Israel: ISPs will be affected by the state’s requirement to create cyber protection

In view of the recent cyber attacks on the State of Israel, it was decided that the communication providers will be obliged to meet higher standards, including: maintaining the up-to-dateness and relevance of the programs, and implementing systems to prevent intrusions. Director of the Division of Cyber ​​Events in the National Cyber ​​System, Erez TidharTalked about it today (Monday) with Anat Davidov In the program “Where is the money?” On 103 FM.

In his opening remarks, he said: “Until today, those who were under closer supervision were communications companies that were under the direction of the GSS. We want to expand the canvas and include other companies because the economy is changing and it is becoming more digital.” “Or at least with a deeper hand on the pulse, and that’s what we plan to do.”

Tidhar elaborated and said: “Today most media companies do the defense for themselves without enforcement, it means that if there is a board of directors and CEO who are aware of the cyber chance they will probably do a good defense. “The level is good and we want to take it one step further because the attackers or enemies in the cyber world have realized that the soft underbelly is the media companies and it is important to put our finger on the dam – that is one of the goals of this initiative.”

One of the cyber attacks that made many headlines was the attack on Hillel Yaffe Hospital. According to Tidhar, although the hospital came out of the crisis, there is still a long way to go: “It’s not as simple as raising a button and saying that now we are protected, there are complete systems that need to be updated. “A place that knows how to stop an activity. It’s not impossible, but it’s also a push of a button – it’s processes.”

He added: “We want to keep the threat away and that is exactly the idea of ​​this initiative. We can stop a large part of the attacks before entering the State of Israel. “Many of the attacks are already at the entrance to the borders of the State of Israel. That is what we will do.”

“There is also a personal responsibility of companies in the economy”

According to the director of the cyber incident management division in the national cyber system, there are a number of things that the state will require from communications companies: “There are a number of attacks that can stop them already at the service provider level, “Capabilities and manpower to protect even things that will pass the filter.”

In response, it was asked whether compliance with the standards would be at the expense of business owners or state-funded. Tidhar replied that “I am not the Ministry of Finance and I am not the Ministry of Communications, there is also personal responsibility here. That is why we also demand in the appendix the involvement of the board of directors and CEOs themselves. In the end it can not be that you own a company and you are not involved in the technology taps or communication lines or protection capabilities you have. You can not sit and expect the State of Israel to protect you end to end. “There is also a personal responsibility of companies in the economy, but we as a country must do our utmost to reduce it.”

“If we compare to the Iron Dome,” he continued, “my responsibility as a country is to give an Iron Dome that is supposed to intercept incoming missiles, but the personal responsibility of the human being is to enter the MMAD.”

Tidhar stated: “I can not come and accompany each person hand in hand to run to the dimension. I, my job is a national Iron Dome. The role of companies and CEOs is to enter the MMAD. I am not responsible for putting you in the MMAD when there is an alarm, but I Also responsible for supplying Iron Dome missiles as a country. This is how it should be conducted, it is impossible to shirk personal responsibility and understanding of the risks. ”

“There will always be a new tool, a new validity, that will go through defense mechanisms”

Tidhar also wanted to clarify that “there are dozens of excellent companies in the economy that conduct risk surveys and can tell every small and large organization what its situation is in cyber, how many of its systems are up to date, what professionals are worth having. Can’t sit CEO, close eyes “The state must stop everything ‘because cyber does not have one hundred percent, there will always be a new tool, a new force, which will go through defense mechanisms.”

In view of his statements, Anat Davidov wondered whether there would be fines for those who did not meet the new standards. Tidhar clarified: “I believe that the Ministry of Communications has sticks and there are carrots, in the end it is a regulator and the regulator has authority and sticks and I believe that if there is a body that is unruly and does not meet the set standards I believe there will be consequences.”

“Much harder to defend”

At the end of the conversation, Tidhar claimed: “In the end we stand at the gate, we are not the pioneers who attack, the global cyber array stands and defends. It is much harder to defend. In the end whoever attacks has to attack once, instead of one with one tool. “I think we are doing a very serious job overall, there will always be new threats and challenges – we face them when they come.”

By Editor

Leave a Reply