Today President Obama spoke at Stanford University at the Summit on Cybersecurity and Consumer Protection. In a wide-ranging conference, which touched on everything from biometric passwords to the economics of technology, the urgent theme that surfaced was the importance of the public and private sectors working together to crack one of the 21st century’s biggest challenges. The last six months have read like an A-Z of cybersecurity breaches ripping across industries, from retail (Target), to entertainment (Sony), to insurance (Anthem). According to U.S. Homeland Security, cybersecurity attacks have multiplied fivefold since 2009, with the seriousness of these breaches rising each year.
While the summit was intended to bridge the public and private sectors, the absence of corporate heavyweights was striking. Prior to President Obama’s keynote address, the chief executive of the world’s most valuable company, Apple CEO Tim Cook, took the stage. Echoing sentiments he has previously discussed, Cook talked about his desire to protect consumer data not just from hackers, but from any threats to their privacy.
“We have a straightforward business model that’s based on selling the best products and services in the world—not on selling your personal data,” Cook said. “We don’t sell advertisers information from your email content, from your messages, or your web-browsing history. We don’t try to monetize the information you store on your iPhone or in iCloud. When we ask you for data, it’s to provide you with better services–and even then you’re in the driver’s seat about how much information you share, and when you want to stop sharing it.”
However, the louder statement may have come from the collective silence of Google, Facebook, and Yahoo , whose execs didn’t bother to show up, at a time when relations between Silicon Valley and the government are frayed due to disagreements over privacy issues. Many of these companies propose similar information-sharing initiatives to Obama’s, designed to improve cybersecurity—but without government involvement.
Facebook, for instance, recently launched ThreatExchange: a social network for security experts designed to cut down on hacks by drawing on shared knowledge. However, this is an inter-company tool, rather than a public-private sector confluence. “At this time, we’re focused on security teams at larger companies and people with open-source data feeds,” a spokesperson for Facebook told Fast Company today. “We’ve received enthusiastic responses to ThreatExchange, and we look forward to bringing more partners onto the platform in time once we start scaling it out. For now we are working only with private companies.”
Obama ended his Stanford address today by signing an executive order aimed at encouraging companies to share more threat data with the federal government and with one other. “There’s only one way to defend America from these cyberthreats, and it’s through government and industry working together–sharing appropriate information–as true partners,” said Obama.
But clearly there’s a lot of work to do. Despite the deluge of hacks that have taken place over the past year, security still isn’t taken seriously enough. According to a recent PwC survey, only 45% of U.S. CEOs described themselves as “extremely” concerned about cybersecurity, up from 22% one year earlier. A recent study suggests that many citizens would willingly sell work passwords for as little as $150, while, depressingly, the world’s most popular password remains “123456.”