Cybersecurity goes on the offensive

Israel Barak, CISO Cybereason, photo: Brett Kline
Israel Barak, CISO Cybereason, photo: Brett Kline

Israeli, US and French companies brought the latest thinking to the Cybersecurity Forum in Paris.

If one message were to emerge from the 13th annual Cybersecurity Forum here, it might come from Israel Barak, the Chief Information Security Officer (CISO) at Cybereason, a Boston-based (with origins in Israel) global leader in stopping the world’s most advanced cyber-attacks, with an extensive client list in the United States, northern Europe and Japan, now entering the French market.

Granted, that sentence is a mouthful, but it is only the beginning. As organized by Dominique Bourra and the Chambre de Commerce France-Israel, and hosted by the Paris Chambre de Commerce, this 13th Paris forum is “an alchemy of insider cyber Jedi, not simply a gathering of experts,” as Bourra explained with a straight face.

This year, there were 17 such cyber insider companies from Israel and the US present in Paris, 40% more than last year. Many of the US companies have R&D units in Israel, in Tel Aviv and Beersheva, for example. The French also showed up in record numbers, with more than 100 CISOs and cyber experts from CAC 40 firms and the largest groups in France. Some 300 other French insiders were also present.

Israel Barak, for example, founded and headed the cyber-attack red team unit of the Israeli army, the IDF. A Lieutenant-Colonel, he is a good example of the value of Israeli military expertise in identifying, fighting and beating global cyber attackers, though detailing his army experience to a journalist is not something he will do today or tomorrow or ever, probably.

“Using what are known as best practices has turned the art of incident detection and threat hunting into a science,” Barak told Globes. “For years, we played mirror chess. You looked at what an opponent was doing, and took countermeasures.”

According to Barak, who with his crew-cut, goatee and slow, measured speech, looks and sounds like just another small-town American visitor to Paris, and not the sharp, born and raised Tel Avivi that he is, not only was this 100% predictable strategy, it was also bad strategy.

“We need to see the global strategy of the attackers, so we develop expertise to know how they work,” he continued. “The techniques differ - using an entry point on an employee’s laptop, or an application facing the Internet - but the tactics are the same. When on target, they take the data out. Being on the offensive in the military gives you an advantage with the attackers. You adapt your mindset to theirs. And you learn to have confidence working in small teams. That and connecting expertise is part of the Israeli recipe for success in the market.”

In fact, last year’s guest speaker at the Paris Forum was Nadav Zafrir, former commander of the IDF 8200 signals intelligence unit and now the CEO of Team 8, a New York-based cyber foundry, as he puts it. At the 2018 forum, Zafrir apparently liked what he saw. Three companies from the Team 8 portfolio attended this year’s forum: Claroty, Illusive and Hysolate, all with Unit 8200 links.

According to André Maarek and Michel Kauffmann, the two Chambre de Commerce France-Israel VPs, a number of Israeli companies present are repeat participants or sponsors. This year, they would include Claroty, Illusive, Morphisec, Promisec, SecBi, CyberArk, Cynet, Guardicore, the cybersecurity unit of the Technion, and that of the Israeli government itself, the Israel National Cyber Directorate.

New this year, three Israeli start-ups: Hysolate, MinerEye and Reblaze, and five American firms: platinum sponsor Cybereason, Synopsys, Cobalt, Recorded Future, and Zecops, not yet in the market.

During the copious buffet lunch in the Salle des Cuivres of the Potoki Palace, CCFI President Henri Cukierman noted that the number of 1 to 1 meetings had doubled compared with last year. How are things going, he was asked.

“Well, we are advancing in a very disorderly way,” he said, looking around. “It is very dynamic. It is an entrepreneurial spirit, Israeli-style, and I like that. I am running around so much that I forgot to cry about the general level of business between France and Israel, which is still lagging behind other European countries. But that is another story.”

Ofer Maor, the director of Solutions Management, the cyber branch of Synopsys, a leading US software and programming company, was here ten years ago as the co-founder of Hacktics, and then Seeker Security. In 2008, they played the attacker role, and demonstrated how to use a software breach to break into a bank. No kidding!!

Today, he still does software, and mostly for the finance and automotive sectors, but there is no time for such sophisticated fun and games as there was in 2008.

“It used to be audit and security control on software that mattered, but external controls do not work anymore,” he said. “Automated tools must be part of the internal process now, part of the software. “

Maor said that while cyber security budgets are still focused on IT and networking, “80% of targeted attacks are in software applications. So in terms of risk, network security is over budgeted, and software security is under budgeted.”

“Let’s talk about cars,” Maor continued. “Cars are so sophisticated today that the automotive world has become a software industry. Cars are becoming a mobility service. Cars without drivers are a reality. And the risks are huge, from stealing travel info to crashing those cars.”

In fact, the word “automated” means artificial intelligence, AI. The consequences for the cybersecurity industry are enormous.

“AI is a revolution in all fields, and is bringing a tsunami to the cyber security world,” noted Mauro Israel, the CISO at ORPEA, France’s largest health care provider, with some 850 retirement homes and health clinics throughout Europe, and more than 43,000 employees.

“Large groups in France and elsewhere will increasingly depend on small companies and start-ups, notably from Israel, to provide security,” he said.

And that security must match and go beyond the capacity of criminals and unfriendly governments to disrupt systems and steal data.

Mauro added that nobody has forgotten the WannaCry ransomware attack on May 12, 2017, which paralyzed the British National Health Service for a short time. With no access to medical records, doctors were forced to resort to pen and paper.

A regular at this Paris forum, Mauro is looking far beyond the present, at what he calls “parallel cyber wars. “

“Sometime in the future, our lawyers will be computers. Our doctors will be computers. And they will all need cyber protection,” he commented. “The most important thing will be international cooperation.”

“Increasingly, we are all sharing the same technological burdens and challenges,” noted Philippe Charlier, CISO at the French Army. “And at this forum, I am seeing companies and technologies I do not see at other tech shows in France and Europe. The rapid-fire presentation format allows us to see a lot of people in a short time.”

“We see the Israeli technology here, and every year the supply and demand grows,” commented forum regular Philippe Landeau, business developer for Orange Business Services, with some 250 major client accounts in France.

For Dominique Bourra, forum organizer, or symposiarch, battle lines are being drawn. “I believe we are on the eve of battle,” he told Globes, “a battle for technology and creativity and against inertia. I’m not pointing fingers at anyone here. And I have this in mind when I go to Israel to choose companies to participate in this forum.

“And here, those experts remain insiders. We have limited press coverage of this event. Every year, I refuse all TV coverage. Many insider elites would not like to see their conversations with certain others at this forum appear on TV.”

Bourra was headed to Washington, the only foreigner invited to a very focused Artificial Intelligence summit there with fewer than 100 participants. Several of them may find their way to the next Paris cyber forum. But that is another story.

And before we move on to the next forum, what about this message from Israel Barak. "Very simply," he told "Globes", “the risk profile for private companies and governments is higher now than ever before.”

Published by Globes, Israel business news - en.globes.co.il - on April 8, 2019

© Copyright of Globes Publisher Itonut (1983) Ltd. 2019

Israel Barak, CISO Cybereason, photo: Brett Kline
Israel Barak, CISO Cybereason, photo: Brett Kline
Twitter Facebook Linkedin RSS Newsletters גלובס Israel Business Conference 2018