Two years ago (August 25th, 2021) business leaders – including some of Silicon Valley’s biggest Tech players, water and energy companies, banking and insurance firms, and academic institutions – were summoned to the White House to discuss one of the world’s most pressing concerns: Cybersecurity.

The meeting came in the wake of several cyber-attacks – including on Solar Winds and the Colonial Pipeline – which cost companies billions of dollars and compromised millions of users’ valuable data.

President Biden called cybersecurity a “core national security challenge,” and initiated the meeting as a “call to action” for private sector organizations to take steps toward strengthening cybersecurity postures.

Reports say the discussion revolved around a collective effort to not only enhance user security as a whole but also by default – meaning that proper security should be built in. Some likened the effort to when seatbelts and airbags became the standard for automotive. It was a change, but now virtually everyone wears them as a matter of habit.

The meeting resulted in a host of promises from the private sector to do better to protect the nation’s companies, government agencies, and individuals from cyber-attack.

What did they pledge? Here are the highlights:

Google promised to spend $10 billion on cybersecurity initiatives, including training cybersecurity experts to help bring more talent to the industry.

Similarly, IBM would initiate training programs for cybersecurity personnel and announced a new data storage solution for critical infrastructure companies, and progress on safe encryption methods for quantum computing.

Microsoft pledged $20 billion over five years on cybersecurity initiatives and $150 million that would go to support federal, state, and local governments looking to improve security.

Amazon’s cloud computing division said it would provide free multi-factor authentication (MFA) devices to US customers who average a monthly spend of $100 on Amazon Web Services.

Apple said it would encourage its suppliers to boost cybersecurity practices by deploying multi-factor authentication (MFA) and better logging.

The National Institute of Standards and Technology (NIST) said it would work with Microsoft, Google, and insurance companies to help guide the creation of more secure products and to audit the security of existing ones.

Educational institutions were there, including the University of Texas and Girls Who Code, which announced accelerated or minority-focused cybersecurity credentialing programs.

Cyber insurance provider Resilience said it would require policyholders to have proper cybersecurity measures in place before granting coverage.

But what has happened in those two years?

With reported risk and instances of cyber-attack still on the rise, how have we done?

The good news is that companies like Microsoft, who has been very vocal about security measures such as MFA, along with Google, who has announced products with better security, and Apple who has launched enhanced security programs with its suppliers, are taking their leadership roles seriously as they encourage industry best practices.

Insurance companies have also stepped up to encourage best practices for their customers – many of them requiring that policyholders have good security in place before signing them on. Brightline Insurance, with whom we’ve partnered to provide customers with passwordless native MFA, is clear in its messages to clients about strong security as not only mandated by providers but a sure way to minimize insurance premiums.

Just this past week, at the RSA conference, I sensed that the industry is moving in the right direction, and was happy to see so many players – large and small – with a real drive to address the cybersecurity risks we face as a nation and across the globe.

We have work to do, but we’ve come a long way. I believe it’s our job to help people understand those risks, but also the viable solutions out there that will mitigate risk, be easily adoptable and be cost-effective for companies of all sizes.

We’re pleased to be working with partners in the effort to simplify and secure login for the enterprise. Stay tuned for more exciting news on that front!

Speaking of Promises

At TraitWare, we’ve made our own promises since our foundation. And we’ve kept to every one of them. …

  1. Build a product that works. Right from the get-go.
  2. Build it with cutting-edge and scalable technology, to weather change and growth
  3. Make life easier for both users and admins – quick and easy to deploy, use, and maintain.
  4. Build it to comply with the highest quality, privacy, and security standards available. *
  5. Work with a team of individuals and partners who share the same high standards for integrity, transparency, innovation, and passion for what we do.

* In case you missed last week’s news, we are pleased to join the FIDO Alliance and a collective effort to bring strong authentication to companies of all sizes, worldwide.

For any questions about our solution, or if you just want to chat, please reach out any time.