[BreachExchange] White House Tech Meeting: Focus On Critical Infrastructure

[Sophia Kingsbury]

https://www.govinfosecurity.com/white-house-tech-meeting-focus-on-critical-infrastructure-a-17364

The Biden administration is hosting a White House meeting Wednesday with a
number of technology, banking, insurance and education executives to focus
on cybersecurity and national security issues, such as protecting critical
infrastructure from attacks and how to hire more security professionals to
meet growing demand.

The meeting, which will include Microsoft CEO Satya Nadella, Amazon CEO
Andy Jassy, Google CEO Sundar Pichai, Apple CEO Tim Cook and IBM CEO Dr.
Arvind Krishna, along with several others, will primarily address the need
for more public-private partnerships to strengthen cybersecurity within
America's critical infrastructure, such as water treatment facilities, the
national electrical grid and oil and gas infrastructure, a senior
administration official says.

"Both U.S. public and private sector entities are facing increasingly
sophisticated malicious cyber activity, which includes businesses small and
large, small towns and cities in every corner of the country," says a
senior administration who spoke on the condition of anonymity.

Besides enhancing cybersecurity around critical infrastructure, which has
been a focus of the Biden administration following a series of ransomware
attacks earlier this year on Colonial Pipeline and other U.S. businesses,
the White House meeting will focus on what the government and the private
sector can do to hire more security professionals.

The senior administration official cited a statistic from Cyber Seek, a
job-tracking database developed by the Department of Commerce, which
estimates there are 465,000 open cybersecurity positions nationwide,
including approximately 36,000 open cyber jobs at federal, state and local
government agencies.

"The federal government can't solve this complex growing international
challenge alone and we can't do it overnight … we're sincere when we say
cybersecurity is a matter of national security and the government and
public sectors must meet this moment together," the senior administration
official says.

Beyond Tech

While Wednesday's event was promoted as a meeting between the White House
and Silicon Valley tech executives to discuss cybersecurity, the senior
administration official says the gathering will also include input from the
banking, insurance, critical infrastructure and education sectors.

Other participants will include JPMorgan Chase CEO Jamie Dimon and Bank of
America CEO Brian Moynihan from the financial sector; Travelers CEO Alan
Schnitzer and Resilience CEO Vishaal Hariprasad from the insurance sector,
representatives from critical infrastructure companies, such as American
Water, ConocoPhillips, Duke Energy and PG&E; and leaders from institutions,
such as the University of Texas System, Tougaloo College and others from
the education sector.

The group will hear from President Joe Biden as well as several senior
officials and cabinet secretaries, including National Cyber Director John
"Chris" Inglis, Department of Homeland Security Secretary Alejandro
Mayorkas and Cybersecurity and Infrastructure Security Agency Director Jen
Easterly.

National Cyber Director John "Chris" Inglis and CISA Director Jen Easterly
will both be speaking to executives at the White House Wednesday.
When asked about the inclusion of financial services insurance and critical
infrastructure executives, the senior administration official notes that
their participation meshes with the administration's objectives. For
example, the cybersecurity executive order Biden signed in May will require
any company doing business with the federal government to invest in or
create software that meets security standards.

The government also is calling on businesses, such as those in the oil and
gas sector, to provide input about new regulations, such as those announced
in July by the Department of Homeland Security and the Transportation
Security Administration for firms that operate interstate pipelines.

"What we're working to do is really pick carefully the sectors and the
leaders who we say, 'We need you. The critical services of this country
need you.' And we need to transition to where technology is truly - by
default - created with security baked in by design," the senior
administration official says.

The official also notes that the White House is meeting with companies now,
when most cybersecurity standards and regulations are still voluntary, so
that they can have a say before Congress considers issuing mandates.

"We're going to work to make sure that these standards are adopted across
the board because we, as the government, owe that to the citizens we serve,
but we'd love for you to go ahead and get moving," the senior
administration official says. "You [the private sector] have a voice in the
way we run the process for establishing the performance controls and with
establishing the standards."

Ransomware

The senior administration official also notes that some of the meetings
between these executives and the Biden administration will focus on
specific cybersecurity issues, such as ransomware, which has been a
high-profile concern since the president took office in January and was a
key topic at Biden's June summit meeting with Russian President Vladimir
Putin.

"So ransomware will be part of the discussion, but we really wanted to take
a broader look at various kinds of malicious cyber activity, and what we
can practically do about it," the official says, adding the administration
continues to hold talks with its Russian counterparts about cybercriminal
activity within that country's borders.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210825/024116da/attachment.html>