February 13, 2015
Stanford University
“(S)ince this is a challenge that we can only meet together, I’m announcing that next month we’ll convene a White House summit on cybersecurity and consumer protection. It’s a White House summit where we're not going to do it at the White House; we're going to go to Stanford University. And it’s going to bring everybody together — industry, tech companies, law enforcement, consumer and privacy advocates, law professors who are specialists in the field, as well as students — to make sure that we work through these issues in a public, transparent fashion.”
— President Obama, January 13, 2015
Watch the live-stream of the Summit below, or at WhiteHouse.gov/Live.
Collaborating on Cyber Solutions
The Summit will bring together leaders from across the country who have a stake in this issue — industry, tech companies, law enforcement, consumer and privacy advocates, law professors who specialize in this field, and students — to collaborate and explore partnerships that will help develop the best ways to bolster our cybersecurity.
From increasing cybersecurity information sharing to improving adoption of more secure payment technologies, here’s a look at the topics that panels at the Summit will address:
- Public-Private Collaboration on Cybersecurity
- Improving Cybersecurity Practices at Consumer-Oriented Businesses and Organizations
- Promoting More Secure Payment Technologies
- Cybersecurity Information Sharing
- International Law Enforcement Cooperation on Cybersecurity
- Improving Authentication: Moving Beyond the Password
- Chief Security Officers’ Perspectives: New Ideas on Technical Security
The Five Things You Need to Know: The Administration's Priorities on Cybersecurity
Cyberspace touches nearly every part of our daily lives — from the broadband beneath us to the wireless signals around us to the networks that power our hospitals, schools, and our nation. The Obama administration is pursuing five key priorities that will strengthen our approach to cybersecurity threats by:
- Protecting the country's critical infrastructure — our most important information systems — from cyber threats.
- Improving our ability to identify and report cyber incidents so that we can respond in a timely manner.
- Engaging with international partners to promote internet freedom and build support for an open, interoperable, secure, and reliable cyberspace.
- Securing federal networks by setting clear security targets and holding agencies accountable for meeting those targets.
- Shaping a cyber-savvy workforce and moving beyond passwords in partnership with the private sector.
Learn more about the Administration’s cybersecurity priorities at WhiteHouse.gov/cybersecurity.
BuySecure Initiative
The President’s BuySecure Initiative, launched in October 2014, expands these cybersecurity efforts — providing consumers with more tools to secure their financial future by assisting victims of identity theft, improving the government’s payment security as a customer and a provider, and accelerating the transition to stronger security technologies and the development of next-generation payment security tools.
Top priorities of the BuySecure Initiative are the forthcoming Summit and:
- Securing payments across the economy, including by advancing federal efforts to transition to more secure payment systems, building public-private awareness about more secure authentication, and calling on industry to enhance the security of their own systems and offer more secure options for their customers.
- Helping Americans secure their good name, by improving resources to identify and remediate identity theft. This includes supporting credit score transparency and improving identity theft resources available to American consumers.
- Enhanced information sharing, by enhancing the ability of federal agencies and industry to regularly exchange information about consumers’ compromised accounts.
Get Involved
If you want to participate in the Summit, please send your questions to CyberSummit@who.eop.gov.
Join the conversation by using #CyberSummit on Twitter, Facebook, and Instagram.
Agenda for the Summit
Memorial Auditorium
8:45 a.m.: Welcome Remarks, Stanford President John Hennessy
8:55 a.m.: Introductory Remarks, Lisa Monaco, National Security Council
9:05 a.m.: Introductory Remarks, Jeff Zients, National Economic Council
9:15 a.m.:
Over the past year, there has been a surge in cybersecurity incidents against high-profile consumer retail, banking, health care, and utility companies. Combined with persistent and growing cyber threats against government entities, we must continue expanding and enhancing public-private cooperation to further safeguard consumers and to better protect our economic and national security. This panel will draw on the experiences of corporate leaders to explore how CEOs, their boards, and their executive teams work with the government to improve cybersecurity across the financial ecosystem.
