Top expert: State must speed up, overhaul cyber regulation

Currently, there is not even a comprehensive cyber law – and initial efforts to propose one this summer stalled on a variety of privacy and other concerns.

By
August 30, 2018 02:12
3 minute read.
Cyber hacking

Cyber hacking (illustrative). (photo credit: INGIMAGE)

 
X

Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analysis from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later

Although Israel is ahead of many countries in its cyber regulation efforts, it must speed up and overhaul the process, a new study by INSS’s Gabi Siboni and Ido Sivan states.

Speaking to The Jerusalem Post on Wednesday, Col. (res.) Gabi Siboni, a top cyber and national security expert, said that the broad problem is that although much has been done to defend the country’s infrastructure and private sector from cyber attacks, it was still highly insufficient.

Structurally, he pointed out that the private sector is not incentivized to maximally protect itself or against indirect harm to the public from hacks.

Currently, there is not even a comprehensive cyber law – and initial efforts to propose one this summer stalled on a variety of privacy and other concerns.

The study says that while Israeli businesses have started to get better at protecting aspects of their operations that they view as critical, defending against cyber attack still is a cost for them and not a profit – which means they only want to do the minimum necessary.

In the current information age, this necessary minimum may leave the wider public and its data vulnerable in unacceptable ways.

Siboni told the Post that the private sector protects itself “based on what they consider necessary and not based on what the state considers necessary; they may miss national security angles” that are less obvious.

In the midst of the debate over the proposed cyber bill’s contents and to address this gap, the study proposes a three-tiered system of regulation.

The first tier – including the IDF, the Shin Bet (Israel Security Agency), the Mossad and the Israel Police  – will self-regulate according to their own unique needs and risks.

In the second tier, the study proposed new obligatory cyber defense regulations for bodies and private companies which, if successfully cyber attacked, could harm the country’s national security.

Outgoing National Cyber Security Authority (NCSA) chief Buky Carmeli recently told the Post in an exclusive interview that he favors passing a cyber bill, but also wants to reduce some regulations so that resources are not spread too thin to focus on the primary issues.

Siboni is a greater proponent of regulation, saying that the key is not to have any loose regulation, but to rate the level of importance of even second-tier companies, and to tailor the level of regulation to that rating.

He gave the example of a restaurant which must check off certain boxes relating to fire, environmental and food safety concerns, but currently has no requirements for protecting information.

Discussing the media, he said that if one media outlet would be hacked, it might not be a national security issue. However, if every major media outlet was hacked in the middle of a war, that could become a national security problem.

Finally, the study’s third tier would have less regulation, but would be clearly incentivized economically – with tax breaks and other rewards or penalties – to meet certain minimum cyber defense parameters.

Siboni also proposed a steering committee to ensure that the regulatory reform was implemented, but he did not think that a new public body necessarily needed to be formed. Rather, he thought that the recent consolidation of the prime minister’s cyber bureau into the NCSA was a positive step, and that the NCSA could likely head the steering committee.

The study reviewed several other countries’ state of regulation, including the US, England and others, finding that Israel is actually farther along in its thinking and promotion of cyber defense.

Most importantly, he said the discussion and implementation must be strongly pushed forward since it will probably take time. Comparing it to the amount of time it took for new environmental regulations to take hold, he said that a full transformation could even take a decade.l.”

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

raw chickpea in bowl and on a table hummus israel food
July 23, 2019
Thief tries to steal chickpeas from kibbutz in southern Israel

By MARCY OSTER/JTA

Cookie Settings