EDITOR’S NOTE: Israel has a long tradition of delivering security products for enterprise IT, dating back to Check Point introducing the first firewall 20 years ago. Today, Israel exports $6 billion in cyber technology and accounts for a fifth of the world’s private investment in cyber. Network World’s David Strom attended last week’s CyberTech 2016 conference in Tel Aviv and filed this report.
TEL AVIV, ISRAEL -- It isn’t often that a speech from a head of state at a tech conference is relevant to IT security managers, but Prime Minister Benjamin Netanyahu’s address at last week’s third annual CyberTech 2016 focused on where the Israeli government and its IT security industry are heading.
Netanyahu offered a plan for cross-country sharing of cybersecurity threats, demonstrated his knowledge of the tech industry, described the economic opportunities of cyber-tech and outlined policy changes that he wants to see to further strengthen Israel’s role in both overall technology and cybersecurity in particular.
“It is just a matter of time before you are going to be penetrated, especially as you increase your connections to the outside world,” he said. “But government and industry need to collaborate. We need to have a goal and to start moving toward it, and not wait for all your plans to come together before taking action.”
The prime minister predicts that eventually Israel will have one comprehensive view on cybercrime, threat prevention, and cyber-based terror attacks. “We cannot grow unless we have cybersecurity. It is essential for the defense of both individuals and the nation, which at the same time creates a huge economic opportunity. I want Israel to become a cyber power, and at the same time a catalyst for worldwide cyber capabilities."
Startup Nation
Israel has often been called the startup nation. It seems no matter where you travel in the country there is a startup incubator and co-working spaces. According to a report by one Israeli analyst in Globes.co.il, the average Israeli security startup has five employees and about half have survived over time, with between 50 and 75 new companies being created each year. Depending on the source, there are currently anywhere from 250 to 400 Israeli cybersecurity vendors.
Many of these companies are located in Beersheva, a growing city about an hour south of Tel Aviv. Thanks to a combination of government grants, a large university that has attracted numerous investments from private tech vendors, and the interest of at least one venture capital company (Jerusalem Venture Partners or JVP), the town has become the new center for cybersecurity research.
Several times during the conference, various speakers pointed to its fast growth over the past couple of years as an example of where Israel intends to take cyber tech. The booth sponsored by JVC had its various portfolio companies showing off their technologies along with representatives from other Beersheva operations, including security research labs of Deutsche Telekom, EMC, and others.
Beersheva is also the new home for Israel’s national computer emergency response team or CERT. “What is needed is to have connections between the national CERTS of different countries,” said Erel Margalit, a member of Israel’s Knesset and a founder of JVP. At the Cybertech conference, Margalit led a panel with other cybersecurity researchers from Sweden, Panama, and Holland to talk about cross-country information sharing.
Erel Margalit, a member of Israel’s Knesset and a founder of JVP
“We want to build the tech equivalent of Interpol,” he said, mentioning the European police agency, “because we need standards for the interception of attacks in real-time. When you have an attack, you need to share information to be effective. If you try to work alone, you will lose.” He mentioned that many Israeli banks are sharing attack information: “It saves a lot of effort now. And we have found that the vast majority of attacks can be prevented if you have the right protective systems and share the right kinds of information.”
He sees the Israeli government as a key player to help this initiative move forward. At the conference, Netanyahu said, “As long as we do not cooperate, especially with other countries, there will be no growth, and I am an apostle of growth.”
Another effort is to consolidate the various government cybersecurity departments into a single National Cyber Bureau. Established in 2012 and now run by Eviatar Matania, the goal of the bureau is to make it easier to respond to attacks, coordinate both civilian and military responses, and to help figure out international laws that make sense for any future cyber crimes.
“Four years ago, the government realized we needed to be more comprehensive,” says Matania. “Now everything is connected, and we need to design new approaches and work together.” The bureau intends to be a single source for regulations, tracking cyber attacks, handling technology export restrictions, coordinating cyber defenses and cyber research.
New security offerings
The show featured exhibits from more than 140 companies, equally split between startups and established vendors, and from Israeli and non-Israeli vendors. Here are a few examples:
- CyberGym provides real-world attack and incident response and live training exercises for teaching security teams and IT managers how to work together when they experience a breach. The teams travel to their offices in Israel, Portugal and the Czech Republic to participate in what they call “cyber war game scenarios.”
- Based in Budapest, Balabit was at the show and demonstrating Blindspotter. Building on its Shell Control Box, the software tracks and visualizes user activity in real-time to prevent sensitive data from being exfiltrated from an enterprise network and expose hijacked and misused user accounts.
- Morphisec’ Moving Target Defense products take a page from the attackers use of ever-changing malware and turns the tables. They provide an endpoint protection layer that makes the entire computer memory space unpredictable to all kinds of exploits without altering the flow of the running applications.
- EMC/RSA’s Advanced Security Operations Center is a managed services offering that specializes in protecting digital assets and is used to investigate intrusions and cyber attacks.
- Scadafence is a tool for industrial control environments that can detect process manipulation and data thefts and can detect both malicious attacks and benign threats.
- Cymmetria’s MazeRunner product can control an attacker’s movements from the very beginning – and lead him to a monitored deception network where he can be neutralized.
- Finally, SecBI was showing their automated security investigation tools that process security log data using a variety of Big Data techniques.
Takeaways for IT managers
So what should IT managers take from all this activity? Certainly, keep track of the latest cybersecurity ventures coming out of Israel. While the companies are small, some of them are attracting global businesses.
Look at what JVP is doing especially, and start following other key players in the Beersheva tech community such as Dudu Mimran (a leading investor and director of one of the local research labs) and Shlomi Dolev (a professor at the university). Finally, keep an eye on investment-oriented websites for major acquisitions activity for Israeli startups that can help you improve your security posture.
Strom is the founding editor-in-chief of Network Computing magazine and has written thousands of magazine articles and two books on various IT and networking topics. His blog can be found at strominator.com and you can follow him on Twitter @dstrom. He lives in St. Louis. Strom’s trip to Israel was partially sponsored by the America-Israel Friendship League and the Israeli Foreign Ministry.
This story, "Netanyahu: “I want Israel to become a cyber power”" was originally published by Network World.