Advertisement
Canada markets open in 6 hours 23 minutes

  • S&P/TSX

    21,740.20
    -159.79 (-0.73%)
     

  • S&P 500

    5,061.82
    -61.59 (-1.20%)
     

  • DOW

    37,735.11
    -248.13 (-0.65%)
     

  • CAD/USD

    0.7249
    -0.0004 (-0.06%)
     

  • CRUDE OIL

    85.63
    +0.22 (+0.26%)
     

  • Bitcoin CAD

    87,291.37
    -4,266.29 (-4.66%)
     

  • CMC Crypto 200

    885.54
    0.00 (0.00%)
     

  • GOLD FUTURES

    2,388.70
    +5.70 (+0.24%)
     

  • RUSSELL 2000

    1,975.71
    -27.47 (-1.37%)
     

  • 10-Yr Bond

    4.6280
    0.0000 (0.00%)
     

  • NASDAQ futures

    17,843.75
    -32.50 (-0.18%)
     

  • VOLATILITY

    19.23
    0.00 (0.00%)
     

  • FTSE

    7,965.53
    0.00 (0.00%)
     

  • NIKKEI 225

    38,471.20
    -761.60 (-1.94%)
     

  • CAD/EUR

    0.6824
    0.0000 (0.00%)
     
MARKETS LIVE BLOG:

STOCKS SLIP WITH MIDEAST TENSIONS, EARNINGS IN PLAY

Oil pares losses as traders anticipate Israel's response to Iranian attack

Big Tech groups work with Biden on new cybersecurity guidelines

Yahoo Finance Video

Yahoo Finance Live recaps President Biden's meeting at the White House yesterday with tech and finance CEOs, and discuss how the U.S. will aim to tackle cybersecurity moving forward.

Video Transcript

MYLES UDLAND: Yesterday on Wednesday we saw tech leaders head down to Washington DC to meet with White House officials. We discussed what could be discussed, what could be expected to come out of that meeting on yesterday's program. And Yahoo Finance's Dan Howley stops by to tell us what did come out of those conversations. Halley.

DAN HOWLEY: That's right, Myles. We basically learned that Biden had spoken with these CEOs, not just from the tech industry but from the energy and banking and insurance industries as well. And essentially, yeah, they discussed what they could do to basically prop up a public private relationship between the federal government and those groups just to ensure cybersecurity and not just for the federal government but for local and state governments as well. Again, I mentioned yesterday those are the ones that really have been taking a pounding from these cyber attacks.

ADVERTISEMENT

So it's kind of not really been noticed as much as the big government hack that we talked about back in December of 2020. But some of the companies actually made pledges as part of this. So I just wanna run through a few. Microsoft said they're gonna spend $20 billion over the next five years basically building out, further building out rather, their cybersecurity capabilities. Previously, they had said they would be spending $1 billion a year. So they're increasing that obviously.

They also said they're gonna be giving 150 million to federal, state, and local governments to help them build their cyber defenses out, $150 million in services, though not in cash. Amazon said that they're gonna make their cybersecurity training materials that they develop for their own employees public so that people are able to look at those and kind of learn from those best practices. And they're also gonna provide AWS customers with free multi-factor authentication devices.

Those are probably thumb drives or something along those lines that allow you to log in after entering your password. Google, meanwhile, said that they're gonna invest $10 billion dollars over the next five years to expand its zero trust programs. That's basically nobody is allowed in unless they enter the exact passwords and multi-factor authentication, things like that. And then that's going to help build out their software supply chain and enhance open source security.

Obviously Google, they've got open source. Chrome is open source. And Android is open source. And then Apple, surprisingly they're not really working on larger security issues. They're working on supply chains. So they're gonna build out security for the supply chain. They're gonna work with their suppliers and ensure that they all use multi-factor authentication. They're gonna have security training and understand vulnerability remediation, basically making sure that they can take care of any holes they might have.

And then another cybersecurity company, a coalition there, a cybersecurity insurance provider, they said that they're gonna make their cybersecurity risk assessment and monitoring platform free to any organization. So really these companies are taking steps. But it's not really going to cure anything. This is not a panacea for our larger issues with cybersecurity in the country. And really what that comes down to is we have so many individual businesses that don't have requirements for cybersecurity. And they frankly don't spend enough on cybersecurity.

Or they just don't take it seriously enough. And that's how we have issues. And that really is kind of how the Colonial Pipeline hack had happened. It was just a password that wasn't set on a VPN. And so that's why we ended up losing nearly 50% of the fuel capacity to the East Coast for a few days. So really the government obviously stepped in there with the TSA making new requirements. But it's a huge ecosystem of interconnected devices. And so many of them will continue to be insecure until we get some kind of federal mandate about security for businesses.

JULIE HYMAN: I mean, Dan, because all the spending and planning sounds great, is that what you're hearing from cybersecurity experts that the federal government needs to mandate more action on this? Or are there other-- I mean, the federal government itself also does its own cybersecurity, right, of some of these hacks at the source in various countries. So what's gonna to be most key in preventing all of this?

DAN HOWLEY: Yeah, I think really what it comes down to it is-- and the experts that I've spoken to in the past have really said there needs to be some form of cybersecurity requirement or something to get these companies, every company by the way. It's not just big companies but small companies, small, medium businesses. They're also on the hook here as well because if they're part of the supply chain that feeds into the larger companies or into the federal government or local governments, then there are vulnerabilities.

So really what the experts have said is it's gotta be either a mandate or some kind of carrot and stick maybe to get them to start moving along to improving cybersecurity. And really that's the only way that they're you're gonna be able to protect everything. And any company that does contracting with the government, they need to be using the proper cybersecurity capabilities or cybersecurity protection plans in place.

But right now, it doesn't seem like that's gonna happen any time soon. We do have, though, some movement. There was talk from the Biden administration making cybersecurity requirements for gas pipelines now, not just the fuel pipelines that they previously had. So hopefully we start to see a little bit more momentum in that direction. But if we don't, we're gonna continue to see these kinds of ransomware attacks and overall hacks from nation states and criminal actors.

MYLES UDLAND: All right, Yahoo Finance's Dan Howley with the changing landscape with national cyber security. All right.