Reprinted from blog.evident.io
The State of Israel has developed a reputation as a leading center for security and technology innovation worldwide, earning the well-deserved designation as “the start-up nation.”
In late January, I was honored to be selected by the Israeli government to participate in a delegation made up of leading U.S. security writers, journalists, analysts, and researchers.
The delegation’s purpose was to facilitate a better understanding of the latest trends driving the security industry in Israel, and was coordinated by the America-Israel Friendship League (AIFL) and the Israeli Ministry of Foreign Affairs.
The delegation’s visit coincided with the 2016 CyberTech Conference and was punctuated by private briefings with high-level leaders in the Israeli government, military, academia, and security industry.
The U.S. delegation included myself; Adam Segal, Director of Digital and Cyberspace Policy Program for the Council on Foreign Relations; Richard Stiennon, author and Chief Research Analyst for IT-Harvest; Ben Rothke, author and Senior eGRC Consultant at Nettitude Group; Rob Pegoraro, journalist with USA Today and Yahoo Tech.
The delegation was topped off by the attendance of Ron Woerner, Director for Cybersecurity Studies Bellevue University; Edwin B. Covert, security blogger and Senior Associate at Booz Allen Hamilton; Arya Yeganeh, journalist with the Foreign Desk; technology blogger Alan Weinkrantz; David Strom, journalist with TechTarget and NetworkWorld; and Anne Bader, Founder of the International Cybersecurity Dialogue think tank.
While there was just too many meetings to cover in detail in this article, the following are some of the highlights of the week-long trip.
Israel’s Iron Dome
Just hours after our arrival we were treated to a private dinner briefing with Brigadier General (ret’d) Dr. Danny Gold, hailed as the “father” of Israel’s Iron Dome – the automated anti-missile defense shield now protecting Israel from attacks by adversaries such as Hamas and Hezbollah.
Dr. Gold outlined the tremendous technical challenges his team at Rafael Advanced Defense Systemsfaced in creating the Iron Dome, a project that had at first been rejected by the government and many experts as being all but impossible to deploy in a fully functional capacity.
Most interesting in the development of the Iron Dome was the fact that the real-time analytics required to identify, track, and intercept an incoming missile attack within an approximate fifteen second window were not yet at a stage of maturity when the project was initiated, requiring a great deal of technological innovation in a very short period of time.
Iron Dome was successfully deployed in March of 2011, and intercepted its first target one month later in April. With an average success rate of 90% or better, the system was credited with having intercepted more than 1200 missiles by late 2014.
Videos of the Iron Dome in action are publicly available on YouTube here.
In addition to the creation of the Iron dome, Dr. Gold also discussed advancements in battlefield robotics, real-time virtualized battlefield visualizations, offensive malware attack capabilities which can be applied against incoming missiles attacks, and other electronic warfare techniques being developed by Rafael Advanced Defense Systems.
Cybersecurity at the Israel Electric Corporation
On the first full day of events for the delegation, we traveled north from Tel Aviv to the city of Haifa to tour the main Israel Electric Corporation (IEC) facility and attended briefings with Yossi Shneck, SVP of Communications, and Ronen Dekel, Deputy VP of Cyber Security, prior to taking a tour of the IEC’s state of the art Security Operations Center (SOC).
The briefings were impressive – in comparison to the fragmented state of U.S. critical infrastructure security, Israel is leagues ahead not only security capabilities and incident response, but also in culture and “tone from the top.”
From a power generation and distribution perspective, Israel is an island unto itself and not part of a larger production grid as in North America or Europe. As such, the Israelis fully realize that key control networks are high value targets which need to be protected with robust security programs and strategies.
In the presentation slides we saw data on millions of events ranging from aggressive port scans probing for vulnerabilities to outright assaults utilizing a variety of malware and ransomware strains, distributed denial of service (DDoS) attacks and more, over the course of 2015 alone, with a particularly notable spike in attacks that corresponded to the Anonymous hacktivist group’s #OpIsrael offensive.
Next, we went to a nearby facility that hosts Cyber Gym which conducts training for organizations in Blue Team incident response and remediation of ICS/SCADA security events. Cyber Gym is a joint venture between the IEC and CyberControl, Israel’s leading cyber security consultancy which was established by former operatives and security experts from Israel’s National Security Authority (NISA),
We toured portions of the campus with co-founder and CEO Ofir Hason where we saw facilities which included working emulations of ICS/SCADA systems where personnel are subjected to power failures, fires, equipment failure, and uncontrolled water releases which are designed to simulate real-world working conditions for teams in charge of responding to physical and cyber attacks on critical infrastructure control networks.
The trainings place personnel in control rooms where the lights may go out, alarms sound off, backup generators kick in, pipes might break and start flooding the area, and in the midst of the chaos the team has to make coordinated on-the-spot decisions in order to regain control of critical systems and limit the damage from an attack.
This is about as close as staff can come to an actual security event, and the IEC officials emphasized that CyberGym is an essential aspect of its training programs. The facilities and programs are also available by contract to private sector organizations seeking to hone the skills of their teams.
CyberTech Kickoff and Briefings with Key Government Officials
We began the third day attending the opening plenary of the CyberTech Conference. An introduction to the event was provided by Conference Chairman Yossi Vardi, which was followed by an informative presentation by the Foreign Minister of Estonia Marina Kaljurand.
Next up was a keynote speech by Prime Minister Benjamin Netanyahu who shared a particularly forward-thinking point of view on the tremendous importance that cybersecurity plays today in every aspect of Israel’s public and private sector activities. He emphasized that his government is intent on making sure Israel is recognized as worldwide leader in cybersecurity.
