The Israeli cyber scene is wrapping up a year of big investments, groundbreaking security solutions, cyberespionage allegations, and outgunning ransomware vendors.
Now, the country’s cybersecurity startups are facing forward and ready to take on 2019’s cybersecurity threat landscape with know-how, innovation, and out-of-the-box approaches.
“The number one challenge in 2019 will be the cybersecurity skill shortage. An organization’s main challenge today is not in acquiring new technologies, but in the lack of an efficient team to operate them,” says Sharon Rosenman, VP Marketing at Cyberbit, a provider of cybersecurity simulation and IT/OT detection and response platforms.
Cybersecurity Ventures, a leading cyber research center, predicted this month that there will be more than 3.5 million unfilled cybersecurity positions globally by 2021. Meanwhile, in Israel, the tech sector has up to 15,000 unfilled positions including in cybersecurity, according to a new study by Start-Up Nation Central and the Israel Innovation Authority.
“This skill gap is becoming a global crisis and an organization’s main goal will be to find ways to do more with less, increase team efficiency, and automate security whenever possible to reduce workload,” Rosenman tells NoCamels.
Doing more with less is the unofficial modus operandi in Israel. This country’s adeptness, collaborative ecosystem, and innovative thinking keeps it a global leader in an array of activities.
And 2018 proved that Israel continues to shine in cybersecurity. Despite its size, Israel is considered the second biggest cybersecurity market in the world, after the US, winning some 16 percent of worldwide cybersecurity investments.
“In 2018, we saw significantly more interest and attention to emerging cybersecurity fields rather than ‘traditional’ fields, both among newly founded startups and investor interest. Such fields are cybersecurity solutions for Blockchain and Cryptocurrencies, Cloud-Native Security, Data Protection (in light of GDPR and other privacy regulations) and continuing 2017’s trend – several verticals within IoT security,” Ofer Schreiber, a partner at YL Ventures, tells NoCamels.
Indeed, there were dozens of exciting cybersecurity headlines this year — from new startups to more veteran companies with fresh cyber solutions.
“Israel remains strong in cybersecurity and produced several new and exciting cyber startups in 2018. This year we saw a focus in the protection of industrial controls and systems in the OT (Operational Technology) environment as companies prepare for Industry 4.0 and IoT as well as more cloud-centric security solutions, with the implementation of AI across the board,” says OurCrowd Senior Analyst Sian Goldofsky, who specializes in cyber and AI.
The big newsmakers included XM Cyber, co-founded by former Mossad chief Tamir Pardo, being chosen as a World Economic Forum Technology Pioneer for its fully automated APT simulation and remediation platform. XM Cyber announced this month that it has uncovered a new means of carrying out e-mail attacks without the user or cybersecurity teams knowing. The company says this groundbreaking find shows “the first threats of a post-phishing world.”
Secret Double Octopus, the pioneer of password-free authentication technology hit the top of the news with its inclusion in Gartner’s December 2018 Market Guide for User Authentication.
Earlier in the year, Dojo Labs, Deep Instinct, Zimperium and Cymulate shared the news limelight when their security solutions won top prizes at the Business Intelligence Group’s inaugural 2018 Fortress Cyber Security Awards, which rewarded the world’s leading companies working to keep our data and electronic assets safe.
And at China’s 2018 ISC Conference in September, cybersecurity company ITsMine, which focuses on protecting organizational data, was named one of the top 10 most innovative cybersecurity startups for its new approach to data protection.
“Data is the new currency. Today, the ten largest enterprises in the world produce nothing other than data, and yet all of this data remains vulnerable. In conjunction with the conference, we selected the top ten most innovative cybersecurity startups, one of which was ITsMine, an Israeli startup, which offers a cutting-edge solution to this major problem of data vulnerability. It’s important to note that ITsMine was the only company outside of Asia selected for this honor,” Tan Xiaosheng, Executive Chairman of 2018 ISC, said in a statement.
Big investments in cybersecurity
The Israeli cyber scene is bidding 2018 goodbye on a strong footing. These last 12 months heralded significant investments in local startups and companies fighting cybercrime in all sectors.
Multi-million dollar investments – both local and foreign money – were resolute parts of the cyber scenery.
“Israel remained at the forefront of global cybersecurity and investments kept booming,” says Rosenman.
“Investment in startups fighting cybercrime has been significant in 2018. [There is] global recognition in Israel’s ability to be the tip of the spear in fighting cyber criminals and securing digital identities,” says Uri Rivner, Chief Cyber Officer at BioCatch, a company that uses behavioral biometrics for fraud prevention and detection.
“2018 was a very strong year for the Israeli cybersecurity industry with more money pouring into the industry across all stages and more specialized and experienced entrepreneurs looking to build market-leading companies,” Schreiber tells NoCamels.
Team8 cybersecurity think tank gave the local cyber scene something to be giddy about with its $85 million fund to build cybersecurity and data companies over the next five years.
