U.S. President Joe Biden held a summit meeting at the White House today with leaders from technology, financial services and energy companies to discuss national cybersecurity strategy amid increasing levels of major cyberattacks.

Present at the meeting were a range of chief executive officers from well know companies. Attendees from tech companies included Apple Inc.’s Tim Cook, Amazom.com Inc.’s Andy Jassy, Microsoft Corp.’s Satya Nadella, IBM’s Arvind Krishna and Alphabet Inc.’s Sundar Pichai. Also in attendance were JPMorgan Chase & Co.’s Jamie Dimon and Bank of America Corp.’s Brian Moynihan, among others.

Speaking before the summit began, President Biden said private enterprises should do more to respond to cybersecurity threats. “The reality is most of our critical infrastructure is owned and operated by the private sector and the federal government can’t meet this challenge alone,” the president said. “You have the power, capacity and responsibility, I believe, to raise the bar on cybersecurity. Ultimately we’ve got a lot of work to do.”

The summit was part of growing interest by the White House in cybersecurity following attacks on companies such as Colonial Pipeline Co. that was taken offline in a ransomware attack in May. That attack resulted in Biden signing an executive order to strengthen U.S. cybersecurity defenses on May 12.

The meeting itself heard from participants on a variety of areas, with one notable issue being a shortage of skilled workers to fill cybersecurity jobs, a figure estimated to be 500,000.

The tech companies present committed to implementing various programs, although notably, Amazon’s contribution was the smallest of them all. Amazon Web Services is to give account holders free multifactor authentication devices and provide security awareness training to organizations and individuals.

Amazon’s and Jassy’s smaller offer than other companies present did not go without notice.

“They’re smart as there is no upside for AWS these days to play the PR game because the media and the political elite are quasi-activists against them,” noted John Furrier, co-founder, chief executive officer and executive editor of SiliconANGLE Media. Furrier added that he expects a low profile from Jassy and Amazon going forward.

Google

As part of the summit, Google announced that it would invest $10 billion over the next five years to expand zero-trust security programs, help security and software supply chains, and enhance open-source security. The search giant also announced that it would help 100,000 Americans earn industry-recognized digital skills certificates that can lead to high-growth jobs.

Kent Walker, senior vice president of global affairs at Google, explained in a blog post that the commitment to invest $10 billion to advance cybersecurity comes at a time when “governments and businesses are at a watershed moment in addressing cybersecurity.”

“Leading the world in cybersecurity is critical to our national security,” Walker said. “Today’s meeting at the White House was both an acknowledgment of the threats we face and a call to action to address them.”

Microsoft

Microsoft announced that it would invest $20 billion over the next five years to accelerate integrating cybersecurity by design and delivering advanced security solutions. In addition, Microsoft said that it would immediately make available $150 million in technical services to assist governments and at all levels to upgrade security protection and will also expand community partnerships for cybersecurity training.

IBM

International Business Machines Corp. said it would train 150,000 people in cybersecurity skills over the next three years and will partner with black colleges and universities to establish Cybersecurity Leadership Centers.

Apple

Apple committed at the summit to establish a new program to drive continuous security improvements throughout the technology supply chain. The commitment includes working with its suppliers, including more than 9,000 in the U.S., to drive the mass adoption of multifactor authentication, security training, vulnerability remediation, event logging and incident response.

Reaction

The response from those in the cybersecurity industry to the summit and the various commitments was positive.

“This summit, and resulting commitments and initiatives, mark a positive step in raising awareness of the national cybersecurity attacks proliferating our nation’s private sectors,” David Gerry, chief revenue officer at application security company NTT, told SiliconANGLE. “The summit allows for ideas, best practices, as well as transparency to be shared between technology vendors and government organizations.”

A commitment to improving insurance coverage for cyberattacks was highlighted as a key positive from the summit, including vulnerable small and medium-sized businesses.

“SMEs are hurting the most from cyber incidents,” said Jack Kudale, founder and CEO of cyber insurance company Cowbell Cyber Inc. “Initiatives to close insurability gaps and to make cyber insurance accessible to all will contribute the most in making the supply chains that are critical in the global economy more resilient to cyberthreats. This includes standardization of coverage, flexibility and customization of policies as well as simplification of insurance applications.”

Jason Rebholz, chief information security officer at AI-driven smart commercial insurance company Corvus Insurance Holdings Inc., noted that it’s a promising sign that insurance was brought to the forefront of the latest White House discussions.

“Despite the recent negativity surrounding cyber insurance, it’s important to take steps in the right direction, first by dispelling falsehoods and instead, recognizing that insurance can have a positive effect on organizations to shore up their cyberdefenses,” Rebholz added.

While positive about the overall summit, Jake Williams, co-founder and chief technology officer at incident response firm BreachQuest Inc. took some umbrage with Apple’s commitment, noting that the iOS operating system continues to be a “black box for defenders.”

“This prevents relatively easy detection of exploitation of these devices, as was observed recently with NSO,” Willaims explained. “Zero-day exploits in iOS will remain an outsized threat until network defenders can gain visibility into operations on these devices.”

Photo: White House/Facebook