Alphabet CEO Sundar Pichai and other tech executives today attended the White House Cyber Security Meeting. Google announced that it’s committing $10 billion over the next five years to strengthen and “advance cybersecurity.”
The event was attended by Amazon, Apple, Microsoft, and many others in the industry as “widespread cyberattacks continue to exploit vulnerabilities targeting people, organizations, and governments around the world.”
One aspect of Google’s response is securing software supply chains. These weaknesses are used by “nation-state actors, cybercriminals and other malicious actors,” with Solarwinds being the most recent example:
Today, the vast majority of modern software development makes use of open source software, including software incorporated in many aspects of critical infrastructure and national security systems. Despite this, there is no formal requirement or standard for maintaining the security of that software. Most of the work that is done to enhance the security of open source software, including fixing known vulnerabilities, is done on an ad hoc basis.
To that end, it’s providing $100 million to organizations that help fix vulnerabilities in open source software. This includes the Open Source Security Foundation (OpenSSF), which it previously worked with to release best practices on securing supply chains.
Cyberattacks today are exacerbated by the lack of security professionals that can “anticipate and deal with these threats.” The company’s solution is to “help 100,000 Americans earn Google Career Certificates in fields like IT Support and Data Analytics to learn in-demand skills including data privacy and security.”
Rounding out today’s cybersecurity development, Google is encouraging organizations — and the federal government — to modernize legacy infrastructure and take advantage of zero-trust computing where devices aren’t given control or access to data without strenuous verification.
FTC: We use income earning auto affiliate links. More.