President Biden on August 25 gathered Federal government cybersecurity leaders and a deep roster of corporate leaders at a White House meeting that he said aimed to “raise the bar” on cybersecurity across the government, critical infrastructure, and private sectors.
In brief public remarks at the start of today’s meeting, President Biden recapped a variety of administration cybersecurity initiatives undertaken this year, including efforts to improve pipeline security following the Colonial Pipeline ransomware attack earlier this year.
In particular, he highlighted the security of critical infrastructure sectors, and the need to grow the cybersecurity workforce.
“We’ve seen time and again how the technologies we rely on, cell phones, and pipelines and the electric grid, can become targets of criminals,” President Biden said, according to White House press pool reports.
“At the same time, our skilled cybersecurity workforce has not grown fast enough to keep pace … about half a million cybersecurity jobs remain unfilled,” Biden said.
“That’s a challenge and also is a real opportunity, and I’ve made this a priority of my administration from the outset,” he said.
“Because cybersecurity’s a global issue, we’ve also rallied G7 countries to hold nations that harbor ransomware criminals accountable and I might add I had a summit with Vladimir Putin and made it clear to him that we expected him to hold them accountable as well. Because they know where they are and who they are,” President Biden said.
“But the reality is most of our critical infrastructure is owned and operated by the private sector and the Federal government can’t meet this challenge alone. I’ve invited you all here today to … raise the bar on cybersecurity, and so ultimately we’ve got a lot of work to do.”
The format of today’s meeting – which appeared to be ongoing at our press deadline – also featured breakout sessions on: critical infrastructure resilience co-chaired by Homeland Secretary Alejandro Mayorkas and Energy Secretary Jennifer Granholm; building enduring cybersecurity chaired by Commerce Secretary Gina Raimondo and Small Business Administrator Isabel Guzman; and cybersecurity workforce chaired by National Cyber Director Chris Inglis.
In her daily press conference today, White House Press Secretary Jen Psaki did not provide an extended recap of today’s meeting, but was asked whether there needs to be government mandates or legislation to improve cybersecurity. Psaki replied, “there are a range options” that could be taken by Congress on cybersecurity, and “we will look at them as they move forward.”
Beyond that, she said it’s the responsibility of government to put in “clear guidelines” for cybersecurity, and the responsibility of the private sector to put their own strong cybersecurity protections in place.
Psaki also said that the government “expects” private sector companies to report to the government when they experience cyber breaches, and that the government has worked “in partnership” with the private sector on that front.
In the run-up to today’s White House meeting, a senior administration official called the gathering a “call to action” that follows several major cybersecurity initiatives that the Biden administration has taken this year.
Those include the White House’s cybersecurity executive order released in May, an Industrial Control Systems Cybersecurity Initiative launched in April to improve critical infrastructure cybersecurity, and National Security Memorandum published in late July that also tasks several Federal agencies with developing cybersecurity performance standards for critical infrastructure.
“The President recognizes that the escalating cyber threats we face requires a whole-of-nation effort, and this meeting will highlight the scope of the challenge we face, but also the opportunities,” the senior administration official said. “So, it’s really a call to action.”
The August 25 meeting, the official said, “reflects the President’s commitment to public-private partnership and won’t be his last engagement with the private sector on cybersecurity. He’s very much committed to this.”
“The Federal government can’t solve this complex, growing international challenge alone, and we can’t do it overnight,” the senior administration official said. “Cybersecurity is a matter of national security, the public and private sectors must meet this moment together, and the American people are counting on us.”
Asked about major topics expected at the White House meeting, the official mentioned ransomware, cyber workforce growth, root causes of vulnerabilities across critical infrastructure sectors, and the need “to really improve … putting in place good operational practices.”
“Ransomware will be a part of the discussion, but we really wanted to take a broader look at various kinds of malicious cyber activity and what we can practically do about it,” the official said.
Psaki said on August 24 that the meeting would feature President Biden, and several cabinet members and national security officials including Secretary Mayorkas, Secretary Raimondo, Secretary Jennifer Granholm, Administrator Guzman, National Security Advisor Jake Sullivan, Director Inglis, Cybersecurity and Infrastructure Security Director Jen Easterly, and Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology.
Also expected to attend the meeting were chief executives from several big tech companies including: Sundar Pichai of Alphabet; Andy Jassy of Amazon; Tim Cook of Apple; Arvind Krishna of IBM; and Satya Nadella of Microsoft. Rosters of CEOs from big financial, insurance, energy, and water utilities were also on the attendee list, as were leaders from educational institutions.