Cybersecurity is one of the most important tech industries, in that it enables the safe advancement of practically every other tech sector. With so much sensitive information being stored online, from personal data to confidential business information, it’s essential to have strong cybersecurity measures in place to protect against potential cyber attacks.
Israel has long been an industry leader in the cybersecurity field, but according to experts, a host of new challenges faces the sector as the new year officially settles in.
Distance makes the cybersecurity grow harder
Israel is, for the most part, in a fairly good position to serve its global clientele — though according to Adi Ikan, CEO and co-founder of cybersecurity platform Veriti, its geographical location may stand as a hindrance.
“The cybersecurity scene in Israel has become a worldwide hub for expertise and innovation, which is outstanding,” he said. “Being located close to the industry’s most successful entrepreneurs and companies gives a huge advantage in terms of knowledge and experience. It’s one of the best places to establish a venture and tackle challenges along the way, especially given how mature the ecosystem is. Moreover, working with Israeli customers is also highly beneficial, as they bring substantial expertise and provide us with valuable feedback.
“However, despite the advantages of being part of Israel’s cybersecurity scene, our geographical distance from the US can present challenges when it comes to GTM,” Ikan said. “To overcome this obstacle and succeed, we need to stay engaged with the industry and the field and ensure our ideas align with reality. From the outset, we’ve been focused on evaluating how our ideas fit with what’s happening in the real world. The key is to balance the benefits of being part of this unique community while still being in the field as much as possible. This way, we can continue to grow and expand while staying connected to the industry’s pulse.”
Too much too fast
OFER SCHREIBER, Senior Partner at YL Ventures, pointed out that the rampant success of tech advancement can serve as a detriment in some cases, especially when it comes to keeping everything secure.
”A fast-growing cybersecurity plague is the abundance of tools and technologies used by security teams,” he said. “As breaches and security blind spots escalate faster than organizations can manage, security budgets have adapted to include the procurement of security tools – some designed to mitigate new, ‘trendy’ threats, and others attempting to resolve all security risks. These disparate tool sets force security teams to apply manual processes and deal with countless alerts and false positives.”
In order to combat this issue, Schreiber suggests that cybersecurity chief information security officers (CISOs) keep close tabs on who’s using what, and why.
“A large number of tools are used throughout the entire process – from when risk is identified by a security tool until mitigation actually takes place,” Schreiber said. “It is getting increasingly harder to know how risk triage is proceeding and if there is any way to optimize the process. To remedy this issue, CISOs need tools that provide them with comprehensive visibility into their security stack, control and management over their overall security posture and the ability to define, track and report on business and security metrics.”
The newer, the more exposed
DAVID WARSHAVSKI, VP Enterprise Security at Sygnia, highlighted the current expansion of AI as a potential pain point for the cybersecurity industry, as the new technology carries a new frontier of exposure to cyber threats.
“While it’s tempting to discuss the potential of artificial intelligence to carry out cyberattacks, the real concern lies in the AI attack surface itself. The foundations of tomorrow’s technology are now exposed to a wide range of threats, many of which we are still struggling to understand and defend against. The growing presence of AI and machine learning (ML) systems in the digital realm presents significant challenges for organizations and governments alike,” Warshavski said.
”Adversarial attacks, data poisoning and model extraction are just a few of the numerous threats looming over AI systems. These vulnerabilities can jeopardize AI-driven innovation and inadvertently contribute to the perpetuation of societal biases and inequalities. Now more than ever, the focus must shift from AI’s offensive capabilities to the defensive strategies needed to secure its foundations,” he said.
As an example, Warshavski presented a few cases which highlight vulnerabilities in unexpected – though surprisingly simple – ways.
”Researchers have already shown that a stop sign with a specific sticker on it could be misclassified by an autonomous vehicle as a speed limit sign, leading to potentially dangerous consequences. Another group of researchers were able to demonstrate how sensitive data can be extracted from auto completion and recommendation engines that heavily rely on ML models trained on personal user data,” he said.
Warshavski’s suggested solution relies on teamwork and a mutual effort to keep things as secure as possible.
“Collaboration between academia, the private sector, and the security community is crucial to identify, assess, and mitigate the vulnerabilities plaguing AI systems. Investing in AI-specific security research will ensure that the expanding attack surface is met with sophisticated defenses,” he said. “In this age of rapid digital transformation, we must prioritize the protection of AI technology, recognizing that the promise of AI-driven progress depends on our ability to stay ahead of the constantly evolving threats it faces.”