Cyberspace is constantly developing, affecting every aspect in our lives and as a result, is also one of the most strategic risks (security, economic, social). The transition into the smart-digital world is reflected in the “Internet of Things” (IoT) trend, creating a world with billions of components in homes, offices, factories, and in national infrastructures, connected via communication networks (50 billion units are forecast to be connected by 2020). The greater the use of linked digital components, the larger the number of threats and higher the risks they reflect.
The basic rule, known in combat theory, by which “the best defense is offence" is no longer valid in the era of cyber conflict where the attacks are multiple, diffused, hidden, and evasive. We must change our strategy and act by the new rule: “the best defense is defense ”, and in this line of defense, invest most of our efforts.
One of the most fascinating and challenging ways to deal with cyber threats is to create effective wisdom from the massive quantities of data collected at any given moment and from as many systems as we can (for example, IEC collects about a billion events daily, only for cyber security). Today, data and trend analysis enable transformation of the data into information and from that, into relevant knowledge. However, the next significant stage, to create a defensive advantage in cyber warfare, will be to transform this knowledge into wisdom , using advanced Big Data analytic systems and expert systems for scenario research.
The transition of information to wisdom will provide new capabilities for automatic response and reaction to exceptional events, along with creating a new forecasting dimension in cyber defense. The ability to predict what is going to be the attacker’s next step, before it is acted upon, will mitigate most of the risks and neutralize the attack before it actually happens – that’s the future!! That’s what we are aiming for!
Another challenge and strategic goal in dealing with cyber warfare is cooperation and sharing of information, knowledge, and recommended work methods, at an international level. In spite of recent efforts at improving the level of cooperation, it is still very poor, and unfortunately, it is much more advanced on the “bad guys” side.
Establishing an international reporting center for cyber-attacks, to share and provide a knowledge base of every cyber event and recommended operational methods, is unavoidable, and will add a significant tier in the struggle for cyber security.
Cyber Security in National Infrastructures
Israel Electric, being the largest infrastructure company in Israel, is an essential service provider and obliged, by law, to supply electricity in every situation and at all times: in times of routine as well as in emergencies. As a strategic target for cyber-attacks, IEC has undergone attacks from all over the globe. The profusion of threats and increased level of sophistication obligates us to continuously protect and improve, thus investing resources and searching for innovative and creative solutions in the cyber domain.
To handle the threats and dangers, Israel Electric has established a Security Operation Center (SOC), to enable managing and monitoring 24/7, in real-time, of all mission-critical infrastructures. In addition, the Company established a training arena and an imaging center for cyber warfare – CyberGym. This is a unique, cutting-edge training center, simulating, in a tangible way, high-level cyber-attacks, while learning how to identify, handle, and prevent them.
These solutions are key factors in developing an efficient cyber defense program for critical infrastructures, and supply proven abilities to handle the challenges developing in the cyber era.
Marshall McLuhan, one of the founders of media research and a researcher of the future of technology once commented: “We drive into the future using only our rearview mirror”.
In preparing for the future we must not rely only on analysis of past data. We must prepare for tomorrow, looking forward, study the future, and approach the different possible scenarios with a wide and long-term view.
This way, and I believe, the only way, we will minimize the risks developing in the cyber era, and make cyber wisdom to a powerful growth engine reflecting every aspect of our lives.
The author is the Chairman of the Board of the Israel Electric Corporation