Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next five years, as the U.S. government partners with private sector companies to address threats facing the country in the wake of a string of sophisticated malicious cyber activity targeting critical infrastructure, laying bare the risks to data, organizations, and governments worldwide. Ravie Lakshmanan.
The big tech sector is also rallying behind with a roster of initiatives, including —
- Microsoft will invest $20 billion over the next five years to deliver advanced security solutions, in addition to making available $150 million in technical services to help federal, state, and local governments with upgrading security protections.
- Google will invest over $10 billion to bolster cybersecurity, including expanding zero-trust programs, helping secure the software supply chain and enhancing open-source security. It’s worth noting that the search giant, earlier this June, announced a framework called the Supply chain Levels for Software Artifacts (SLSA or “salsa”) to safeguard the integrity of software supply chains.
- Apple will work with more than 9,000 of its suppliers to push for mass adoption of multi-factor authentications, vulnerability remediation, event logging, and security training.
- IBM will train 150,000 people in cybersecurity skills over the next three years, and will partner with 20 Historically Black Colleges & Universities to establish a more diverse cyber workforce.
- Amazon will make available to all Amazon Web Services account holders a multi-factor authentication device to protect against phishing and password theft at no extra cost.
While it remains to be seen how these efforts will unfold in practice, the commitments demonstrate the urgency in prioritizing and elevating cybersecurity after a relentless stretch of high-profile cyber attacks targeting SolarWinds, Microsoft, Colonial Pipeline, JBS, and Kaseya in recent months. Nice one!
[Read More]