Moderator: Secretary Jeh Johnson, U.S. Department of Homeland Security
Panelists:
- Kenneth Chenault, Chairman and CEO, American Express
- Anthony Earley, Jr., Chairman and CEO, Pacific Gas & Electric
- Mark McLaughlin, President and CEO, Palo Alto Networks
- Bernard J. Tyson, Chairman and CEO, Kaiser Permanente
- Elizabeth Sherwood-Randall, Deputy Secretary, U.S. Department of Energy
10:00 a.m.:
Cybersecurity incidents have evolved rapidly from theoretical threats or nuisances to events that can threaten the financial security of companies and the public, jeopardize brand value and ongoing operations, and undermine consumer confidence. This panel will explore what CEOs and their boards are doing to move cybersecurity concerns from the IT back-office, ensuring that this critical strategic issue is part of corporate planning, communications, governance, and operations for consumer-oriented business across all sectors of our economy.
Moderator: Secretary Penny Pritzker, U.S. Department of Commerce
Panelists:
- Ajay Banga, President and CEO, MasterCard
- Peter Hancock, President and CEO, AIG
- Renee James, President, Intel
- Brian Moynihan, Chairman and CEO, Bank of America
- Nuala O’Connor, President and CEO, Center for Democracy & Technology
10:45 a.m.: Remarks, Tim Cook, CEO, Apple
10:55 a.m.: Break
11:10 a.m.: Keynote Introduction, Stanford President John Hennessy
11:15 a.m. - 11:45 a.m.: Presidential Address
Afternoon Sessions Resume at CEMEX
1:30 p.m.: Introduction, George Triantis, Chair, Stanford Cybersecurity Initiative Steering Committee
1:35 p.m.: Remarks, Administrator Maria Contreras-Sweet, U.S. Small Business Administration
1:45 p.m.:
As cyber threats have grown, some start-ups have begun building strong security features into their products and services – using these innovations to distinguish themselves from competitors. This informal discussion among CEOs of successful start-ups that have used this strategy will detail how they pushed boundaries to improve security for both their companies and their customers, and explore how other innovative security-minded companies can follow their lead.
Discussants:
- John Holdren, Director, White House Office of Science and Technology Policy
- Patricia Falcone, White House Office of Science and Technology Policy
- Aaron Levie, CEO and Co-Founder, Box
- Michelle Zatlyn, Co-Founder, CloudFlare
2:15 p.m.:
Today, internet-enabled social and mobile devices, and a pervasive IT infrastructure, provide consumers ever easier ways to participate in the global economy. But to maintain the growth of commerce and consumer convenience, and ensure that innovation remains a driving force across our economy, it is essential that electronic payments, financial settlements, and the IT systems and data that support this financial activity, are reliable, trusted, and secure. This panel will explore opportunities for innovation in this area, with a focus on next-generation payment technologies.
Moderator: Deputy Secretary Sarah Bloom Raskin, U.S. Department of Treasury
Panelists:
- Richard Davis, Chairman and CEO, US Bank
- Mike George, CEO and President, QVC
- Alexander Gourlay, President, Walgreens
- Charles Scharf, CEO, Visa
- Dan Schulman, President and CEO, PayPal
3:00 p.m.: Remarks, John Mitchell, Professor of Computer Science and Vice Provost for Online Learning, Stanford University
3:05 p.m.: Plenary ends. Move to break-out sessions.
3:15 p.m.: Break-Out Sessions
The government and the private sector must work together to protect against today’s fast moving and far reaching cyber threats. Panelists will discuss how new models to help share more information on threats and cybersecurity analysis – including regional and threat-based partnerships – can help better secure our networks. They will also discuss challenges to and opportunities for expanded information sharing, and how we can share cyber threat information without compromising our commitment to privacy and civil liberties.
