by Avivah Litan | February 14, 2013 | Comments Off on Secrets of Israeli Security
I know it’s been written about before in the book Startup Nation but having just returned from a two week trip to Israel, where I met with about 60 hi tech security startups and Israeli enterprise users of their technology – I can’t help but reflect on the keys to Israel’s success in this field.
The military unit 8200, a laboratory that fosters technological innovation that helps secure the nation, has become the elite military unit of the country. It used to be that the best of the best were recruited into the Israel Air Force but that has changed in recent years and now the military unit to join if you are super smart, balanced, trustworthy and creative enough is the 8200 unit.
The Israeli government is indeed very progressive when it comes to the 8200 unit. They allow the kids creating all these innovative applications and systems to take their ideas and practical experience to the private sector when they are released from the army. And these ideas and experiences become the seeds for new startups that they invariably start – many of which are understandably in the field of cybersecurity.
The other critical aspect is the relationships these young soldiers form with each other in the military. Thrust into very barren sparse and dangerous situations, for example being dumped in pairs in the desert on a training mission with nothing but a supply or two for a couple of weeks, they form very strong bonds with each other and learn to trust one another in ways most of us never have an opportunity to experience.
These friends are the same guys (it’s usually men) that get together to form companies with each other. And if they don’t end up in the same company on round one, they usually end up working with the guys from their units in round two or three. That leads to another point that really struck me – most of the ‘older’ fellows I met that founded startups were on their second, third or even fifth round. They just keep going at it. Only a few stick with the company they start, and instead of getting acquired, build it into a mega-Israeli company. Some Israeli policy makers would prefer more would end up in this latter category and keep the companies and jobs in the country as they grow into mega corporations.
So what technologies stood out? In fact I was exposed to many interesting and practical ideas. What stood out to me most, however, was bringing behavioral profiling with few false positives to enterprise security. Few false positives? Yes, I am doubtful too but that’s what a couple of these companies claimed. We will see if it really pans out but if it does, these will no doubt be killer apps.
One promising technology brings new meaning to application control. Instead of black or whitelisting applications (which we just saw recently can be broken by signing and trusting a bad application) – the application control checks the behavior of desktop applications to see if it’s malware, and then checks communications from the enterprise to outside servers to look for the same.
A second promising application baselines and profiles communications and activities within an enterprise network – whether from or to devices, nodes, users, files, servers, etc. It claims to be able to see any aberration that reflects an advanced targeted attack, even if the aberrational behavior only appears for a few minutes or seconds periodically over a long period. Believable? Well just maybe when you think about what Stuxnet achieved.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.