Head of Israel’s Cyber Authority: ‘Holistic Approach’ Best Way to Counter Threats From ‘Borderless’ Realm of Cyberspace
Due to the constantly evolving nature of cyberspace, Israel must use innovative approaches not usually seen in cybersecurity practices to defend the country’s cyber home-front, the head of Israel’s National Cyber Directorate told Defense News on Monday.
According to Eviatar Matania, typical cybersecurity strategy adopted and implemented by many countries and organizations — which he says almost exclusively “tend to focus on the cyberthreat” — cannot realistically be applied to Israel.
“We couldn’t rely on the same concepts that guide national security strategy, which tend to focus on notions of sovereignty, jurisdiction and threats,” he said. Due to the “borderless” nature of cyberspace and the fact that “there’s no single technological or operational solution that can differentiate between good and bad communications,” Matania added, his team realized the best way to bolster the country’s cybersecurity infrastructure was through a more “holistic approach.”
“Our comprehensive strategy involves three distinct layers for cybersecurity. We’re calling them robustness, resilience and defense. If you build the first two layers in the right way, they will mitigate 95 percent of threats,” he said. “But there’s still the remaining five percent where organizations are still susceptible to what we call high-end campaigns and campaigners. This is the layer of national defense, where we harness our national security capacity to start dealing with the attack.”
Explaining the first two strategical layers — starting with robustness — Matania likened Israel’s cybersecurity strategy to treating the human body.
“Most of the time, we’re not sick. We’re robust. We wash our hands. We have immunizations to prevent us from catching other people’s viruses,” he said. “In this layer, the government provides the clean water, electricity for refrigeration and basic infrastructure along with incentives, awareness and guidance. But it is the responsibility of organizations to make use of what the government has to offer in order to maintain basic health.”
The second layer — resilience — “is an event-driven layer that enables an organization to snap back to good health,” Matania said. This involves information sharing and analysis of cyber attacks as well as contingency plans aimed at containing and recovering from the attack.
“Once you know about a vulnerability or attack, we’re providing a systemic capacity — the hospitals, health maintenance organizations, and Center for Disease Control, if you will — to handle threats/illnesses when they inevitably materialize in order to regain overall normal functioning as soon as possible,” he said.
The third layer — defense — kicks in once an attack against Israel in underway and is handled by the National Cyber Security Authority, which, Matania said, “is responsible for protection of critical infrastructure and for national cyber defense operations.”
“If the head of the authority sees there is an attack, he doesn’t care if the attacker comes from a crime organization, a terror group or a specific country. He’s focused on acting against a big campaign; a mega event. In parallel, our national security agencies and the intelligence community focus on what to do with the attackers,” he said.
The National Cyber Directorate was established in 2011 by Israeli Prime Minister Benjamin Netanyahu and tasked with “improving the defense of national infrastructures critical to the continuation of normal life in the state of Israel and to protect them…from cyber attack…while advancing Israel’s position as a center of information technology development.”