Biden's Cyber Leaders Go To Silicon Valley for More Help Fighting Hackers

Senior Biden administration officials met in Silicon Valley on Monday with key technology and cybersecurity companies as part of a push for more help from the private sector in fending off increasingly aggressive hackers working for adversarial regimes and criminal gangs. From a report: Homeland Security Secretary Alejandro Mayorkas, Cybersecurity and Infrastructure Security Agency Director Jen Easterly, National Cyber Director Chris Inglis and other officials met with executives from 13 companies, including Google, networking vendor Juniper Networks and security firm Mandiant. Their aim was to deepen relationships between government and industry that security professionals see as vital for protecting the nation's critical infrastructure. The government already has strong relationships with some companies, such as Microsoft, that routinely warn officials about cyberattacks and help neutralize them. But Monday's meeting is part of a charm offensive aimed at growing the ranks of the government's industry allies and improving how efficiently they work together. These partnerships could offer the Biden administration a new weapon against ransomware -- one that doesn't rely on cooperation from Russian President Vladimir Putin, whose nation shelters many ransomware operators and with whom Biden is set to discuss cyber and other issues on Tuesday.

"CYBER" == Government guy about to dumbspeak

[Seven Spirals]

The minute you hear the word "Cyber" you know you are dealing with a Gibson fan or a government dumbfuck.

Re: "CYBER" == Government guy about to dumbspeak

[thunderfsck]

That does sound a bit amateurish, but then again we live in a country where semiautomatic weapons with high capacity magazines are considered vital for self-defense.

I guess even our assassins have bought into the quantity > quality mindset.

Re:

[JustNiz]

>> we live in a country where semiautomatic weapons with high capacity magazines are considered vital for self-defense.

Well they actually are, when the bad guys have them too.

Re:

[Penguinoflight]

It's not uncommon to see someone take 5 gunshots before dying, especially if the assailant wants to ensure a kill before leaving. Boston's fatal vs non-fatal shootings shows the mean to kill at nearly 3 hits, with survivors taking on average about 1.5 wounds.

Also interesting in the data, there was an average of 5 shots dispensed, with fatality victims having 6 and non-fatal only having 4. This might conclude that for the average shooter to confirm 3 hits he needs to fire at least 6 shots. Certainly a pro

Re:"CYBER" == Government guy about to dumbspeak

[Baconsmoke]

The term cybersecurity is "the" accepted term by the people who actually work in the industry doing that as their fulltime job. Nothing gibson or dumbfuck about it.

Re:

[jellomizer]

Now Now... We know how anything said or done by the person of a political party you didn't vote for is automatically dumb, incompetent, corrupt, yet keen enough to manage a complex conspiracy that has never been fully found out to go against everything you value.

People feel strongly about of group of people who's only real similarity is the fact they checked a piece of paper saying they had joined that party.

Re:

[AmiMoJo]

Well in this case it does seem a bit odd to go to the source of most of the vulnerabilities...

Re:

[Anonymous Coward]

The term cybersecurity is "the" accepted term by the people who actually work in the industry doing that as their fulltime job.

That may be so.

Nothing gibson or dumbfuck about it.

This conclusion does not follow from that premise.

Re:

[Seven Spirals]

Get real. If you use that word at anywhere outside of government then you will be instantly labeled as a moron. Wait. Too late.

Re:

[phantomfive]

A lot of people working in cybersecurity don't know how to make something secure.

Re: "CYBER" == Government guy about to dumbspeak

[K. S. Kyosuke]

Clearly the people tasked with securing computer systems are not exactly human language experts. Which was to be expected.

Re:

[DarkOx]

Not really - most people who actually have a clue use 'infosec' cyber security is generally reserved for talking to people who we think not just won't understand but can't

Re:

[Seven Spirals]

90% of the time when someone says "Cyber" on their own steam (ie.. not just repeating the name of some company with "cyber" in the name) they are a journalist (and they are some of the dumbest and least honest creatures on Earth). However, I love watching these grey haired generals say "We gotta focus on Cyber" during congressional hearings, too. I can understand someone who has to talk to a journalist or a general using the word: they are just speaking in terms the target can understand.

Prediction

[NFN_NLN]

In the future each country will have it's own walled internet. International companies will host a server in each country in order to serve that region. This will put them in that country's legal jurisdiction to face actions for malicious behavior. We're already seeing this with Facebook/Russia.
People can still browse the international internet but have to use a VPN or proxy and explicitly leave the walled garden.

You guys are experts!

[JKanoock]

Definitely talk to the guys who steal people's private data, these guys know how to get the info!

To some extent, security is a human problem

[Junta]

IT security frequently makes every tool available that you'd need to credibly secure a service.

Then some human factor causes a weakness.

Semi-hilarious when security breach happens through flimsily secured interface, and security 'compromise' is add more hardening to a channel that has never been compromised, because it's just not 'feasible' to fix that flimsy interface.

Even more when in the name of 'security' you do something like disable remote root access, but have a NOPASSWD: all sudoer as a workaround f

And the corporatocracy grows even more

[jenningsthecat]

I understand the need for the gubmint to seek help help from Silly Valley. But there's gonna be a quid pro quo - probably something about less industry regulation and/or lower taxes and/or government contracts and/or more input into legislation and policy - and the public good will be the worse for it.

Hard problem

[bradley13]

Working for the US government as a techie is not sexy (with a few exceptions, like maybe the NSA). And while the pay isn't bad for generic paper pushers, good technical people can certainly earn more elsewhere. So what is the government to do? It can't really hire the people it needs (and probably wouldn't know how to manage them if it could).

But issuing contracts isn't going to work well either, because...contracts for what, exactly? Governmental systems are a horrible mish-mash of stuff that has grown o

no progress until there is personal cybersecurity

[rapjr]

Industry and government can collaborate all they want but until they start paying attention to all those little personal computers they will never stop botnets, phishing, network penetrations, zero days, ransomware or much of the rest of it. All these things are happening _because_ they ignored the people and concentrated on their own systems and sold us a bunch of features instead of something that works well. If people can be compromised so can any computer they have access to. Computer security has to secure the computers of the people, otherwise you are building your security on an insecure base.