White House Meets with CEOs Regarding Cybersecurity
Cybersecurity gains more attention as top White House officials recently held a joint meeting with CEOs of the nation’s largest companies including Amazon, Apple, Microsoft, Google, IBM, and others. Topics of the meeting were to include ransomware, critical infrastructure, supply chain security, cybersecurity education, and data breach insurance policies. Biden told the CEOs they have a responsibility to do more when it comes to cybersecurity and asked for more public/private collaboration in defending against attacks.
Our skilled cybersecurity workforce is not growing fast enough to keep pace.
— President Biden
In the wake of the meeting, IBM released a statement that they are starting an initiative to train 150,000 people in cybersecurity skills and release new products to help recover from attacks. It is estimated the US currently has roughly 500,000 unfilled positions in cybersecurity. Google stated they will invest $10bn in cybersecurity over the next 5 years along with expanding their zero-trust programs. Google also committed to retraining 100,000 Americans in IT support and analytics work.
The talent shortfall in cybersecurity spans industries. That means gaps exist in all 16 critical infrastructure sectors, like energy, health care, and manufacturing — and that companies in those sectors lack the necessary personnel to adequately defend computer networks against cyberattacks
— Simone Petrella, CEO of the cybersecurity training firm CyberVista.
Microsoft joined in the announcements with their own cybersecurity commitment promising to spend $20bn over the next 5 years to integrate cybersecurity into the design of its products and deliver advanced security solutions along with a commitment of $150mm in technology services for federal, state, and local governments to help them with their own cybersecurity setups. Amazon announced plans to allow qualified AWS account holders to receive USB multi-factor authentication devices at no additional cost.
Along with top tech CEOs, the meeting was also joined by finance and insurance leaders including JPMorgan Chase and Co.’s CEO Jamie Dimon. The insurance industry plays a critical role in cybersecurity as more and more companies take out cyberattack policies to cover damages. Lucrative insurance policies that can drive faster payouts are also seen as a motivating force behind the wave of attacks.
“The increased use of cyber insurance over the last 10 years has been an unfortunate stimulant to ransomware gangs — it has encouraged more attacks as insured victims are often quite willing to rapidly pull the trigger on ransom payments knowing that they will be reimbursed by insurance”
— Dmitri Alperovitch, chairman of the cybersecurity-focused think tank Silverado Policy Accelerator
The cyber insurance industry is expected to continue growing rapidly over the next five years. The total market size is expected to increase from around eight billion U.S. dollars in 2020 to just over 20 billion U.S. dollars by 2025. Corporate insurance makes up the vast majority of the market. According to Statista, the number of annual data breaches in the United States has increased more than threefold since 2012, while the average cost of a data breach to U.S. businesses has increased by around 60 percent.
The White House meeting follows a rise in cyber attacks targeting critical infrastructure along with amplification through supply chain attacks. Congress and the FBI recently weighed in on the reporting of cyber attacks and the White House this spring launched a 100-day initiative to improve cybersecurity across the electric sector with other sectors to follow. On July 28, the President issued a National Security Memorandum establishing voluntary cybersecurity goals that clearly outline expectations for owners and operators of critical infrastructure. The severity of new threats has served as a vulnerability wake-up call to businesses and even the highest levels of government.