A number of technology heavyweights and other sectors have pledged to help strengthen the nation’s cybersecurity with funding and programs to grow the cyber workforce and invest billions of dollars to underwrite the effort.
President Biden recently met with officials from more than two dozen private sector organizations, ranging from technology, finance and energy to insurance and education. “The reality is, most of our critical infrastructure is owned and operated by the private sector, and the federal government can’t meet this challenge alone,” Biden said. “I have invited you all here today because you have the power, the capacity, and the responsibility I believe to raise the bar on cybersecurity, and so ultimately we’ve got a lot of work to do.”
Here’s what resulted in commitments by the federal government, technology companies, cybersecurity insurers and education:
From the Feds.
- The National Institute of Standards and Technology (NIST) will develop a new framework to guide public and private entities on how to build secure technology and assess threats. Microsoft, Google, IBM and insurers Travelers and Coalition have signed on to the initiative.
- An expansion of the Industrial Control Systems Cybersecurity Initiative, which reportedly has improved the power grid security of some 150 utilities, to natural gas pipelines.
From technology companies.
- Apple will work with some 9,000 of its suppliers in the U.S. to boost adoption of multi-factor authentication, security training, vulnerability remediation, event logging and incident response.
- Google will invest $10 billion over the next five years to expand zero-trust programs, secure the software supply chain and enhance open source security. Google also will assist 100,000 Americans to earn industry-recognized digital skills certificates to qualify for security-centric jobs.
- IBM will train roughly 150,000 people in cybersecurity skills over the next three years and partner with more than 20 Historically Black Colleges & Universities to establish cybersecurity leadership centers to grow a more diverse cyber workforce.
- Microsoft will invest $20 billion over the next five years to help integrate cybersecurity into products and will grant another $150 million in technical services and cybersecurity training to help federal, state, and local governments upgrade security protection.
- Amazon will make available to the public for free the same level of security awareness training it offers its employees and also make available to all Amazon Web Services (AWS) account holders a free multi-factor authentication device.
From cybersecurity insurers.
- Resilience will require policy holders to meet a threshold of cybersecurity best practice as a condition of receiving coverage.
- Coalition, will make its cybersecurity risk assessment and continuous monitoring platform available for free to any organization.
From education.
- Code.org will teach cybersecurity concepts in the next three years to three million students in 35,000 classrooms to promote online safety and interest in cybersecurity as a potential career.
- Girls Who Code will establish a micro credentialing program to make scholarships and early career opportunities more accessible to underrepresented groups.
- The University of Texas System will expand existing and develop new short-term credentials in cyber-related fields to upskill and reskill over one million workers.
- Whatcom Community College, newly designated an NSF Advanced Technological Education National Cybersecurity Center, will provide cybersecurity education and training to faculty.
The collective commitments of money and programs drew praise from Arvind Krishna, IBM chairman and chief executive, who said the collaboration of public and private entities is key to strengthening the nation’s cyber profile. "With cybersecurity quickly becoming a new battleground for state competition, businesses and government share a collective responsibility to collaborate on preventing cyber attacks that could have a devastating impact or prompt national or global crises," he wrote in a LinkedIn post. "We must join forces now to shore up the security of the critical infrastructure that keeps our society functioning."