Moderator: Michael Daniel, National Security Council
Panelists:
- Michael Brown, CEO, Symantec
- John Ikard, CEO, FirstBank
- Jennifer Granick, Stanford University, Director Civil Liberties
- Matt Olsen, Former Director, National Counterterrorism Center
- Alejandro Mayorkas, Deputy Secretary, U.S. Department of Homeland Security
To respond to today’s increasingly transnational cyber threats, law enforcement must work quickly and effectively with partners in other countries, with multinational organizations, and with private sector allies around the world. Countries have had great successes in recent years built on bringing together diverse teams of responders, but we also face significant challenges. Panelists will discuss how best to enhance multinational law enforcement cooperation, and how we can more effectively leverage increased international collaboration when responding to cyber threats.
Moderator: Assistant Attorney General Leslie Caldwell
Panelists:
- Joseph Demarest, Federal Bureau of Investigation
- Ed Lowery, U.S. Secret Service
- Kevin Mandia, Former CEO, Mandiant; Senior VP and COO, FireEye
- Jamie Saunders, Director National Cyber Crime Unit, United Kingdom National Crime Agency
- Bilal Sen, United Nations Office of Drug and Crime
Passwords continue to underpin much of our cybersecurity framework, but research has shown that two out of three breaches exploit weak or stolen passwords. President Obama’s National Strategy for Trusted Identities in Cyberspace began a process to address this concern and help both the private and public sectors move beyond passwords. Panelists will discuss the progress made, opportunities and initiatives to deploy new methods of authentication, the benefits we can expect from new security methodologies, and the steps still needed to move our systems – and consumers – beyond passwords.
Moderator: Undersecretary Willie May, NIST
Panelists:
- Lorrie Faith Cranor, Professor, Carnegie Mellon University and Advisory Board Member, Electronic Frontier Foundation
- Stina Ehrensvard, CEO and Founder, Yubikey
- Blake Hall, CEO, ID.me
- Mark Kelsey, CEO, LexisNexis
Cybersecurity is constantly evolving. Techniques that were state of the art four years ago are already outdated today. To keep up, network defenders must be constantly innovating. No one knows this better than the cybersecurity strategists at some of our nation’s leading technology firms, who must defend against new threats before anyone else. This panel will explore the perspectives of these front-line network defenders, discussing lessons learned, techniques they have developed based on their experiences, and what they see for the future.
Moderator: Amy Zegart, Professor, Stanford University
Panelists:
- Scott Charney, Corporate VP Trustworthy Computing, Microsoft
- Eric Grosse, VP for Security Engineering, Google
- Melody Hildebrandt, Global head of cyber security, Palantir
- Alex Stamos, Chief Information Security Officer, Yahoo
- Joe Sullivan, Chief Information Security Officer, Facebook
4:00 p.m.: Adjourn
Side Events
In addition to the Summit on February 13, several federal agencies are partnering with private-sector leaders and Stanford University cybersecurity specialists to host events on specific topics related to cybersecurity and consumer protection. Side events include:
The Department of Commerce’s National Institute of Standards and Technology (NIST) and Stanford University will co-host a workshop on February 12 to discuss implementing advanced cybersecurity and privacy technologies in consumer-facing organizations. The workshop will convene a community of business leaders to discuss ways to realize cybersecurity best practices in real-world conditions. For more information, see: http://nccoe.nist.gov/Technical-Workshop
The White House Office of Science and Technology Policy and Stanford University will co-host a discussion with thought leaders and decision makers to consider how industry, technology companies, government, and academia can collaborate to enhance and leverage cybersecurity research and education. "Inventing the Future: Cybersecurity Research and Education" will concentrate on the promise of research and development for technologies supporting consumer protection, and the workforce that academia and businesses will require in the future. For more information, please contact cybersummit@ostp.gov.
On February 13, contemporaneous with the main summit events at Stanford University, the FBI and U.S. Secret Service will co-host regional open houses in cities throughout the country. Host cities include Austin, Atlanta, Baltimore, Boston, Charlotte, Chicago, Dallas, El Paso, Houston, Indianapolis, Los Angeles, Miami, Minneapolis, New York City, Pittsburgh, San Antonio, Seattle, and Tampa. At each location, local cybersecurity specialists from federal departments and agencies will be available for networking and presentations. Additionally, the Stanford proceedings will be live-streamed to these locations.