This is a guest post by Joel Tsafrir featuring an interview with Yigal Unna, Director General the Israeli National Cyber Directorate (INCD).

As early as 2002, before the cyber hype began, the Israeli government already defined the issue of information security as an essential domain for the country and placed the Israeli Security Agency (“Shin Bet”) in charge of protecting the information at the national level. Since this decision took place, no damage accrued to Israel’s critical infrastructures, even though these facilities are the target of daily cyber-attacks, and although the rate of attempts to attack them is constantly increasing at a rate of 25% per year.

Today, the overall cyber responsibility lies with Israeli National Cyber Directorate (INCD), which integrates together two government agencies used to operated separately in the areas of cyber protection and the construction of technological power.

We sat down with INCD’s Director General Yigal Unna to learn more about the ‘triple mission’ of the organization.

Coordinate the national effort

“The INCD, which operates directly under the Prime Minister, is a security-operative, non-secretive body that is designed to verify – through various tools and means – that the Israeli civilian cyber space is fully protected,” says Unna.

“I underscore our responsibility for the civilian cyber space because the army dominates the military cyber sector,” adds Una. “In the civilian sphere, we operate as overall authority, working closely with all the other operational players, including the army, which has a fairly common interface with the civilian sector, especially with regard to protecting the home front during wartime. Other players are the Israeli Security Agency, whose responsible for the prevention of terrorist threats, including cyber-terrorism, and the Police, which is responsible for the criminal side.

“The goal is to make sure that the national effort in the field of cyber protection is synchronized; that nothing falls through the cracks; and that everything that needs to happen on the national level will indeed happen: that there will be no shortage of means, tools and resources – including human capital – for the various systems and that the budgets will be allocated to meet the various needs.”

To ensure Israel’s continued leadership

According to Unna, alongside the mission to ensure that the civilian cyber space is protected, the INCD works simultaneously to ensure that the Israeli digital space will serve as enabling force. Meaning that the vital flow of information between the systems continues uninterrupted and that the digital capabilities will continue to ensure Israel’s economic, social, educational and security development.

An additional, third, objective of INCD is to continue and strengthen Israeli technological development in cyberspace and to ensure that Israel is a global cyber power: “We are working to ensure Israel’s continued leadership in the global cyber arena in the technological, organizational and security aspects,” emphasizes Unna. “This means both nurturing Israeli human capital and cultivating the technological-security-academic ecosystem that has been created here in recent years and which underlies Israel’s relative advantage in the world.

“This is done by close cooperation between all the relevant bodies within Israel and external cooperation with governments and agencies around the world. For example, to encourage academic research and development, we are partners in financing six of the cyber excellence centers established in Israeli universities, each of which specializes in a different sub-field.”

Robust, Resilience and Defense

After all this, the question arises: What is Israel’s national cybersecurity strategy against the threats that lie ahead? According to Unna, this strategy rests on three layers he characterizes as: Robust, Resilience and Defense.

“The layer of Robust is similar to that of preventive medicine in the field of public health,” he explains. “This means that we are taking a proactive policy and developing security tools even before the events take place, and if we use the example of medicine, we do not wait for the disease to appear, but rather act to immunize the body so that it can deal with it in due course.

“In practical terms that means that all the relevant bodies and agencies in the economic and infrastructure sphere in the country will be equipped with clear instructions and that all essential emergency services will follow the guidelines we dictate. We have identified some 40 critical infrastructure facilities, which are core systems, and we provide them with the latest knowledge and best-practice, while ensuring that they have coping capabilities and safeguards. Those instructions are mandatory, but the government is working nowadays to include sanctions on failure to comply with regulatory obligations in the cyber area.

“As far as Resilience is concerned, we are working to ensure that once these and other systems are indeed damaged, they will be able to recover quickly and continue functioning, after they have discovered the threats and acted to minimize the risks”, adds Unna. “This reference is to all levels of civilian activity and not only to national security systems.

“In the context of Defense, we do not act directly and the treatment is mainly in the hands of various bodies involved in thwarting and neutralizing attackers.”

In the context of the civilian cyber space, Unna also mentions the work of the national CERT, manned 24/7 by expert analysts in cyber defense, providing an initial response to the handling of cyber-attacks. Next to CERT, there is a social network where reports of security events flow, and it provides its members with a target and direction to address them.

Operating a unique model

“The final quality of any national cyber-security effort is, after all, the sum of all country’s resources: human capital, the knowledge, the capabilities, the insights and the technologies developed, and we are working on developing and empowering each of these components,” concludes Unna. “In order to realize this, we are operating a unique model relies on a network of collaborations, both on the security and civil levels, with synergy between them.

“The national cyber network will increase its capabilities in the foreseeable future in order to implement its mandate to protect the civilian cyber space, while advancing national capabilities in the field and improving the ways of coping with the current and future challenges in cyberspace, as well as promoting Israel’s leadership as a hub for developing knowledge and cyber technologies.”

Join the International Homeland Security & Cyber Conference

Get a front row view of today’s technology pushing the future of cybersecurity. OurCrowd is pleased to partner with the Israel HLS & Cyber 5th International Conference & Exhibition, to be held on November 12-15, 2018, in Tel Aviv, Israel, focusing on the challenges, threats and solutions in Homeland Security and Cyber in the areas of: cybercrime, aerospace and critical infrastructures, finance, intelligence, terrorism, and in the field of homeland security. 

Alongside the conference, a professional exhibition will be presented, in which 160 Israeli companies will display their innovative technologies.

Click for details and registration.

International guests can receive a $100 registration discount; use code DA626621.