Selling Secrecy: Israel Turning The World’s Cyber Problems Into Economic Opportunities

 
on July 19 2013 9:14 PM
Eviatar Matania
Eviatar Matania, head of Israel's National Cyber Bureau Israel Export Institute

TEL AVIV, Israel -- Israel conceals some of its best-kept secrets deep in the inhospitable Negev Desert: its nuclear research center near Dimona, its advanced agricultural research programs, its base for Unit 8200 of the army’s intelligence corps.

Now, the heat-drenched region’s largest city, Beer Sheva, is hoping to turn the world’s need for secrecy into new shekels. The country’s first-ever private cybersecurity incubator is being established in Beer Sheva under a partnership between the Israeli venture capital firm Jerusalem Venture Partners and Ben Gurion University. The incubator is set to open its doors in October in a facility built at a cost of 50 million new shekels (NIS; US$12.5 million) in a new technology park conveniently located near the Israel Defence Force’s likewise new computer technology and intelligence base in the city, which opened for business last week.

The Israeli government estimates that more than 10,000 technology employees will move south to the cybersecurity center, and the Israeli Cabinet this week announced a major additional investment (NIS 500 million, or US $125 million) for economic development, housing, services and infrastructure improvements to accommodate the growth. Jerusalem Venture Partners has meanwhile begun searching for cyber startups to nurture. By 2020, JVP projects a NIS 1.4 to 1.7 billion increase in economic activity in the Negev each year, most of it in the realm of the cyber industry. But those figures, like most cited by the government and its partners regarding the plans for the Negev, are not fully quantified; other economic benefits are typically described  as “several billion” or “hundreds of millions,” the proponents being characteristically cagey about disclosing too many details.

Israel’s competitive advantage: security-tuned army graduates

“The initiative comes in the wake of rising cyberthreats and increasing attacks on critical infrastructure in Israel and around the world,” said JVP founder and chair Erel Margalit.

Prime Minister Benjamin Netanyahu told delegates at Israel’s 3rd Annual Cybersecurity Conference in Tel Aviv last month that Israel is uniquely set up for cyber challenges due to its own experience in protecting cybersecurity. “Today cyber is part of the battlefield,” Netanyahu said. “This is not tomorrow’s warfare, it is already here today.”

In the face of cyberattacks by Iran, Hezbollah and Hamas, Israel needs a digital Iron Dome to protect against terrorism -- the virtual equivalent of the country’s air defense system, which intercepted and destroyed hundreds of rockets and artillery shells launched from the Hamas-controlled Gaza strip toward Israeli cities last November, Netanyahu said.

Numerous cybersecurity startups are already at work in Israel, including Check Point, ICQ, NICE and AudioCodes, and current cyberexports are worth “several billion dollars,” according to Israel’s Ministry of the Economy. Meanwhile, General Electric (NYSE:GE) has established its international cybersecurity center in Tel Aviv, and Oracle (NYSE:ORCL) is preparing to do the same, according to Israel National Cyber Bureau head Eviatar Matania.

The cybersecurity industry’s success will in turn make Israel more secure, said Naphtali Bennett, Israel’s minister for the economy, who in 2005 sold his own cyber startup/anti-fraud software company Cyota to American computer network security company RSA Security for US$145 million. “The cybersecurity industry is one with special weight in the state of Israel,” Bennett said.

Israel’s own security situation engenders defensive thinking and the ability to adapt to constantly changing threats, which is an asset in the cybersecurity industry, said Joe Lonsdale, a U.S. cybersecurity expert and co-founder of software company Palantir. “Israel has this really unique advantage here where everyone goes through the army and they have really smart people like (army unit) 8200,” Lonsdale said. “The U.S. doesn’t have that.”

The Israel National Cyber Bureau was established in 2011 and charged with developing cyber-related industries, promoting them internationally, and developing educational programs to nurture talent and assist with startups and company exits in both the civilian and the defense sectors.The starting point of the educational program is called Magshimim Leumit, in which select students aged 16 to 18 are exposed to the latest knowledge in the cyber field by experts in the IDF and academia. The students then develop computer languages and are taught to build algorithms and thought processes, analyze computerised systems, and think creatively. Notably, Israel’s security agency, the Mossad, is involved, though the government will not divulge the exact nature of that involvement.

