Why Israel could be the next cybersecurity world power

There are plenty of cities in the U.S. that want to lay claim to becoming the "next" Silicon Valley, but a dusty desert town in the south of Israel called Beersheva might actually have a shot at becoming something more modest, and more focused. They want to be the first place you think about when it comes to cybersecurity research, education, and innovation. If things go right there, it may well happen.

There are plenty of cities in the U.S. that want to lay claim to becoming the "next" Silicon Valley, but a dusty desert town in the south of Israel called Beersheva might actually have a shot at becoming something more modest, and more focused. They want to be the first place you think about when it comes to cybersecurity research, education, and innovation. If things go right there, it may well happen.

Israel is a hotbed of tech startups, a self-proclaimed Silicon Wadi. It is ranked near the top of several recent Bloomberg innovation metrics. Particularly when it comes to cybersecurity, you almost have as many firms as there are Starbucks in Seattle seemingly they are everywhere. In fact, Inc. magazine lists nine different Israeli security startups to watch. And that is just the tip of the iceberg.

Until most recently, most of the tech firms have been located in the Tel Aviv suburbs, which is about an hour or so north of Beersheva and where most of the country's population and businesses reside. It is also the location of the international airport. Major US-based tech companies such as Microsoft, Google, Intel, and others all have invested heavily in Israeli offices, and again, these could be found near Tel Aviv. But that is changing, and the pull towards the southern desert is becoming more powerful.

I spent the better part of a week visiting the town and meeting with more than a dozen different business, government, and industry leaders there. It was enlightening and interesting. I came to Beersheva initially for family reasons my daughter is a teaching fellow there but quickly found out that there was something going on in the city worth more scrutiny.

To become such a cyber nexus, any place has to have several ingredients: A great university with a solid computer science department with a penchant for security research. Check. Several industry partners who have set up their own research and innovation laboratories nearby, to take advance of the cheap labor pool of graduate students. Check. An active venture capitalist operation that can fund startups is also essential, along with mentors who can help entrepreneurs along. Double check. And finally some solid support for local and national government to grease the wheels of progress. Check.

Let's talk about what Beersheva is doing in each area and how they measure up on the world stage.

Look at the university first. About 1,000 out of the 20,000 students that attend Ben Gurion University (BGU) are computer science or IT-related majors. BGU was the first Israeli university to offer a graduate cybersecurity program several years ago. I met several of their students, some who have come to BGU from India and China with graduate degrees from schools in their home countries and wanted something more. The students sat in the office of Professor Shlomi Dolev, who has been active in the cybersecurity field for years and has a very affable demeanor as he introduced each of his protégés.

Their research ranged from secure vehicle communications to locking down RFID to developing a way to secure Map Reduce clusters to more esoteric topics that I could barely understand. The topics weren't some futuristic ivory tower academic exercises, but stuff that had very real world security implications in the here and now.

Just ten feet down the hall from Dolev's office is IBM's latest effort with a cybersecurity center of excellence. They brought several of their staffers from other Israeli locations to BGU in Beersheva after seeing the success of some other industry players that we'll get to in a moment. IBM has acquired a series of cybersecurity companies that were started in Israel and has several research projects underway that involve one of their own scientists, and a grad student and professor from BGU. It is a great example of industry/academic partnership and is just the thing that is needed to attract more companies, more research projects, and more world-class grad students.

Perhaps the biggest future impact for Beersheva is something that the government is working on. There are two elite cybersecurity groups: the 8200 group that is the Israeli equivalent of the NSA that processes signals intelligence as part of the military and one for civilian purposes that is going to be called the National Cyber Bureau. The military group currently employs several thousand soldiers who are housed on a campus in central Israel. The plan is to move both of these units down south and to free up some valuable real estate that could be turned into housing in Israel's crowded center.

The 8200 group has a storied past in Israeli tech history: its former members have gone on to establish numerous companies such as CheckPoint, Palo Alto Networks, and CyberArk, just to name a few. People in these units could be the engine ultimately driving the entire Beersheva ecosystem, since most men and women finish their mandatory military service in their early 20s: then they are well poised for a potential business position to start their civilian careers.

But this isn't the only new construction happening in Beersheva. In September 2013, the Advanced Technology Park opened to great fanfare. It has two finished buildings (with plans for more to be built of course) across the train tracks from the main BGU campus and within a short walk from one of the Beersheva train

stations. The train takes an hour from the central Tel Aviv station, another advantage for recruiting top talent that may not want to move south immediately.

"A lot of cities in Israel have high tech business parks but we want to make Beersheva special. The basic building blocks are here and we need to play our cards right and take advantage of them," said Tom Ahi Dror, head of human capital development at the Israeli National Cyber Bureau, which is now part of the Prime Minister's office. "It matters whom you have lunch with and having a critical mass of people working near each other is important."

Speaking of the Prime Minister, while Bibi Netanyahu's recent speech in Congress has gotten a lot of play, another speech went mostly unnoticed when he appeared at the opening of the technology park. Back then he claimed that it will change the course of history of the country. The park could become "the economic anchor that will turn Beersheba into a national and international center for cybernetics and cybersecurity."

At the nascent tech park, one of the buildings is already filled with offices of researchers and even a recruitment center for the Technion University. The latter is Israel's pre-eminent engineering school that used to be the calling card for any worthy tech company. Now they too have realized that something is happening in the desert. In one building, more than a hundred people already work for an innovative research lab that has been funded for several years by Deutsche Telekom. It is their biggest research lab outside of Germany.

Also housed in the tech park are the tech startup incubator of VC firm Jerusalem Venture Partners (JVP). JVP has invested in a few successful security exits, including Navajo acquired by Salesforce and Magnifire acquired by F5 Networks. Two of the firms in the incubator are working on preventing cellphone cross-network spoofing and a new polymorphic security defense, companies mentioned in Inc.'s "9 Israeli Cyber-Security Startups to Watch Out For".

As I toured the facilities, I was impressed with the level and intensity of the research projects. One that I have already written about had to do with hacking air gap networks. Another project was a vulnerability found in the Samsung Knox Android VPN code last December, finally acknowledged and fixed by Google months later. They are continuing their air gap research, some of which was sponsored by the Israeli military, to develop more sophisticated defenses and attack methods. Like other military-sponsored research, some of this remains classified.

Can Beersheva succeed as a cybersecurity hub? Perhaps. The university program is well established, and major industry partners have already bought in with a series of sponsored research projects. Construction is rampant across the city, as it struggles to keep up with new housing and other infrastructure demands.

What could go wrong? The army could take their sweet time in moving their divisions down south. JVP could end up being the only VC firm in town, which could limit the overall available investment opportunities. Students could go elsewhere. Construction could stall due to funding or lack of demand.

But so far things look pretty rosy. Certainly, IT vendors that haven't yet heard about Beersheva should investigate opening an office at the tech park sometime soon. And if you are a student interested in pursuing a career in cybersecurity, BGU might be a good place to apply.

Join the CSO newsletter!

Error: Please check your email address.

Tags GoogleMicrosoftsecuritylegalintelmalwareBloombergcybercrimestarbucks

More about AdvancedBloombergCyberArkDeutsche TelekomF5F5 NetworksGoogleInc.IntelMicrosoftNavajoNSAPalo Alto NetworksSamsungStarbucksTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Strom

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place