White House rallies private industry in cyber battle

A meeting between President Biden and more than two dozen key leaders from a variety of industries this week has increased momentum for plans to quickly address rising cyber threats.

Leaders from the fields of tech, energy, insurance and education attended the event Wednesday, including the CEOs of Alphabet, Apple, Amazon, IBM, Microsoft, JPMorgan and Bank of America.

For the Biden administration, the summit also served to highlight the federal government’s efforts to tackle cybersecurity challenges following months of massive attacks on public and private groups that have pinched key industries while laying bare the scourge of cybercrime.

“Look, there is nothing like a summit convened by the president to focus everyone’s minds, and I think that is the benefit of doing something like this,” Chris Padilla, the vice president of government and regulatory affairs at IBM who attended the meeting, told The Hill.

“It elevates importance, it commits very senior-level people to follow up and do something, and good for them for doing it,” he said.

Major topics of discussion during the nearly three-hour summit included strengthening the cybersecurity workforce, preventing ransomware attacks and ensuring that technology companies have security features baked into their products.

The meeting came on the heels of months of escalating cyberattacks that have become a nightmare for federal officials and an increasing national security threat for the Biden administration to confront.

These have included the Russian government-backed SolarWinds hack, for which Biden levied sanctions on Russia in April, along with ransomware attacks on Colonial Pipeline, meat producer JBS USA and software company Kaseya. 

Biden made clear at the top of the meeting that he regarded threats in cyberspace as a “core national security challenge.”

“The federal government can’t meet this challenge alone,” Biden said. “I have invited you all here today because you have the power, the capacity and the responsibility, I believe, to raise the bar on cybersecurity, and so ultimately we’ve got a lot of work to do.”

The president’s interest in the issue, which included a session at the top of the afternoon during which he posed a series of questions to the CEOs in attendance, left many participants feeling a strong need to take further coordinated steps. 

“I think he very much views a very significant cyber conflict or cyber issue being more likely than even weapons of mass destruction or a proliferation challenge,” Joshua Motta, CEO of insurance company Coalition, told The Hill after leaving the meeting. “It’s among the most pervasive risks that the administration is facing and, case in point, convening 30 CEOs, academic leaders, etc. to really focus on this problem.”

The companies did not wait to take action, with many bringing a list of commitments. These included Microsoft investing $20 billion in cybersecurity over the next five years and Google investing a further $10 billion on the issue. 

Strengthening the cybersecurity workforce was also an area that received attention. IBM pledged to train 150,000 individuals in cybersecurity skills over the next three years, Google set a goal to enhance the skills of 10 million Americans from basic to advanced by 2023, and Code.org announced that it will work to teach cybersecurity concepts to 3 million students over the next three years.

Many left the meeting expecting to see further engagement to address the nation’s cyber challenges.

“A lot of the CEOs said they didn’t want this to be a one-time deal, they wanted to have follow-up conversations, so that was positive,” Padilla said while citing conversations IBM Chairman and CEO Arvind Krishna had with other leaders.

Both Padilla and Motta participated in a breakout session that followed the initial meeting with Biden, which was led by Commerce Secretary Gina Raimondo and Small Business Administration Administrator Isabel Guzman. 

During the session, participants — who also included the CEOs of Apple, Microsoft, Google and Amazon — discussed issues such as how to ensure the security of the supply chain of tech products, how to address ransomware attacks and how to encourage the public to take basic security measures.

“These are companies that are very strong competitors, but on this topic, it was really interesting to see how they were collaborating and agreeing on so many things,” Padilla said. 

The cybersecurity insurance sector went through a difficult year in 2020, losing money as more and more companies experienced cyberattacks and filed claims. 

Following these incidents, Motta noted that insurance groups are pushing customers to be more mindful of cybersecurity and have taken steps such as denying insurance to companies not deploying basic cybersecurity protections. 

“To be honest, that the insurance industry was even represented at this meeting I think speaks volumes to the administration’s understanding of how it can play a positive role because, in a different era, there would not have even been a seat at the table,” Motta said.

Not every industry was represented at the meeting, with Padilla citing concerns from CEOs that the telecommunications sector was absent and Motta noting the need to include cryptocurrency groups, particularly as hackers increasingly use cryptocurrency forums for transactions. 

Despite the shortcomings, many leaders left feeling optimistic about the future of cybersecurity coordination between the federal government and the private sector. 

Southern Company Chairman and CEO Tom Fanning wrote in a LinkedIn post that the meeting was an “essential recognition of the need to improve our nation’s defenses against existential cyber threats.” 

IBM’s CEO wrote a separate post to “commend” the Biden administration for taking steps “marshalling the country’s private and public sector resources to strengthen our national defense.”

Motta emphasized that despite the beneficial conversations, there is still a great deal more to do.

“I don’t think anyone left feeling that there was a silver bullet as a solution, but I do think there was a commitment … that we should get together and hold ourselves accountable,” Motta said.