President Biden to host infosec roundtable with tech giant CEOs

If there's any single photo that better encapsulates the state of enterprise information security in 2021, we weren't able to find it.
Enlarge / If there’s any single photo that better encapsulates the state of enterprise information security in 2021, we weren’t able to find it.

Unnamed sources told Bloomberg that the White House will host a meeting between President Joe Biden and some of the country’s largest tech firms on Wednesday afternoon. According to those sources, the CEOs of Microsoft, Amazon, and Apple have confirmed their attendance. Other large companies, including Google, IBM, Southern Company, and JP Morgan, have been invited.

The meeting is intended to address the severe increase in ransomware, online attacks, and data leaks seen this year. Although we don’t know the exact agenda, one senior official familiar with the event said discussions of better supply chain security are likely, and there will probably be a focus on software-driven solutions.

High-profile security breaches Biden and the tech CEOs might discuss include, but are not limited to:

  • This month’s T-Mobile server breach, which exposed up to 100 million Americans’ personal data
  • July’s SolarWinds supply chain attack, which compromised server management tools themselves
  • July’s massive Kaseya ransomware attack—which also initially targeted a management tool rather than the end-victims themselves
  • A months-long Geico breach exposing customers’ driver’s license numbers, addresses, dates of birth, etc.
  • A misconfigured Experian API that leaked credit scores of tens of millions of Americans
  • A May attack that took Colonial Pipeline down, disrupting fuel distribution across the eastern US seaboard
  • March attacks targeting small businesses, towns, cities, and local governments via Microsoft Exchange vulnerabilities
  • SIM swapping attacks on T-Mobile customers in February, resulting from one or more of the company’s earlier breaches

Bloomberg’s sources only mentioned CEOs, so it’s unclear if the CISOs of the invited companies are participating as well.

Neither the White House nor any of the companies mentioned have responded to press requests for comment.

https://arstechnica.com/?p=1789474