President Biden is meeting with Apple, Google and Microsoft on cybersecurity
The White House hopes today's talks will address 'root causes' for attacks.
The US has suffered a flurry of major cyberattacks targeting everyone from federal prosecutors through to meat suppliers, and the White House hopes some discussions with key companies will produce some long-term security solutions. The Washington Post reports that President Biden, certain cabinet members and relevant security officials are holding talks on August 25th with tech giants ADP, Amazon, Apple, Google, IBM and Microsoft to see how they can help bolster cybersecurity.
While the spate of ransomware attacks will be on the agenda, a senior Biden administration official said the White House wanted to tackle the "root causes" of cybersecurity issues. This included addressing a wide range of vulnerabilities, instituting "good operational practices" and hiring more security workers.
The conversations will also involve financial and insurance giants (including JPMorgan Chase, Bank of America and Travelers) as well as educational organizations like Code.org and Girls Who Code. While the Biden meeting is at the center of the discussions, the chats with cabinet members and officials are billed as "informal" sessions that will help establish definitive solutions.
The White House said the meetups were a recognition that the US needed a "whole-of-nation" cybersecurity strategy involving both the government and private sector. It also promised this wouldn't be the "last engagement" with companies on security issues. This comes soon after Biden took multiple steps in a bid to improve digital security for vital infrastructure, such as issuing an executive order meant to bolster federal security standards and coordination.
The question, as always, is whether or not the discussions will lead to meaningful action. The meeting with tech firms might help with top-down decision-making, but that won't matter much unless the other talks also lead to tangible strategy changes. This could be little more than a public relations exercise if the companies don't (or can't) commit to specific cybersecurity improvements.