“We cannot grow unless we have cybersecurity. It is essential for the defense of both individuals and the nation, which at the same time creates a huge economic opportunity. I want Israel to become a cyber power, and at the same time a catalyst for worldwide cyber capabilities,” Netanyahu told the audience.
“It is just a matter of time before you are going to be penetrated, especially as you increase your connections to the outside world. [So] government and industry need to collaborate. We need to have a goal and to start moving toward it, and not wait for all our plans to come together before taking action.”
About halfway through the speech, the delegation was hustled backstage to await a brief meeting and photo op with the Prime Minister. Though this meant we missed a good portion of Netanyahu’s delivery, all agreed it was a worthwhile trade-off to have the opportunity to meet him in person.
We then had a private briefing with Dr. Eviatar Matania, head of the recently created Israeli National Cyber bureau, which operates out of the Prime Minister’s Office.
“Four years ago, the government realized we needed to be more comprehensive,” said Matania. “Now everything is connected, and we need to design new approaches and work together.”
Matania further detailed the issues that lead to the formation of the Cyber Bureau and its mission to direct regulatory efforts, track cybersecurity events, oversee advanced technology export restrictions, and coordinate cyber defense and research efforts nationwide.
The Security Startup Focus in Israel
The delegation was also given the opportunity to meet with officials from the successful venture capital firm Jerusalem Venture Partners (JVP), which has played a key role in the development of some fourteen IPOs for Israeli security companies now trading on NASDAQ.
JVP is currently working with numerous security startups, and we were invited to participate in briefings from about a dozen CEOs/CTOs from some of the most promising startups that JVP backs. There is definitely some disruptive security tech being developed in Israel.
Following those sessions we had a private briefing with Knesset member Erel Margalit, the founder and former CEO of JVP, who was kind enough to engage in a lively Q&A with the delegation.
Margalit was really impressive in his knowledge of the security industry and proved to be quite the visionary where Israel’s leadership in the tech and security fields are concerned. Of note was his vocal advocacy for the development of better mechanisms for the sharing of cyber intelligence between the national CERTS of like-minded countries.
“We want to build the tech equivalent of Interpol, because we need standards for the interception of attacks in real-time. When you have an attack, you need to share information to be effective. If you try to work alone, you will lose,” Margalit said, noting that the Israeli financial sector has found success in sharing cyber intelligence information.
“It saves a lot of effort now, and we have found that the vast majority of attacks can be prevented if you have the right protective systems and share the right kinds of information.”
Intelligence and Innovation Drivers
On the last day of our delegation’s trip, we were treated to a morning briefing from Nadav Zafrir, former Head of the Israeli Defense Force’s intelligence apparatus, the legendary Unit 8200.
Zafrir discussed the sensitive nature of the work that Unit 8200 does, something that until fairly recently was completely classified to the degree that those who serve and have served in the division were not allowed to divulge their involvement even to their closest family members.
Zafrir said that one of the key advantages Unit 8200 has enjoyed over their counterparts in other countries was the fact that Israel’s compulsory military service – at least three years for males and two years for females – allowed them to cherry pick the best and brightest of the conscripts for participation in intelligence activities, much of which is dedicated to cybersecurity efforts.
Following the meeting with Zafrir, the delegation was shuttled to the offices of Israel’s Chief Scientist, Avi Hasson.
The office of the Chief Scientist, which operates under the auspice of the Ministry of Economics, was created in the 1970’s with the mission to catalyze key technological innovations within the private sector in order to create economic impact in the marketplace.
Israel is a small nation with little in the way of natural resources from which to base industries on, so it should come as little surprise that fully 50% of the nation’s exports are technology based goods and services.
Zafrir pointed out that over the course of his six year term, he has worked with five different ministers from five different political parties, and that one of the most important roles the Chief Scientist plays is to create and maintain a stable economic environment that fosters investment from both within and outside of Israel.
“Stability is important because if you’re an entrepreneur or multinational thinking of coming to Israel, these are long term decisions – you want to make sure that government legislation won’t bounce around, and so some pillars of policy have remained in place.”
Israel invests a larger percentage of GDP to research and development than any other nation (4.2%), while the government’s realized return on those investments is simultaneously the lowest of all countries. Zafrir emphasized that his office seeks to work directly with private investors in partnership as opposed to trying to fill their shoes.
This has resulted in more than 300 multinational companies locating major R&D facilities in Israel, and that most of these companies have made an average of ten or more acquisitions of Israeli startups.
Zafrir says that his role is not to dictate which industries should receive incentives and funding, as the private sector is much better at such forecasting, but it is instead his job to create and maintain the best business environment for entrepreneurs and innovators in the private sector to fulfill their full potential – and he seems to be doing a really good job at it.
One thing that occurred to me over the course of the week was that since Israel became a state, a great deal of their national security was dependent upon ideological, military and political support from the West – namely the United States.
Support for Israel in the U.S. has understandably experienced some ebbs and flows based on the current political climate and the party in power in the White House and Congress.
Today, Israel has been successful in attracting some of the biggest companies in the world to invest heavily, it seems that a side-benefit is that they now have some of the most powerful allies they could ever hope for in the form of the private sector, and it is clear that the fate of Israel as a state has much greater economic implications for the West.
Israel now represents an investment that is worth billions of dollars to those private sector stakeholders, and this represents a significant shift in dynamics of international relations, and should work to help them guarantee their national security for a long time to come.
Special thanks to the AIFL, the Ministry of Foreign Affairs, the U.S. Delegation Members, and Arya Yeganeh for providing additional notes…