Cybersecurity Focus of Obama Summit in Tech Capital
Americans are increasingly alarmed by the international criminals, malicious hackers, cyberwarriors and spies who make off with electronic data moving through cyberspace and stored where break-ins happen in silent code.
Companies, individuals, public institutions, and governments are victims, accounting for losses of up to $575 billion a year worldwide, according to a private 2014 study. In the United States, the figure is estimated at $100 billion.
“No one is isolated from these threats,” the government has warned. Indeed, the White House data system and sensitive networks controlled by federal government, including the U.S. Postal Service and the U.S. Central Command, have been targeted.
President Obama, hoping to encourage Congress to adopt cybersecurity legislation this year and eager to foster alliances within the private sector, will host a policy summit Friday in Palo Alto, Calif., attracting media attention to the heart of Silicon Valley (live streamed on the White House website).
The administration will emphasize the economic, consumer protection and national security benefits of public-private collaboration to increase network protections and threat responses. White House National Economic Adviser Jeff Zients, speaking to reporters in advance of the event, said cybersecurity crosses every economic sector and “is the cost of staying in business.”
A rationale for the summit, Zients added, is to highlight the linkage between cybersecurity and consumer protection, which he said “are two sides of the same coin.”
The president wants to leverage the government’s clout to link major companies and private innovators as part of a global drive to reverse what is demonstrably a costly, destabilizing trend.
“Cyberthreats are evolving faster than the defenses that counter them,” according to White House officials who helped organize the Stanford University event, which will take place near some of the leading tech companies in the United States.
Apple Inc. CEO Tim Cook will introduce the president, and Obama will deliver a speech and sign an executive order that creates a “framework” to help protect against cyberthreats by encouraging rapid information sharing among private companies, accompanied where appropriate by the intelligence-sharing powers of the federal government.
The administration recently created an intelligence agency called the Cyber Threat Intelligence Integration Center, where the private sector can share information with the government and where Internet threats can be assessed.
Lisa Monaco, White House homeland security and counterterrorism adviser to the president, said this week during a speech in Washington that in her role over the last two years to brief Obama each morning about risks around the world, “an increasing share of the bad news I deliver is unfortunately on cyber threats.”
The administration – conscious that the recent breach and email thefts involving Sony Pictures and North Korea raised public awareness of the issue – sought to underscore Obama’s long-held focus on the hazards and their global importance.
“From our perspective, the president came into office being concerned about this,” Michael Daniel, special assistant to the president and White House cybersecurity coordinator, told reporters Thursday from the summit site. “It’s been a consistent theme of this administration, but it’s one that we’re increasing our focus on as we realize that the threat continues to grow and now is the time that we have to grapple with it.”
To thwart Internet risks globally, the administration believes governments and private entities have responsibilities to work together while also protecting privacy and proprietary commercial interests. The summit’s push also includes global law enforcement.
Officials tiptoed around the disclosures about the National Security Agency’s massive spying and data vacuuming – via private telephone and electronic data companies – which soured public perceptions of the federal government as a benevolent guardian in cyberspace.
“Obviously there have been tensions, but I think the only way we can get at that is to have dialogue and to continue to engage, and the president has been committed to that and will remain committed to that,” Daniel said. “That’s part of the reason we’re … out here.”
The president’s proposed cybersecurity legislation, which he unveiled in January, may have picked up bipartisan support in the wake of the Sony attack, which the government traced to North Korea and which Obama dubbed cybervandalism.
A controversial element of the administration’s proposed legislation would grant companies immunity from litigation if they share key information about cyberthreats with the government, including the Department of Homeland Security, the FBI, and other agencies. The president’s advisers, briefing reporters, described Obama’s executive order and proposed legislation as complementary pieces of a comprehensive endeavor to achieve information-sharing.
In California, the president is expected to hail some of the major companies that have volunteered to share best practices and their cyberthreat information; adopt a harmonized vocabulary about cyberrisk management; promote technologies that secure financial transactions and online authentication beyond passwords and user names; and put consumers into the driver’s seat when it comes to protecting identities and credit profiles.
Summit participants are expected to include Intel, Apple, Bank of America, U.S. Bank, AIG, Walgreens, Kaiser Permanente, QVC, Visa and MasterCard, according to the White House. By showcasing early adopters, the administration hopes its joint-partnership approach will spread, including to smaller companies and institutions with fewer resources to safeguard online data.
Missing from the list of participants announced by the White House were other companies recently in the news because of thefts of customers’ personal and financial data and serious system breaches. Some examples: American Express, JPMorgan Chase, Target, health insurer Anthem, Home Depot, eBay, and Twitter.
More than a billion personal data records were compromised as a result of cyberbreaches during 2014, according to a report by Gemalto, a digital security company. As evidence of the trend line that worries the White House, that figure jumped 78 percent from the damaging activity detected in 2013, the company found.