May We Live in Interesting (Cyber) Times - Insights from Cyber Week 2019 in Tel Aviv

Visiting #cyberweek2019 and its subsidiary event #PrivacyTechAlliance in #TelAviv gave a healthy dose of dystopian paranoia coupled with a sense of meaning to the work we are doing at PrivacyAnt (data protection software). Our CTO and I left for the conference with the purpose of hearing about latest trends in #privacy / #dataprotection, but it was in no way less interesting to learn that the emphasis in geopolitics and security is fast moving towards #cybersecurity. And, as we all should know: without information security there can be hardly any privacy.

In short, from the maybe 7 presentations about cyber that we got to see on Tuesday, we learned that companies are awakening to the fact that their supply chain needs to be mapped and monitored. Organizations need to start working more on patching the vulnerabilities not only in the processes and systems they control directly themselves, nor only on the first tier of vendors, but the whole supply chain all the way to the various ends. (Donald Parker, VP, #Intel; Esti Peshin, General Manager, Cyber Division Israel Aerospace Industries)

The power balance is on the attackers’ side, and the gap between the bad guys and the good guys has widened.

It was illuminated to us more clearly than ever that states and hacker groups are investing more and more in espionage and cyber attacks, because it is tremendously effective, and cyber attacks have become cheaper to conduct. The power balance is on the attackers’ side, and the gap between the bad guys and the good guys has widened. (Chris Young, CEO, #McAfee)

The future of geopolitical and economical power balance will be determined more and more in the cyber realm.

The need to remedy the vulnerability of companies and societies in the coming years is intense. The state of Israel has clearly identified that cyber security is an area, where investments are growing at an accelerating speed, because the field's tactics and technology are developing at mind boggling rate. The future of geopolitical and economical power balance will be determined more and more in the cyber realm. (Hudi Zack, Chief Executive Director, Technology Unit of Israel National Cyber Directorate; Esti Peshin, General Manager, Cyber Division Israel Aerospace Industries)

Some of the forerunner states in cyber are USA, Israel, China, and Russia. It also left me thinking that China as a rising super power seems to have chosen a brilliant strategy: outsource innovation and R&D to the western states, use cyber espionage to get hands on the technology, and perfect it to increase the competitiveness of their companies. Obviously, it is not only China and Russia that are running operations against western companies and countries… it happens both ways.

Interesting part was the seemingly great openness in the presentations about the paradigms, strategies and tactics enforced in cyber defense. Specifically, this was the case in hearing Lior Div’s presentation (he is the CEO of Cybereason). Some cases were quite openly explained to the public (which included participants from countries, where cyber espionage and attack operations are originated from against the west) on how certain hacker groups conducted their attacks, and what kind of strategies and tactics were executed to mitigate the damages. This left me thinking, whether it is a conscious strategy in the west to hold certain level of openness about these issues. The benefits of this presumed hypothetical strategy remain somewhat unclear to me. Maybe it is a way of building robustness by increasing the level of awareness in societies in the west as a whole.

What to do?

Without great investment in education and awareness about cyber security, societies and companies will be left ever more vulnerable in the coming years. There are no ”cyber warriors” at some digital battlefront doing the protection, but a ”hacker mindset” needs to be adopted at all levels among people vertically and horizontally. (Marc Rogers, VP of Cybersecurity, Okta; Esti Peshin, General Manager, Cyber Division Israel Aerospace Industries). So train your employees, give clear guidelines, and encourage people go take educational courses about cyber security. It’s your company’s, customers’, business partners’, and nation’s interest at stake.

We need to adopt a hacker mindset.

The business implications of the accelerating development in cyber espionage and security is psychologically hard to fathom. It is partially due to the fact that it is hard for individuals to see the direct damages for business due to stolen data and trade secrets. This is even more so with data subjects whose personal data is being breached or unlawfully processed. Again, training and going through real-life cases about implications is the way to fill the gap in understanding the value of cyber security and privacy.

All in all, this was one of the most mind stimulating conferences we’ve been to thus far, and I can highly recommend it! Interesting times seem to lie ahead in during the course of 21st century.