If the Trump administration needs a model for a cybersecurity policy, it needs to look no further than its good friend in Jerusalem, the Israeli Prime Minister, Benjamin Netanyahu.
In 2011, correctly understanding that the world was heading for a cybersecurity calamity, the Israel Prime Minister’s Office approached Tel Aviv University’s Major General (ret.) Prof. Isaac Ben-Israel to review Israeli national cyber policy.
Prof. Ben-Israel’s report, which included the recommendation of positioning Israel as one of the top five global powers in cyber expertise by 2015, was adopted. That led to the establishment of the Israel National Cyber Bureau, with Prof. Ben-Israel as the founding director.
At the same time, Tel Aviv University was also expending significant resources to strengthen its position in the field of cybersecurity. The University’s cyber group were advancing pioneering research and transferring their knowledge to decision makers in the government and to security technology firms.
Maybe I should repeat that.
Among other advances in policy, they created a unique tool called The Senior Cyber Forum, that brings together the top 100 CEOs and VP of Israeli cyber security companies — including Microsoft, Google, HP, etc. — with University researchers from places like MIT and Johns Hopkins, government representatives and Venture Capitalists to break down traditional barriers and advance multi-disciplinary research.
This enabled scientists and engineers and business and policy experts to work together to find fresh solutions to complex problems.
The results have been astounding. Th e30+ groups have launched and conducted some of the world’s most advanced cyber security investigations into cloud computing, networks, image and video recognition, cryptography, secured IoT, legal protocols, public security and user behavior.
In cloud computing, they have developed methods that will verify complex outsourced computations used by multiple-cloud providers that guarantee correct answers, even if many of the cloud servers are in collusion.
In networking, they have developed critical infrastructure that can find actionable geometric representations of both normal and deviant behavior in networking data and at the same time train the system to extract heterogeneous features, identify various normal profiles and find the patterns that deviate from them. This approach is substantially more accurate than the Bayesian network baselining which is the technique used by the leading network behavior analytics in our market today.
In network currency, they have developed an improved alternative to Bitcoin based on a privacy-preserving digital currency that enables instantaneous payments across the Internet without any central trusted body, thus avoiding a single point of failure, and without compromising the privacy of consumers and merchants.
In Imaging and Video Recognition, they have developed algorithms that will recognize faces in unconstrained videos. While related to face recognition in still images, video has its own unique characteristics and requirements, yet their team is developing novel set-to-set similarity measures that employ multiple classifiers and multiple descriptors to capture the appearance of an individual’s face as depicted in a video clip through localization, recognition and pose estimation of deformable, articulated and entangled 3D geometric objects in cluttered scenes with high levels of noise and occlusions.
One likely outcome is the password-free silver bullet we have all been seeking.
The teams are building ultra-fast, highly efficient cryptographic functions that can be implemented by computationally weak devices, such as smartphones, smart cards, IoT sensors or RFIDs, while still providing strong cybersecurity. This approach should become part of the foundation for critical IoT security in the future.
In addition this team has developed some very advanced algorithms for the detection of poly- and metamorphic malware and the subsequent training in real-time of machine learning augmented intelligence systems that can then detect derivative strains without supervision. This is a huge breakthrough in malware detection.
On the hardware side, they have been studying acoustic information leakage, where noise made by common computers reveals information about the secret data they are operating on. The team has discovered that computer sound recorded by special microphones can be analyzed to reveal secret encryption keys, a breakthrough that will lead to hack-proof hardware platforms.
And finally in the areas of user behavior, they have been using advanced machine learning tools to characterize the typical behavior of different users in an organization to detect anomalies in their behavior even when they perform within their authorized range of activities. We can’t do this today, so insider threat is one of the leading causes of cyber breach.
The point of all of this is to assure that Israel will not fall victim to escalated cyber-crime and state sponsored attacks and no longer be dependent upon western governments and commercial enterprises to develop defenses fast enough to outwit the hackers and cyber-terrorists.
Israel is a serious nation with a long memory. They can recognize an existential threat and they have the ability to act decisively. They understand how precarious the world stage has become and what a significant role cyber-technology will play in future warfare.
We on the other hand, would rather spend countless calories investigating questionable justice obstructions, Russian collusions that might or might not have happened, and whether our Commander-in-Chief tweets too much.
When the fan really starts spinning, I hope Netanyahu will be able to make room for us.