Israeli Defense in the Age of Cyber War
Updated: Nov 14, 2019
Cyberspace has become a new warfare domain in the modern battleground, joining the existing natural domains of land, sea, air and space. Cyberspace fundamentally utilizes an electromagnetic field for human purposes by means of technology. In other words, such technology is a type of weapon, which is aimed at vanquishing another by attacking systems connected to cyberspace. Cyber weapons have the ability to cause serious damage without destroying physical infrastructures or human life. Cyber warfare is commonly defined as the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for purposes of espionage, psychological warfare, deterrence, and damage to information technology systems or physical targets.
The extensive dependence our society developed on computer, communications and information systems exposes us to various types of attacks. Starting at information corruption, code manipulation, hacking to existing databases attacks, to attacks on critical infrastructures aimed at shutting down an entire country with no ability to locate the source. The vast progress made in computer and information networks has created a new reality in which military communications infrastructures are often connected to their civilian counterparts. Both infrastructures are increasingly dependent on computers, and their protection is critical for both civilian and national security purposes. Once it was recognized that computers were weak points, cyber warfare technologies began to emerge, designed to attack an adversary's data assets and even cause significant physical damage remotely to systems without employing conventional or non-conventional weapons or sending soldiers into the battlefield. At the same time, security agencies and armed forces worldwide have been developing cyber defense capabilities to protect these vital infrastructures.
From the early days of statehood, technology occupied a prominent place in Israel's national security concept as it sought to establish a qualitative edge over its vastly more populated Arab adversaries. The emerging of cyber warfare has become one of the most critical threats to Israel's vital infrastructures in both the civil and the military-security sectors. In the traditional Israeli approach to security, much effort is invested in intelligence, early warning, and deterrence in order to minimize the expenditure involved in maintaining a continuous state of alert. Rapid technological developments and the momentous regional events of the past few decades have seriously challenged this traditional security concept. Israel's future as a democratic, open society depends on the capability to protect the country's vital computer networks.
Israel does not remain indifferent and has been working on several mechanisms to enhance its defense capabilities in the field. Due to its special geopolitical location as well as high technological capabilities in the field of communications and computerization, Israel is currently ranked among the leading countries in the field of cyber warfare, armed with many companies, such as Check Point, Aladdin, Imperva and others. In addition, since 2011, the National Cyber Staff has been working vigorously to build national resilience in cyberspace and to establish Israeli leadership in this field.
Over the past few years, global-scale cyber-attacks have become more frequent and hackers continue to discover new attack vectors in existing and evolving domains, forcing cybersecurity vendors to constantly reinvent solutions. In parallel, the “traditional” enterprise network is expanding and becoming increasingly complex, undefined and diffuse, as the enterprise perimeter moves into the cloud. These unique dynamics, which keep the market in an ongoing explosive phase, are catalysts for cybersecurity-related innovation and result in attractiveness for investments and M&A deals.
Consequently, Israel has built an impressive innovation infrastructure for meeting these modern challenges head-on. Hence, Israel’s academic institutions, with world-leading cybersecurity departments, and sophistication of bodies like the IDF’s elite Unit 8200, which have been indispensable in developing Israel’s cybersecurity prowess and have supplied much of the talent for Israel’s leading cybersecurity startups have a key role. Last year, the 8200 unit prevented an ISIS air attack against a Western country. Basically, Israel uses the military a startup incubator and accelerator. The adverse geo-political conditions of Israel have forced the country to invest its meager resources in developing and maintaining superior military capabilities. Thanks to such forward-thinking entities, Israel became world renowned as a cybersecurity superpower, attracting over $800 million in investments, 16 percent of the world’s total cybersecurity investments in 2017.
In 2018, Israeli startups received roughly 20% of global VC investments in cybersecurity estimated at 1.19 billion USD. According to Strategic Cyber Ventures' report, Israel has surpassed China last year as the most desirable country for VC investments in cybersecurity companies outside of the US. Moreover, in the past year Israel experienced an increased participation by non-Israeli investors, including ClearSky Security Fund, Blumberg Capital, Boldstart Ventures and Sequoia Capital, who were involved in 65% of investment deals by corporate VCs (Intel Capital).
As a result, there has been a growth of the cybersecurity sector in Israel to 450 local cybersecurity companies by the end of 2018, reinforced by the 47 multinational corporations with cybersecurity-related operations. From 2017 to 2018, the sector enjoyed an increase of 12% in revenues. The analysts at Strategic Cyber Ventures predict increased consolidation in the global cybersecurity market with established incumbents continuing to acquire startups. These insights drive the creation of new startups and new market segments, emerging with the evolution of cybersecurity and the larger IT environment.