Upon graduation, many of these cyber students go into the specialist security units in the IDF, such as Unit 8200, network with others with similar training, and join cyber startups following their military service. In other cases, the students continue with their education; for those who choose that route, the government has created the NIS 32 million ($US $8 million) academic research fund through the Ministry of Science and Technology. An additional NIS 16 million (US $4 million) is available in scholarships for students studying for advanced academic degrees in the cyber field. The INCB is also working on establishing an online school and research institute for cyber studies.

Then there’s the MASAD program to promote national and defensive cyber technologies in cooperation with the Directorate of Defence research and development, part of the Ministry of Defence. It’s getting NIS$10 million (US$2.5 million) for this year and last. For cyber startups, Israel has the Kidma program, which is investing NIS 80 million (US $20 million) over two years in the advancement of cyber defence research and development through the Ministry of Industry Trade and Labour.

The crossover investments between the government and the private sector are appropriate, Matania said, because of what he described as the synergy between defense needs and economic needs.

Defense-civilian sector crossover

The JVP is involved in the Kidma program to promote investment and receives $500,000 from the government for every $100,000 the partnership invests, which translates to $600,000 for a startup company to get its product to the market. Companies that graduate from the incubator receive follow-up investment from JVP’s main fund or an additional venture capital fund.  

JVP aims to nurture cyber startup companies from the embryonic stage through to exit from the program via acquisition, merger or initial public offering (IPO) of stock. It works with cyber entrepreneurs to polish their ideas, build a team, set up their product and make the right connections. Each startup remains in the incubator for 18 to 24 months, with about eight startups in the incubator at a given one time.

According to JVP partner Yoav Tzruya, the incubator’s proximity to Ben Gurion University and the military’s communication core is intended to ensure it snags all the best cyber talent. “In JVP we have an ongoing conversation with those major units. They do understand that they have to start cooperating with the industry so that eventually the skill set goes back to them.

“The IDF has invested a lot over the last few years in cyber,” Tzruya said. “Now it’s starting to find its way into the cyber civilian industry. We’ve seen a dramatic increase in cybersecurity companies -- 30 new startups in 2009, and 70 last year.”

The downside of all this commercial development is that the government may relinquish some control of security know-how from the military to the civilian sector. Israel’s ministries of Defence and the Economy are currently discussing whether the cyber industry should be regulated through legislation -- something the industry is opposed to.

Not every technology is created equal – there’s a difference between cyberattack and cyberdefense products, Tzruya said, adding that any legislation should be aimed at “guns for hire” that offer services rather than defense products. “Obviously, companies offering services related to things like cyberattacks could be monitored to an extent to prevent misuse of such a skill set,” he said. “However, Netanyahu wants to take the startup nation and make it the cyber nation. You can’t build that from a commercial perspective if you have strict regulatory restrictions.”

Tzurya argued that self-censorship was the country’s best defense. “These people can’t leave their know-how in the army once they leave, but they’re very conscious about not misusing it.”

One industry guru in fact advises entrepreneurs to steer their products toward the civilian sector rather than pitch them to the defense industry.  “Shy away from defence sector,” advised Gior Yaron, chair of the executive council of Tel Aviv University. “As a startup entrepreneur who’s been there and done that more than once, [I can say that] dealing with [the] defense industry is the kiss of death.”

It’s easier in the banking, health or insurance sectors, which are of necessity updating huge amounts of data to online storage systems,” Yaron said. “We are talking about a huge market. And they have bigger pockets. It’s a security problem and an economic opportunity.”

Israeli entrepreneurs’ defence and intelligence sector training places them well to offer cyberdefense solutions for big data, says Palantir’s Joe Lonsdale. In a world where firewall technology is often outdated and hacking is a given, it’s necessary to find creative ways to detect hackers and determine their intentions, Lonsdale said. “It’s not just about teaching the computer how to stop the bad guys; it’s also about building systems that allow analysts to see what’s going on … using the machines to put the data into a conceptual form that people can understand.”

One interesting theme, he added, was extending human intelligence within organizations rather than relying on automated systems.

“Let’s say you work at a big bank: It’s going to be a very different response if it’s say, the Russian fraudsters probing you to try to access your transactional systems to try to steal your money, versus the Iranians who just care about taking you down, because that’s their job. Really understanding deeply what the attackers are doing and who they are, and what their motivations are, becomes really important. That’s something that Israel does well.”

Share this article

More News from IBT MEDIA