Israel’s cyber security frontier
The Israeli
city of Beer Sheva is quickly becoming a global
centre of cyber security technology
Warwick Ashford / Security Editor
ComputerWeekly.com
The southern Israeli city of Beer Sheva is used to protecting
the frontier. During Roman times, it was a dusty outpost that formed part of
the Limes Arabicus, a series of
desert fortresses defending the empire from raiding tribes. Earlier, the Bible
repeatedly cited Beer Sheva as the southern civilised limit of the Israelite
kingdoms.
Even today, tourists in Beer Sheva can visit the remains of
the fortress that guarded the borders of biblical Israel. But today the
frontier is the internet and Beer Sheva offers protection of the electronic
sort. The city is rapidly becoming a
global centre of cyber security technology.
Israel exports more cyber security-related products and
services than all other countries in the world combined, excluding the US.
Reports from 2015 show the tiny country making 10% of all global sales in cyber
security products and attracting 20% of global investment in the sector.
Much of that investment is
centred on the desert city of Beer Sheva, where Israel has constructed a hub
for cyber security research and development. Those investments are bolstered by
the city’s physical proximity to Israel’s military technological intelligence units
and the burgeoning Ben
Gurion University, a significant research
institution.
At an early stage, Israel
identified cyber security as an area of national importance. The small
country’s technological skills and continuous concerns over security made cyber
security a natural arena for national investment.
In 2010, Israel adopted its National Cyber Initiative, which established a National Cyber Bureau to advise the
government on cyber security matters, encouraging co-operation between
academia, industry and the defence community, and advancing Israel as a global
centre of cyber technology.
Since then, the bureau has, in
co-operation with other government agencies, allocated almost $100m to foster
entrepreneurship and academic excellence in the field. The Israeli Office of
the Chief Scientist, another government agency, has adopted a preferential
policy for funding private initiatives in cyber security research and
development.
In addition to the Beer Sheva
centre, the bureau has also helped to establish a second academic cyber
security centre at Tel
– Aviv University. This latter centre has a broad
interdisciplinary focus, which includes political science and legal
issues.
Cyber prowess
Observers typically ascribe
Israel’s cyber prowess to its human capital – a cadre of technologists trained
by a military that needs to retain cyber primacy. For example, the Israeli
cloud security firm Adallom, which was acquired by Microsoft in 2015, was founded by alumni
of military cyber units.
This trend dates back to 1993,
when a veteran of the same unit established Checkpoint, one of the first commercial purveyors of network security
software.
But this perspective, with its
focus on highly trained individuals, perhaps overlooks the value that broader
institutional structures provide to Israel’s cyber security ecosystem.
Economists have studied the role
of government institutions in encouraging cyber security investment, asking why
state support should be necessary to bolster cyber ventures. Security is a
market good, and vulnerable entities will spend good money to obtain security
goods and services. If so, why should any government intervention – and
Israel’s government has certainly intervened – be needed to bolster cyber
security investment?
One answer is that good cyber
security defence requires a wealth of information – about emerging threats,
existing vulnerabilities and developing technologies. Private entities may not
have the incentive or capability to share this information among themselves,
and the government may have a role in providing sensitive information or
encouraging information sharing.
Security information
This viewpoint can explain recent
debates in the US concerning the sharing of cyber security information, debates
that culminated in the passing of legislation that allowed companies to share
threat information between themselves and with the government. The UK has also
created frameworks for the public-private sharing of cyber security
information, such as the Cybersecurity
Information Sharing Partnership established
in 2013.
Israel may not (yet) have express
legislation that allows private entities to share cyber data, but it does have
government or public institutions that facilitate informal access to such
information. Most obviously, the Israeli military provides a hub where
individuals share high-level threat and vulnerability information under the umbrella
of the state.
In a country that has compulsory
military service, and where discharged soldiers regularly come back to their
units to train and serve in the reserves, it is possible to see how the
military could function as an informal watering hole for the exchange of cyber
security information. The establishment of the Beer Sheva and Tel-Aviv centres,
and the creation of the National Cyber Bureau, add more points of contact where
such information can be exchanged informally between individuals active in the
industry.
Long-term
strategy
In other words, Israel has constructed a set of institutions
that allow for the informal flow of high-level cyber security information.
Although such informal sharing cannot provide a basis for real-time response to
cyber attacks, it perhaps provides a fertile bed for the development of
long-term strategy and the growth of commercial ventures.
Long after its Roman garrisons had disappeared into the desert
dust, Beer Sheva played a pivotal role in British military history. Towards the
end of the Second World War, General Edmund Allenby and a company of
parched light horsemen overpowered the Turkish battlements that were defending
the city. Once again, Beer Sheva showed its critical role in defending the Holy
Land – after the battle, Jerusalem and the rest of the country swiftly fell
into British hands.
Today, the cyber
hub of Beer Sheva is reprising its central role in military and civilian
defence, but the battlefield now plays out in digital bits instead of
the arid desert, and the weapons are innovation and information-sharing rather
than trenches and bayonets. And Israel is hoping these digital swords can be
beaten into instruments of commercial success.