Max Metzger, Reporter
August 11, 2016
Israeli parliament recommends creation of national cyberauthority
Share this content:
facebook twitter linkedin google Comments
The Israeli Knesset waits on the passage of a bill which would see the amalgamation of Israel's cyberdefences into one central authority
The strands of Israel's cybersecurity apparatus are to be consolidated under one roof, according to the country's parliament, the Knesset.
Specifically citing the recent hack on the Democratic National Committee, members of the Knesset foreign affairs and defense subcommittee on cybersecurity made the proposals on Monday.
The recommendation of the subcommittee, laid out in a bill that is expected to pass a final reading this week, will ensure that matters of cybersecurity will be put under the control of the National Cyber Authority (NCA). Under these recommendations, the NCA will protect classified information and critical civilian infrastructure.
Israel is considered one of the world leaders in cyber security (credit: אדרי איציק :צילום via Wikimedia Commons)
There are, however, caveats. In national states of emergency, the country's internal security service, Shin Bet, will take over that role. Knesset members and political parties will only fall under the NCA's protection if information is considered classified.
Special counsel Roy Keidar of Israeli law firm Yigal Arnon & Co told SCMagazineUK.com that this bill has been a long time in the making, but “it comes in a recordbreaking month of cyberattacks raging all over the world, with aggregate damages totaling in hundreds of millions of dollars. While some attacks received wide media coverage, like the recent Bitfinex $72 million breach, many others were not even heard of among the public.
“Realising the potential of cyberrelated damages to the economy writ large, the new bill signifies Israel's emerging holistic approach, understanding that the cyber protection of national interests is not enough. The new bill attempts to provide the regulator with more tools in order to better work with private businesses, academia, nonprofits and others to enhance cyber security when challenges are constantly growing.”
This change, should it be enacted, will require Israel's cyberdefence organs “to develop more comprehensive policies, coupled with legal and operational tools, in a variety of fields. One such field, for instance, invokes the challenge of formulating appropriate guidelines to small and medium size enterprises (SMEs), which so far have received scant attention by the authorities, yet, at the same time, experienced everincreasing malice by cyberattackers.
“Unlike government facilities and large companies providing critical services, the SMEs are often struggling to afford the high costs associated with comprehensive cyber protection, while [being] perceived as easy prey to hackers and cyber criminals. This, for instance, requires an entirely different 'toolbox' than was available to regulators so far. Fortunately, the recent bill is an important step forward.”
Ewan Lawson, a senior fellow for military influence at the Royal United Services Institute (RUSI) told SC that the UK might benefit from a similar move. “From a UK perspective, I would argue that the fragmentation of cybersecurity across so many HMG departments is probably unhelpful.”
However, added Lawson, “On balance I would be reluctant to support bringing it all together under one roof.”
Lawson expressed concern that the National Cyber Security Centre, an organisation formed for a similar function, “is already being discussed as the answer to all of the UK's problems in cybersecurity. I guess the critical question is what would be the range of authorities of such a national authority.”