Giancarlo Elia Valori
In 2018, the sums allocated for funding the whole cybersecurity industry in Israel amounted to 1.03 billion US dollars, with a 22% increase compared to the previous public-private funds budgeted.
Again in 2018, 66 new companies in the cybersecurity sector were set up, with a 10% increase as against to 2017. In 2016, however, they were 88.
The higher the rate of technological innovation, the greater the mortality rate of companies.
A fast and significant increase in turnover and investment in the Israeli cybersecurity, which, however, has been going on for five years.
Currently the area in which the Israeli start-ups specialized in cybersecurity is particularly focused is the IoT security, i.e. the security concerning the Internet of Things, which is basically a web system in which the real or even symbolic “objects” communicate one another data about themselves and can also have access to information about other objects, autonomously and independently.
The “things” we are talking about can be equipment, plants, systems, devices, material objects, goods and machines.
The IoT stems from the idea that the Web can and sometimes must leave a recognizable trace in the real world. This means that the web technology can and often must indicate the end of the separation between the material “thing” and the formal symbol, in the Web as in calculations.
Just think for a moment about what this will mean for the future production and distribution technologies.
But also for the design of the “objects”, with “things” that will change autonomously, in their various phases, between automated production, exchange and consumption.
The technologies that allow the creation of this new form of Spinozan coincidentia rei et intellectus are, in particular, radio-frequency identification (RFDI), with the recent addition of the new protocols by the IEEE.802.15.4 standard, a model using short-range wireless networks integrated between them, precisely according to the technical standards provided by IEEE.802.15.4.
Low-frequency radio networks and short-range wireless networks, all integrated into a new technology that allows “things” to communicate one another.
According to many estimates made by market analysts for the sector, in 2020 there will already be 29 billion objects connected at global level.
Control tools, real objects, materials for medical, statistical and intelligence analyses, as well as technologies for the just-in-time adaptation of companies’ products, not to mention obviously the defence sector.
For us laymen it is hard even to imagine the application areas of these new web technologies.
Another primary application of the new cybersecurity of Israeli start-ups in 2018 was that of security for blockchains.
This means taking care of the security of a network, namely the blockchain, which is a predetermined and closed set of computers, which always talk to one another, but do not know one another and, however, use all the data at their disposal, even vis-à-vis the other elements of the “chain”.
A game in which all the players know the cards of the others, but do not know the players and, above all, they are always steadily controlled by a constant exchange of information between them.
Just think, here, of the malware – probably of Chinese origin – which, over two years, has infected the production of virtual coins to the tune of over 2 million US dollars.
The virtual currency is always and in any case produced in blockchains and succeeding in entering a malware into a complex block network is certainly not a very easy operation.
As can be easily imagined, the malware we are talking about was the result of a blockchain hacking.
Every decentralized system, such as blockchains, is always structurally weak.
Hence, we can infer that Israel wants to use the blockchain technology in many areas, certainly including defence, strategic intelligence and security.
With specific reference to Security BC, an increasing number of attacks occurred on the boundary between the network and its market.
In fact, in December 2017, NiceHash – the largest virtual exchange market for virtual currency – was hacked, with a loss of 60 million US dollars.
However, many other attacks could be mentioned.
There is also the “51 attack”.
This entails that once any blockchain transaction has been completed, there may be a subject on the Web who, at that moment, has a higher computing power (51%) than the other “blocks”.
Hence, this enables the subject to change transactions and even multiply them, often excluding the other participants in the “blockchain” from communication.
Again in this regard, in 2014 there was the case of Gash, which for a long time had 51% of mining power, which is information technology – or rather energy and calculation power – capable of knocking out the competitors of both the other blockchains and of those in which Gash participated directly.
Recently the new start-ups of Israeli cybersecurity have recently much dealt with cloud-native security.
In other words, cloud-native security are technologies that regard, for example, containers or networks without autonomous central control.
This means the intelligence security of everything that currently – due to the size of the networks or of the market – already goes directly to cloud computing.
Just think here about the large logistics networks, or also the networks of the new division of international labour, or tourist networks and oil, material and raw materials trade networks.
Finally, for long time Israel’s new cybersecurity companies have much been operating in the Software Defined Perimeter (SDP).
SDP is also called “black cloud”, a cyber-system that evolved from the studies conducted at the Defense Information Systems Agency, namely the Defense Communication Agency, established in 1960 and producer of countless communication-command-control systems for the US Armed Forces.
The black cloud – probably developed in 2007 – is, in principle, a criterion for monitoring network security.
At the beginning of operations, there is an alphanumeric paradigm in which the position and identity of what enters the SDP is checked, but this network is “black” precisely because it can never be traced from outside, or by unauthorized web third parties. Everything happens without ever externalizing an Internet Protocol (IP) or other information.
In Israel’s current cybersecurity market, recently the most important sector in terms of investment has been the Internet of Things (IoT), which last year totalled as many as 229.5 million US dollars.
The Israeli government and private investors are very interested in the IoT, because it is versatile, but above all because it allows many industrial applications, for example in the drone network, in scientific research, in remote control and in medical therapies.
