Microsoft commits $20 billion to advance cybersecurity following meeting with President Biden

What you need to know

• President Joe Biden met with Microsoft, Apple, Amazon, and other major tech companies this week regarding cybersecurity.
• Microsoft committed to invest $20 billion over the next five years to help integrate cybersecurity by design.
• The National Institute of Standards and Technology will work with industry partners to secure the technology supply chain.

CEOs from Microsoft, Apple, Amazon, and other tech giants met with U.S. President Joe Biden regarding cybersecurity on Wednesday, August 25, 2021. Following the meeting, these companies and many other leaders in the technology industry agreed to major commitments to bolster cybersecurity. The discussions came following major cybersecurity attacks, including the SolarWinds hack and the Pegasus iPhone hack.

Microsoft will invest $20 billion over the next five years "to integrate cyber security by design and deliver advanced security solutions." Google committed to invest $10 billion over the next five years to expand zero-trust programs, to help secure the software supply chain, and to enhance open-source security.

Microsoft CEO Satya Nadella specified on Twitter that $150 million of Microsoft's investment will be used to help the U.S. government upgrade protections.

A statement from the White House outlines commitments from each company and from the Biden Administration. Below are the commitments from Microsoft, Apple, Google, and Amazon:

• Microsoft announced it will invest $20 billion over the next 5 years to accelerate efforts to integrate cyber security by design and deliver advanced security solutions. Microsoft also announced it will immediately make available $150 million in technical services to help federal, state, and local governments with upgrading security protection, and will expand partnerships with community colleges and non-profits for cybersecurity training.
• Apple announced it will establish a new program to drive continuous security improvements throughout the technology supply chain. As part of that program, Apple will work with its suppliers — including more than 9,000 in the United States— to drive the mass adoption of multi-factor authentication, security training, vulnerability remediation, event logging, and incident response.
• Google announced it will invest $10 billion over the next five years to expand zero-trust programs, help secure the software supply chain, and enhance open-source security. Google also announced it will help 100,000 Americans earn industry-recognized digital skills certificates that provide the knowledge that can lead to secure high-paying, high-growth jobs.
• Amazon announced it will make available to the public at no charge the security awareness training it offers its employees. Amazon also announced it will make available to all Amazon Web Services account holders at no additional cost, a multi-factor authentication device to protect against cybersecurity threats like phishing and password theft.

IBM, Resilience, Coalition, Code.org, Girls Who Code, University of Texas System, and Whatcom Community College also shared commitments following the meeting.

The National Institute of Standards and Technology (NIST) will work with partners to create a new framework to improve the security of the technology supply chain. The Biden administration also announced the expansion of the Industrial Control Systems Cybersecurity Initiative into natural gas pipelines. The latter is likely in response to the Colonial Pipeline attack, which stopped gas from being delivered in the southeast region of the U.S. earlier this year (via ZDNet).

Earlier this year, the Biden administration also issued a National Security Memorandum.