Other notable cyber investment rounds include a $50 million investment for Exabeam; a $33 million round for Twistlock cloud security; ThetaRay, BioCatch and Cyberbit each raising $30 million; and XM Cyber raising $22 million, among others.
A smaller round worthy of mention is Portshift, which only came out of stealth mode this year and has already been named by CRN as one of the 10 hottest DevOps technology startups of 2018. Portshift announced a $5.3 million seed investment from the Team8 cyber foundry earlier this year.
While most of the local cybersecurity’s news stories are about detection or predictive software algorithms, 2018 also served up some salacious cyberespionage allegations.
Sign up for our free weekly newsletterSubscribe
NSO Group, which develops cyber intelligence tools for governments, and its affiliate, Q Cyber Technologies, were alleged to have played a role in keeping tabs on Saudi dissenters, and the murder of journalist Jamal Khashoggi.
According to a widely cited Washington Post report, Israel authorized cyber company NSO to sell surveillance software to Saudi Arabia. NSO Group repeatedly denied it was involved in the case.
If a silver-lining exists in this story, it is that Saudi Crown Prince Mohammed bin Salman reportedly wanted Israeli software because he was impressed by the country’s cyber capabilities. And he wasn’t the only one turning to Israel this year for groundbreaking cybersecurity solutions.
New York City is partnering with Israel’s SOSA to create a Global Cyber Center in the Big Apple. “The Global Cyber Center is vital for the advancement of the cybersecurity industry,” said Uzi Scheffer, SOSA’s CEO, in a statement.
And Jerusalem Venture Partners, the international venture capital firm, was selected by the New York City Economic Development Corporation (NYCEDC) to establish the city’s first international cybersecurity investment and innovation hub, dubbed Hub.NYC. They recently launched a cybersecurity competition with a $1 million prize.
Ra’anana-based Cyberbit and Miami Dade College (MDC) launched the MDC Cyber Range training facility at the new state-of-the-art Cybersecurity Center of the Americas at MDC. The cybersecurity training center will provide hands-on cybersecurity training to students, organizations and cybersecurity professionals, to fill open cybersecurity positions.
2018: Every 2.5 minutes there’s a cyber attack
Every 2.5 minutes there’s a cyber attack, according to a UK study published this week.
Gilad Israeli, cyber intelligence analyst at Sixgill, tells NoCamels that ransomware was the go-to cyberattack method in 2018.
“This year was the year of ransomware. So many threat actors are pointing their ‘guns’ at healthcare, government and financial organizations with different ransomware variants. And the ransomware threat is growing,” says Israeli.
“Ransomware is one of the most profitable ways to attack organizations.”
And ransomware, of course, is just one type of attack.
The Israeli mindset– taking risks, thinking differently, daring – helps keep local companies among the world’s top players in the cyber space, says Israeli.
In 2018, his company was able to “track down a couple of very serious ransomware vendors and hand their names and information over to relevant organizations.”
“When it comes to the Dark Web, you need to be the cat that catches the mouse all the time. The mouse is a cyber threat actor and is changing his location very quickly and you need to be able to find this hiding spot all the time. Sometimes you need to get into the mouse’s head in order to think of the next place he will go to, and then be there before he gets there. So, it’s about being the cat but also thinking like the mouse,” Israeli tells NoCamels.
2019: infrastructure, health, IoT
So, it is a given that new cyber attacks will take place in 2019. The question is, who needs to worry most?
“Physical systems in the critical infrastructure sector,” says Rosenman of Cyberbit. “Industrial control networks lack the cybersecurity best practices and infrastructure that mature IT organizations have set up. This opens opportunities for attacks to cause massive physical damage. The industry will have to deal with the technological as well as the organization[al] challenges involving the security of critical infrastructure, hopefully before the first large-scale attack.”
BioCatch’s Rivner says “identity theft and synthetic identity schemes will continue to evolve, preying on smaller targets such as new digital banks and instant credit providers – who might go out of business if they are left defenseless.
“We’ll see the first attacks on IoT payments – think of a self-ordering smart fridge – and advanced malware targeting popular online games like Fortnite. Social Engineering will continue to evolve and leverage malware capabilities to learn about the victims before making contact and disrupting any attempt to warn them that they might be under attack,” says Rivner.
Schreiber predicts “healthcare will be the fastest growing sector for cybersecurity vendors overall.
“Also, we see more and more concern about GDPR and related data privacy legislation. We believe that the budgets for technological solutions will emerge dramatically in the next couple of years and predict that this will be one of the hottest trends in 2019,” he says.
In short, every industry will need protection. And next month, over 15,000 people from across the globe are expected to kick off the New Year at Tel Aviv’s premier cyber gathering, the annual CyberTech conference, known for serving up first-rate innovation and trailblazing advances in the cybersecurity area.
Viva Sarah Press is a journalist and speaker. She writes and talks about the creativity and innovation taking place in Israel and beyond. www.vivaspress.com