies to use this powerful tool to protect their data and important technology assets.”
Financial industry executives also attended, including the chief executives of Bank of America and JPMorgan Chase, as well as representatives from the energy, education and insurance sectors.
The broad cross-section of participants underscores how cyber attacks have cut across virtually all sectors of commerce.
In May, for instance, hackers tied to a Russian-based cyber gang launched a ransomware attack on Colonial Pipeline, a major U.S. fuel supplier, temporarily halting operations. Weeks later, JBS, a major U.S. meat supplier, was also hit by a ransomware attack. In both instances, the companies were forced to pay the hackers millions of dollars to resume operations.
Roughly 85% percent of cyberattacks are waged in the private sector, according to a Cyberspace Solarium Commission report released earlier this year– underscoring the need for U.S. companies to shore up their cyber defenses alongside the federal government.
In May, Biden issued an executive order to help modernize cyber defenses and improve cybersecurity across the federal government.
“We've seen time and again how the technologies we rely on – from our cell phones, to pipelines, to the electric grid – can become targets of hackers and criminals,” Biden said Wednesday. “At the same time, our cybersecurity workforce is not growing fast enough to keep pace.”
He added that the U.S. is lacking roughly “half a million jobs” in the cybersecurity sector, according to a White House estimate.
Biden on Wednesday also pointed to his summit with Russian President Vladimir Putin earlier this year, in which he said he made clear his expectation that Russia take steps to rein in ransomware gangs because “they know where they are and who they are.”