Cybertech 2016: Highlights and Key Takeouts

The Prime Minister of Israel Benjamin Netanyahu: “Israel is one of the five global cybersecurity superpowers and moving to become #1”.

Yuval Steinitz, member of the Knesset and Minister of National Infrastructure, Energy and Water Resources: “As we speak now the Israel Electric Authority has been hit by cyberattack”.

Action, creativity, entrepreneurship and enthusiasm are undeniably here.

Key takeaways:

There are currently about 400 cybersecurity companies in Israel. According to a report of the Israel Venture Capital (IVC) Research Center the Israeli cyber security companies raised a record $540 million in 2015, up 20 percent from a year earlier. 18 Israeli companies were also acquired last year for a total of $1.2 Bln. The average cyber exit in the past five years stood at $78 million. IVC forecasts growth to continue in 2016.
Estonia is moving fast to become all digital government: e-residence program, unified digital medical records database, e-elections.
Netaniahu: “International cybersecurity standards do not work for us. It’s every government for itself when it comes to cybersecurity though we do our best to cooperate with our allies.” Loose quote.
Built-in vs. bolt-on solutions. SOCs are on rise but SOCs are expensive. Only 1% of companies can afford SOCs. Large vendors are proponents of integrated approach. Small vendors argue that point solutions can significantly reduce risk at fraction of cost.
IT security budgets increased from 4% to 14-15% of IT budget. This trend can’t go on forever. Bottomline and productivity remain the main objectives of business, not cybersecurity. Cost-effective cybersecurity is the name of the game for years to come. “Balance of productivity and cybersecurity, cost-effective cybersecurity”, Nadav Zafrir, Former Commander of Unit 8200 (Israeli version of NSA).
Deception networks, moving target approach are cost-effective cybersecurity technologies with high growth potential. HP Enterprise and TrapX security offer deception grids, Morphisec offers moving target defense.
“Notion of perimeter security has been obliterated. It’s all about identity. 90% of attackers just walked in.” Zulfikar Ramzan, CTO RSA
IoT: What about security of things? No clear concepts. No plan survives contact with the enemy. We’ll figure out how to secure IoT in the course of battle. A lot of blubbering “Will an internet-enabled toaster-oven attack an internet-enabled fridge? Will they conspire to become an army of bots?”
According to a recent market study Apache Spark Market Forecast 2017-2020 the cybersecurity log analysis is the fastest growing segment of the Apache Spark market, likely to double by 2020.

Commonalities:

Very low signal-to-noise ratio, too many banalities mixed with Israeli boasting and chest-beating – “we are cybersecurity superpower, we are startup nation”. A lot of retired generals turned politicians and administrators who hardly know how to use computer yet preaching vigorously “cyber” slogans and mantras.
Almost every presentation begins with “lines between physical and digital domains blurred”.
Almost every presentation finishes with “we make world a safer place” message.
Racket message “either you pay for better protection today, or helplessly watch how your systems will be disrupted tomorrow”.

Funny bit: Cyberbit evokes images of Bonnie and Clyde to illustrate its cybersecurity concept (cyber criminals targeting small entities, importance of threat mapping).