Discussions regarding ways to enhance software security are scheduled to take place in January between White House officials and heads of several major software development and cloud service organizations, according to CNN.
The talks are being pushed by National Security Adviser Jake Sullivan in the wake of the discovery of the critical Log4j vulnerability that potentially leaves companies and devices around the world open to breaches by threat actors, which Sullivan described as “a key national security concern” in his letter to the technology companies.
Private companies and government agencies across the globe have been working to patch the vulnerability amid reports that nation-backed threat actors and ransomware groups have been actively exploiting the flaw, and the US Cybersecurity and Infrastructure Security Agency responded on Dec. 17 by issuing an emergency directive mandating system updates at all federal civilian agencies.
A National Security Council representative declined to reveal the identities of the companies that have been invited to the meeting.
U.S. critical infrastructure organizations have been noted by the Department of Homeland Security to be at risk of cyberattacks leveraging artificial intelligence, with China and other nation-states exploiting the technology to deploy more advanced malware attacks and influence operations, CyberScoop reports.
Major U.S. consumer product leasing firm Progressive Leasing has disclosed that some of its systems have been impacted by a cyberattack that resulted in the significant compromise of personally identifiable information belonging to its customers and other individuals, according to The Record, a news site by cybersecurity firm Recorded Future.