Israel and ICS Cyber Security Dr. Tal Steinherz Chief Technology Office Israel (INCB) 1 October 2015
The INCB The Israeli leads efforts and advises the government on: Cyber Ecosystem Establishing techno-scientific foundations for growth Promoting complementary national processes Cyber Defense Formulating and implementing a national cyber-defense strategy
Framework with three pillars National Capacity Building
Israeli Cyber Defense Strategy Regulation Operation Technology Direct vs. Market Hierarchy Government lead
National Cyber Defense Strategy International cooperation National cyber defense efforts Promoting cyber-security Critical infrastructures Regulation Public awareness 5 Technological and scientific infrastructure
Towards a holistic approach Critical infrastructures Important processes Sectoral regulations Strict regulations Cumulative effect Defensive efforts
From a different perspective Mitigation Prevention Protection Response Recovery Attacks Unified defense operations Attackers Regulations & awareness Assistance & information sharing National security Proactive Intelligence Investigation Enforcement Attribution
The Israeli approach New centralized cyber authority: Dedicated solution New discipline bridging the gaps Civil libirties Strengthening national resilience: Governmental leadership: Gov cyber security unit SOC CERT Leveraging regulatory authorities Proactive assistance: Cyber security administrators An advanced & engaged CERT 8% of IT National level technological platforms Human capital Government Academia Industry
Israel s Perspective on CIP 9
Israel s Perspective on Energy-Related CIP 10
Israel s Experience with CIP 11
Cyber Defense in the Water and Energy Sector Electric Company SOC Cyber Gym Critical elements Energy Companies Energy Cyber Center Ministry of Energy National CERT NISA
Energy Cyber Defense Center Purpose: Information Sharing & Defense center for the energy sector focusing on cyber threats. Concept: A center for cyber defense owned by the government; A collaborative effort with the Ministry of Energy. Added value for the cyber security of each individual member through advanced. technological solutions. Not part of the regulatory actions. Focusing on: Trusted information sharing. Actionable intelligence. Applied R&D solutions for cyber defense enhancement. Training and Exercise.
National Organization Cyber Bureau IT Network SCADA Network HMI Controls Internet 14 Industrial Equipment
The solutions is here! IT security OT security One Way Links FW IDS Anomaly Detection Forensics GRC Management Training Advisory & Testing 15
The Cyber Security Ecosystem in Israel 16
Agility is Vital 17
Ecosystem for Cyber Leadership Industry Academia Human Capital Government 18 Technological Infrastructure Defense Community
Competitive edge in cyber security Collaboration (industry, academia & government( Security orientation National threat Government resolutions Culture Necessity IDF Academia 20 years of experience (global & domestic) Unique talent Spirit of innovation 30 years in the vanguard Facing innovative attackers
Israel as a prominent player in ICS cyber security Out of the Box & Interdisciplinary Innovation Capacity Human Capital with Advanced Knowledge on Cyber Security in Physical Systems A Decade of Intense Experience in Critical Infrastructure Cyber Security
A global hub for Cyber Security 250 companies totaling $ 3B in annual revenues (~ 5% of global market) Over 25 leading MNCs with Cyber R&D activity ~10-20% of global investments $ 400M raised and $ 1.3B in M&A s in 2015
Government commitment Investments Human capital national training and education programs ~$50 million (5 years) Academia 5 research centers ~$75 million (5 years) Collaborations National CERT a hub for knowledge and partnerships Designated funds for joint international R&D projects and academic research Industry R&D grants and projects ~$150 million (5 years) CyberSpark