Security

President Obama Calls for Cybersecurity Information Sharing

President Obama this past week signed an executive order calling on the private sector and government to formally share cybersecurity threat information. Noting that frictionless information sharing was key to this effort, president Obama said that US companies and the government should work hand-in-hand to help thwart cyber-attacks.

“Government cannot do this alone,” the president said at an appearance at a recent Cybersecurity Summit in Palo Alto, California, where he signed the order. “The fact is that the private sector can’t do this alone either. It’s government that often has the latest information on these new threats.”

At the summit, President Obama also met with CEOs and other top executives from tech companies such as Apple and Intel, and other firms such as AIG, Bank of America, Kaiser Permanente, Pacific Gas & Electric, QVC, US Bank and Walgreens. Microsoft was curiously omitted from the list of companies attending, though the software giant separately said that Scott Charney, Microsoft’s corporate vice president of Trustworthy Computing, represented the firm at the event.

(The CEOs of Facebook, Google and Yahoo were all invited to the summit, but like Microsoft they sent their top security officials instead.)

Sponsored Content

Passwords Haven’t Disappeared Yet

123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?

Obama’s order is in many ways a formalization and expansion of a previous Cyber Threat Alliance in which security solutions providers like Fortinet, Symantec and others have agreed to share information about security threats. But the order expands this sharing throughout the private sector to involve banks, retailers, and other companies. And it course expands the sharing to include the US government as well.

The order is also just a step towards a more secure future. President Obama would like for a more comprehensive bill to be introduced in Congress that could lead to a modernization of how the government and corporations of all kinds alert customers of security breaches. He cited many recent electronic attacks—Anthem Health Insurance, Apple, Home Depot, Sony, and Target among them—as proof that the threat is only getting worse and asked Congress to rise above the usual partisan rhetoric.

“This should not be an ideological issue,” he said. “This is not a Democratic or Republican issue. Everybody’s online and everybody’s vulnerable.”

Held as it was in Silicon Valley, the Summit garnered big support from Apple, which is both the world’s largest consumer electronics company and perhaps the most aggressive in modernizing electronic payments. Apple CEO Tim Cook marketed Apple Pay during his appearance, of course, but he also spoke of the need for privacy controls to be part of any US cybersecurity laws.

“We must get this right,” he said at the event. “History has shown us that sacrificing our right to privacy can have dire consequences. We still live in a world where all people are not treated equally. Too many people do not feel free to practice their religion, or express their opinion, or love who they choose … If those of us in positions of responsibility fail to do everything in our power to protect the right of privacy, we risk something far more valuable than money. We risk our way of life.”

Apple also pledged to adopt Obama’s framework for security protocols across its “corporate networks,” which includes public-facing services such as iTunes, iCloud and Apple Pay. Under the guidelines of this framework, companies like Apple that store personal data will adopt more rigorous security practices than those that do not.

As for Microsoft, the software giant noted that it supports Obama’s cybersecurity initiatives, and it took this opportunity to promote its coming password-less two-factor authentication scheme for Windows 10, which I wrote about yesterday on Thurrott.com.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

Paul Thurrott is an award-winning technology journalist and blogger with over 20 years of industry experience and the author of over 25 books. He is the News Director for the Petri IT Knowledgebase, the major domo at Thurrott.com, and the co-host of three tech podcasts: Windows Weekly with Leo Laporte and Mary Jo Foley, What the Tech with Andrew Zarian, and First Ring Daily with Brad Sams. He was formerly the senior technology analyst at Windows IT Pro and the creator of the SuperSite for Windows.
Don't leave your business open to attack! Come learn how to protect your AD in this FREE masterclass!REGISTER NOW - Thursday, December 2, 2021 @ 1 pm ET

Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc. 

Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:

  • Whether you should upgrade your domain controllers to Windows Server
    2019 and beyond
  • Achieving mission impossible: updating DCs within 48 hours
  • How to disable legacy protocols and outdated compatibility options in
    Active Directory

Sponsored by: