Recently, in the United States, cyberattacks, including the oil pipeline company Colonial Pipeline, are following one after another. Accordingly, President Biden held talks with high-tech companies such as Apple, Google and Microsoft, as well as high-tech companies such as Amazon and JP Morgan Chase, as well as the heads of infrastructure companies such as banks, electricity, insurance, electricity and water, and dealt with the root causes of all kinds of malicious cyber activity. In order to do this, we emphasized the strengthening of cyber security measures.
The conversation agenda includes the shortage of manpower related to ransomware and cybersecurity, and the construction of software or devices with strong security functions.
In addition, representatives of non-profit organizations specializing in computer science education, including Code.org, and representatives of some universities will also be invited to discuss efforts to nurture talents related to cyber security.
The White House is being called upon to respond to large-scale ransomware attacks that hit educational institutions, meat processors, municipalities, and small businesses in addition to issues that began shortly after Biden’s inauguration.
Following the meeting, the Biden administration announced that the National Institute of Standards and Technology (NIST) would work with industry partners to build a new framework to increase the security and integrity of the technology supply chain. Accordingly, guidelines will be created when public institutions and private companies create technology products including open source software or evaluate technology safety. In addition to Microsoft, Google, and IBM, insurance companies (Travelers, Coalition) are expressing their participation.
At this meeting, Google announced that it would invest $10 billion in security measures over the next five years, and Microsoft would invest $20 billion in security measures. Google has invested $10 billion over five years to expand its Zero Trust program, secure its software supply chain, and strengthen open source software security. announced that they would do so.
As for the reason Google has invested 10 billion dollars to promote cyber security, first, many companies do not adopt the latest security technology and utilize the existing software and infrastructure, which increases the cost but causes security threats. pointed out that there is The attackers also target software supply chain weaknesses, and besides vendors not having the tools and expertise to thwart the attacks, the problem is that there is no national workforce to address them.
IBM also promised to diversify its cybersecurity workforce by providing cybersecurity training to 15,000 people over the next three years and establishing cybersecurity leadership centers in partnership with 20 black universities.
Microsoft announced a $20 billion investment over the next five years to provide advanced security solutions by integrating cybersecurity. In the field of tech services, federal, state and local governments can direct $150 million to upgrade security, and they have pledged to work with universities and non-profit organizations for cybersecurity education.
Apple announced the establishment of a new program to drive continuous security improvements throughout its technology supply chain. As part of the program, we are promoting the expansion of multi-factor authentication, security training, and employment expansion in response to vulnerability recovery event log issues.
Amazon has announced that it is making visible awareness training available to the public free of charge. Amazon also announced that it is offering multi-factor authentication devices at no additional cost to all AWS account holders to protect them from risks such as phishing and password leaks. Related information can be found here.