Those astonishing numbers could be an indication for Israel’s competitive advantage in both the development of solutions based on deep technology, and innovative solutions. Israel's culture of innovation, its unique human capital and its national security efforts create a perfect environment for cyber innovation, thus answering this need both locally and globally. In addition, IDF's cyber-security system reorganized itself completely to improve inter-organizational cooperation with the state, in order to be able to combat affectively cyber terrorism. Part of the reason why Israel is leagues ahead of other countries in terms of cybersecurity is because the government has taken an active role in pushing the industry. There is constant collaboration between the government, universities and businesses. The Israeli government invested in more than 100 cybersecurity companies, making it the top cyber investor in the country. The Israel Innovation Authority has also formed numerous partnerships in the realm of cybersecurity with countries and jurisdictions around the globe. Such as the U.S.-Israeli bilateral cyber working group. Israel is also helping smaller nations in the creation of 300 cybersecurity startups, exporting 6.5 billion USD in cybersecurity products.
To address the cybersecurity skill-shortage, some startups are focusing on security orchestration, automation and response (SOAR) and optimizing the management of security operations centers. Others are looking to bring attacker knowledge to the defenders, help them prepare for attack days. While some are focusing on next-generation computing platforms, such as IoT.
Israel's national cyber security strategy is based on a generic concept of operations for national cyber security. This framework includes both direct State actions and collaborating in security activities with the private sector. The strategy aims to ensure Israel's continuing role in the international arena, as a leader in technological innovation and as an active partner in the global processes of shaping cyberspace. This concept defines three operational layers: Aggregate Cyber Robustness, Systemic Cyber Resilience and National Cyber Defdense. The three-layer approach derives from the unique nature of the cyber threat and the central role of private organizations in achieving national cyber security. This approach offers a holistic solution, taking into account the differences in the level of risk, the nature of the threat and the degree of its clarity.
Israel's first milestone in the development of its national cyber security efforts was in 2002, when the Israeli government authorized the National Information Security Authority (NISA) to instruct vital computerized systems of selected public and private civil organizations. Following, in January 2012, Israel founded its National Cyber Bureau (INCB), in charge of devising the State’s national cyber policy and strategy, promoting national processes, developing national cyber capabilities and strengthening Israel’s leadership in the field. On February 2015, the government the National Cyber Security Authority (NCSA), a government entity which serves as a hub of national knowledge, a primary cyber regulator and an operational center for managing cyber incidents. The NCSA also conducts integrated defensive campaigns with national security and law enforcement agencies. By creating the National Cyber Bureau, Israel prioritized cyber defense efforts as a part of its national security agenda. The NCB efforts focused on research, development, and implementation of national level security capabilities and technologies, including secure and efficient information sharing platforms, solutions supporting the state’s efforts to expose, investigate and contain cyber-attacks and centralized security services. Together the INCB and the NCSA constitute the INCD, Israel National Cyber Directorate.
At present, the Israeli government stands at the forefront of using cyber technologies against the threats the country faces in all arenas. The government approach reinforces the three original requirements of Israel's traditional national security concept. First, deterrence: a use of advanced cyber capabilities as an effective way to deter Israel's enemies. For example: in the Stuxnet operation with the United States, in which the functioning of centrifuges belonging to Iran's nuclear program was disrupted, demonstrated that governments are able to launch cyber-attacks that can be extremely effective. While Iran did not stop its nuclear pursuit, the Stuxnet revelation may have prompted other enemies of Israel to reconsider the use of force against it. Second, early warning: collection of large quantities of accurate information about an adversary's intentions and plans, and blocking access to its own databases in advance. Third, decisive operational victory: By applying their advanced cyber tools, Israeli forces can gain advantages in combat that could tip the scales in the country's favor. For example, during the 2007 attack on Syria's nuclear reactor, which has been widely attributed to Israel, Syria's radar systems were incapacitated by a hostile code that transmitted normal signals. This enabled the Israeli air force to penetrate Syrian airspace undetected and target the nuclear complex, destroying it completely.
Cyber warfare allows Israel to initiate operations against remote targets without risking the lives of its citizens and soldiers, a cardinal goal of such a small country with limited human resources. Operations of this kind also gain Israel worldwide prestige, which can contribute both economically.
Israel’s national cybersecurity policy has evolved to become a proactive, comprehensive, and long-term cybersecurity strategy, focused not on potential attackers but on potential threats and on organizations as the first line of defense. With its mission of making the region a major source of talent and expertise in the cybersecurity domain, Israel has attracted major multinationals and their R&D centers, venture capital firms, advanced research labs, the National Cyber Research Institute, and more.
The Israeli government has played an important role as a catalyst for the rapidly growing cybersecurity industry in Israel. Viewing cybersecurity as an “economic growth engine,” the government identified it as a sector where Israel has a competitive advantage based on leading-edge research and unique practical experience. This advantage also increased goodwill towards Israel, providing an additional side-effect benefit to the country.
© 2019 De Angelis & Associates