There will also be IoT technological and application innovations both for management and for storage and distribution networks, but also for the wireless networks of administrative offices and for small specialized production.
In 2018 one third of total investment went precisely to this sector, to the companies that deal with new network security – enhancement technologies.
Again in 2018, 60% of the new entrepreneurs or founders of Israeli cyber start-ups already had over ten years of experience in the sector, both as executives and as analysts.
Obviously, much of what is done in Israel stems from the excellent training that these technicians receive within the Armed Forces, in particular.
What is the secret of this highly successful formula? First and foremost, the full synergy between the Armed Forces and Universities.
Also this alone currently seems to be unattainable for our country.
All this happens, in Italy, both due to the lack of regulatory flexibility and also to the absolute scarcity of funds, as well as to some short-sightedness of investors, who aim at the “product” and not at the new “system”, not to mention some general cultural backwardness.
Also university backwardness especially in relation to the issues that entail a direct commitment of scientific research in the company and, which is even more severe, in the defence sector.
There is now a “Fund for supporting venture capital” available, included in the Government’s financial and budget package for 2019 – which, however, is technically a “reserve” of the Ministry for Economic Development (MISE), with 90 million euros to be allocated between 2019 and 2021.
The government is supposed to finance this Fund with a 15% share of the dividends made by State-owned subsidiaries.
All this seems to work slowly and as late as possible.
However, the traditional standard of investment in the innovative start-up sector – 100 million euros a year – has remained stable in Italy for several years.
It must be made clear, however, that this applies to all types of market technological innovation, not just cybersecurity.
This pales into insignificance compared to the sums invested in Israel, only in the essential field of cybersecurity.
The bilateral cyber working group between the United States and Israel is already operational, but only for the two countries.
It was established upon the proposal put forward by Thomas Bossert, former US Homeland Security Advisor, at the 2017 Cyber Week in Tel Aviv. Hence the idea of a bi-national network between the two countries (easier said than done) to counter cyberattacks.
In his Tel Aviv speech, Bossert mentioned the Iranian attacks on the Sands Casino and Saudi Aramco, as well as the operations of North Korea, which had already attacked Sony. As Bossert underlined, those countries had certainly not the technological and operational refinement of Russia and China.
Hence, for President Trump’s former consultant, as well as for Israel, the core of everything lies in cyber defence, which in both countries is the backbone of cybersecurity.
Another factor to consider when analysing the network of cybersecurity companies in Israel is the very high quality provided by the universities that, in some cases, have specialized in this sector, but always with a close and updated relationship with the Israeli Armed Forces.
The working cycle of a manager in an Israeli start-up is traditionally military training, then specialization at university level and later creation of the various start-ups, whose products largely return to the defence sector.
The new companies are also excellent for generating private profits, but are even more useful in stabilizing the ongoing innovation that characterizes the whole sector.
Much of the research that private individuals conduct, however, is not subject to disclosure.
Here much of what comes from Israel is web intelligence, which is the type of research using Artificial Intelligence and Information Technology to build products, systems and procedures that can be reused on the Web.
Therefore, this sector deals with a sum of data mining (which is the use of technologies that can discover semantic models in vast data collections) and information retrieval, i.e. the technology that discovers information in documents to search for both data and metadata, namely data on data.
In this sector, however, a relevant role is played by predictive analysis, which uses many of the already mentioned techniques, albeit in a different way, to predict facts or behaviours, as can be easily imagined.
Web intelligence and web monitoring, however, are used by the Israeli public or private analysts, with a view to checking on the Internet what each intelligence service does – perhaps using less refined methods: the probability of illegal leakage of sensitive data; the emergence of subjective and structural risks; the analysis on the Web of subjects of greater positive or negative interest for the intelligence services; the possible unlawful disclosure of data by intelligence agents and operators or by people of interest; as well as what we currently tend to call Adversary Simulation.
It is a technology based, first and foremost, on the actual exfiltration of the enemy’s data.
Furthermore, adversary simulation operates through a “compromise clause” based on the fact that the enemy is skilful, capable and, in any case, already part of the Web.
The technology we are talking about creates real-world indicators within one’s own and the attacker’s network. At this juncture, however, for many public and private users who buy it, this technology becomes the highest level for threat assessment and structured response to any threat.
An enhanced and innovative technique of strategic games, which obviously apply both to business and to defence.
What currently changes in the Israeli cybersecurity technology is the possibility of adapting – for various levels of customers (and security) – the functions of the system and hence the potentials used by the Web.
Therefore the solutions are always distributed, above all, in Software as a Service mode (SaaS).
In the social media sector, which is extraordinarily important for its intelligence relevance and the possibility of data mining, the Israeli cybersecurity is willing to produce many avatars and online profiles to be later launched in the virtual world.
On these structures, it is usually preferred to apply technical solutions that affect both the ordinary and the dark web.
It should be recalled that the latter is the network composed of websites that do not appear in search engines.
A network for security, certainly, but above all a Web aimed at the exploration of information, with a constant focus on dual-use technology and an evident primacy of the military sector over the civilian one, for obvious reasons.
Honorable de l’Académie des Sciences de l’Institut de France
President of International World Group