White House to announce new cyber initiatives with private sector

The Biden administration and a roster of America’s largest private companies on Wednesday will announce a series of initiatives meant to address some of the country’s systemic cybersecurity problems, including workforce training and protection of critical infrastructure.

The agreements are expected to be released after a White House summit between President Joe Biden’s national security team and other senior administration officials and chief executives from tech companies including Amazon, Apple, Microsoft, and IBM, as well as leaders from the insurance, financial, energy, and education sectors.

“You will definitely be seeing a set of concrete announcements” from both the federal government and the private sector, a senior administration official told reporters on Tuesday. 

“We need both to be successful,” said the official, who predicted the most significant announcements would focus on “technology and talent” before declining to offer any specific details about the forthcoming efforts.

The meeting, which was announced last month by White House press secretary Jen Psaki, is the latest attempt by the administration to engage the private sector following a stream of cyberattacks over the past year, including the ransomware attack on the Colonial Pipeline and the breach of software provider SolarWinds.

In May, Biden signed an executive order that fundamentally changed how the federal government handles cybersecurity, requiring agencies to encrypt their data, enable multi-factor authentication and set deadlines for over 50 different actions and reports intended to harden computer networks against hacks.

Last month he issued a national security memorandum that directed federal agencies to develop voluntary cybersecurity goals for companies that operate U.S. critical infrastructure — a step that could eventually lead the administration to pursue mandatory standards.

After meeting with the president on Wednesday, attendees will participate in sessions with members of the Cabinet and national security officials for deep dive talks along three tracks: critical infrastructure resilience; building enduring cybersecurity; and cybersecurity workforce.

The groups will then reconvene with Anne Neuberger, deputy national security adviser for cyber and emerging technology, and National Cyber Director Chris Inglis, who will craft a readout based on the various discussions to give to the president, according to the senior administration official.

The official said the sessions are intended to focus on the “root causes of any kind of malicious cyber activity,” such as the need to improve information technology security, the estimated 500,000 job openings in cybersecurity and the broad set of vulnerabilities facing the nation’s critical infrastructure.

And while topics like Russian ransomware gangs and the renewed appetite in Congress for cyber incident reporting legislation will also likely be part of the discussion, “we really wanted to take a broader look at various kinds of malicious cyber activity, and what we can practically do about it,” according to the official.