Stories‎ > ‎

Israel’s Cyber Ecosystem

posted Oct 18, 2016, 11:24 AM by Shawna Bay   [ updated Oct 20, 2016, 3:39 AM by Michael Lenart ]
By Major General Uzi Moscovici and Maj Oron Mincha
On a Thursday evening, several weeks after Operation “Protective Edge" took place, numerous officials from Israel’s military, National Security Council, and Shin-Bet internal security service, as well as various others involved with national security and especially cybersecurity, assembled at the Prime Minister's Office. The Prime Minister intended to summarize the national framework for coping with cybersecurity incidents. This came about as a result of a recent Iranian attack that occurred during the fighting in Operation "Protective Edge," an Israeli campaign in the Gaza Strip aimed at reducing rocket fire into Israeli territories.1

It is estimated that the attackers were coordinating their actions with Hamas during their activity in Gaza. The Israeli public was barely affected by this attack, but for many involved in cybersecurity, this attack "rang the alarm bells," so to speak.

The discussion continued several hours, lasting late into the night. There were quite a few disagreements regarding who is responsible for the security of the strategic assets of the State of Israel: the National Security Council, or the Shin-Bet. Clearly, it is a matter of prestige, as well as a conflict over manpower.

The discussion concluded with the proposition and eventually the resolution to establish a body responsible solely for cybersecurity. The “Protective Edge” incident and the increasing frequency and significance of cyber threats to the country had made this resolution more or less unavoidable. On February 15, 2015, the State of Israel approved Decision 2444, which goes by the name of "the Promotion of National Preparation for Cybersecurity." The main conclusion of the agreement is that it is necessary to establish a governmental body within the Prime Minister’s Office that will be responsible for national cybersecurity. 

The body will manage, operate, and execute all national-level cyber defense efforts, in order to provide a full and consistent response to cyber attacks in real time, as well as create situation reports, focus research and intelligence, and maintain contact with the special units. In addition, this new authority will operate a center that will provide support in dealing with cyber threats (effectively, a national CERT), and act as a central interaction point between the security groups and units in the economy. Its eventual goal will be to build and strengthen the immunity of the entire economy in the cyberspace through preparation and regulation, including guidance of the economy in cyber defense, improvement of sectors’ and bodies’ cyber defense capabilities, regulation of the cyber defense service industry, licensing, holding exercises and training, and providing incentives and other necessary tools.2

The Four Pillars That Stabilize the State's Defense

Fortunately, Israel did not wait until 2015 or until the Iranian attack in 2014 to create order in its cyber realm. From the dawn of the modern-technological age, Israel has been investing in technological progress, and wisely so. It was the first prime minister of Israel, David Ben Gurion, who consolidated Israel's approach to security. Ben Gurion designated that, as the Israel Defense Forces (IDF) are quantitatively small relative to their surrounding adversaries, they must aspire to hold superiority over them in terms of quality. This approach led to the development and improvement of the human qualities of the Israeli soldier, with emphasis on equipping him with advanced weaponry through both in-house development and foreign purchases. This advantage has strengthened throughout the years, and it is backed by the development of Israel in numerous other sectors, such as science, technology, and industry. This advantage has manifested itself in the development of Israel's aerial capability, and in its ability to accurately strike targets with far greater firepower.3

Following Israel's upheaval after The Yom Kippur War, in 1974 the IDF established a technological information security body, with its main goal being to encrypt communication systems. From that moment onward, the IDF acknowledged the need to use "in-house" tools to protect its systems, starting with communication systems and later on advancing to information security systems. It's worth mentioning that with us being a small country, despite the conflicts between various security bodies (IDF/Shin-Bet/Mossad/Police) for assets, prestige, and manpower, there is strong cohesion between these bodies in terms of systems defense.

The current reality works on the basis of 4 security circles: The National Cyber Council acts as a national regulator until it becomes an authority with its own taskforce and defensive capabilities. The Shin-Bet, which is trusted to defend strategic assets today and in the future, will be forced to pass some of its authorities and manpower to the new national body. There’s also the Ministry of Defense, which is responsible for defending its networks and regulating the defense of security industries in Israel. Finally, there’s the IDF, which is responsible for defending its own networks, its objectives, and its capabilities, whatever those may be.

Despite there being a separation between these bodies, the Israeli reality overpowers bureaucracy, as it is a high-quality society where people know each other personally, whether it is because they served together in the army, studied together, live in the same city etc. The constant dialogue and support between people is unmatched by anywhere in the world. As a result, no one is surprised to see military personnel, dressed in civilian clothing, aiding the national bodies during a national event. The conflict over prestige and resources has intensified, but the national cause is always the one leading the approach of the tactical echelon. We allow the leaders, the managers and generals to fight over resources, and allow the working grades to do what they do best – work.

Cyber in Regards to Israeli Society

Cyber, as a brand, entered our vocabulary at the start of the 21st century. The Y2K bug frightened everyone at the dawn of the new millennium and caused the public to understand the basics of the challenges that come with network and information security. With this, we must remember that we are discussing a workspace that is unique due to it being man's creation and being idea based, contrary to the air, land, maritime, or space domains.

Israel is seen as an advanced and high-tech country, capable of capitalizing on the potential of this manmade domain. For many years the Israeli high-tech sector has developed ideas and solutions to system and information security, reflecting the "Start-Up Nation" phenomenon showcased in Dan Senor and Saul Singer’s 2009 book of the same name. These technical and innovative skills in the cyber domain stem from education with a realistic orientation, combined with experience in IDF high-tech units, an active reserve service, and the leveraging of Israeli or international high-tech industry capabilities and resources.

A good example of this is Adam Singolda, a 34-year-old who founded the search company "Tabula" right after his military service in the technological "Matzov" unit of the C4I Directorate. In an interview in 2013 he said "Matzov is no different from any civilian startup. I learned there that the most important thing is the people you work with. In Matzov, they took a group of smart and fresh nerds and transformed them into those responsible for Israel's encryption. There, a 19-year-old knows that if he makes the slightest mistake, the enemy could hurt soldiers."4

Thankfully, Israel has talented people like Singolda by the hundreds, if not the thousands. Some of them have already burst into the general public's view, while others have yet to do so- but they still provide the nation's defense. They are the ones building Israel's high-tech, affecting the global high-tech scene, and creating a healthy, relatively secure cyber ecosystem that provides for better and safer usage at the individual, organizational, and national levels.

About the Authors

Major General Uzi Moscovici is a 34-year veteran of the IDF and a graduate of the U.S. Army War College. He currently serves as Head of the IDF J6/C4I Directorate, to which the IDF Cyber Defense Division reports. An armor officer, he has commanded at the battalion, brigade, and division levels, and served as the IDF Central Command’s Operations Officer.

Major Oron Mincha is the Head of IDF C4I Foreign Military Cooperation. He has previously served as Company Commander, IDF Military Police Special Forces; Spokesman at IDF Central Command; Aide de Camp to Head of IDF Central Command; and assistant to IDF Defense Attaché, Israel Embassy, Washington, D.C.

End Notes

1. Kronfeld, S., & Siboni, G. (2014). Iranian cyber-attacks during Operation “Protective Edge”. Retrieved from:

2. Prime Minister Office. (2015). Promoting national preparations for Cyber Protection. Retrieved from: 

3. Ben-Israel, I. (2011). Israel's approach to national security. Tel Aviv - Broadcast University.

4. Orbach, M. (2013). 700 million Exits of Trusteer came out from MATZOV unit. Retrieved from:,7340,L-3612385,00.html 

Photo credits (in order of appearance):
1. The 4th Media
2. Times of Israel