Microsoft Looks To Israel To Lead Cybersecurity

Dld cybersecurity image

Microsoft has based its first global cybersecurity accelerator in Israel. It’s not hard to understand why

It is no surprise Microsoft Ventures chose Israel this summer to host its first accelerator dedicated to cybersecurity.

The start-up nation is a global power in the sector; Israel’s Checkpoint invented the modern firewall in 1993. Twenty-one years later exports of cyber-related products and services from Israel topped $3 billion, three times that of the UK, a country with a population ten times the size. In 2013 Israel was second only to the U.S. in cybersecurity exports, according to Israel’s National Cyber Bureau.

According to NCB data, 14.5% of all cybersecurity start-ups worldwide attracting investment are Israeli-owned.

The lucky winner in the first cohort of the new Microsoft accelerator will secure a $1 million investor from partner Jerusalem Venture Partners (JVP), which has been investing in cybersecurity for some 20 years. JVP helped create Israel’s first cybersecurity incubator in 2012 in Be’er Sheva.

Microsoft Ventures’ Tel Aviv project is also being supported by Akamai Technologies.

The four-month program, which will run through January 2015, will provide start-ups with mentorship and market expertise and free tools with JVP committing to offer $1 million in investment to one of the start-ups at the end of the accelerator program, together with a place in its own Be’er Sheva incubator.

The cybersecurity accelerator is by no means Microsoft’s first or only connection with start-ups in Israel; since 2000 it has acquired at least six. For example, in November 2011 it purchased VideoSurf, a video discovery technology provider, for a reported $70 million.

Israel Makes Total Sense For Cybersecurity

The U.S. software behemoth is taking part in the DLD Innovation Festival September 14th-17th by hosting an invitation-only event to connect start-ups with potential investors and industry experts.

“Israel makes total sense for cybersecurity,” says Zack Weisfeld, Senior Director of Microsoft Ventures and the head of the Tel Aviv accelerator program. “It is an open secret that Israel has been home to many security companies starting from the days of Checkpoint to Trusteer (which was purchased by IBM in August of 2013 for close to $1 billion).

“For good or bad Israel had to deal with a lot of issues related to security and cybersecurity throughout the years. There is definitely a significant amount of talent in Israel that deals with, and has dealt with for a long time, issues of security and cybersecurity.” 
According to Nimrod Kozlovski, a partner at JVP Cyber Labs, Israel’s global lead is the direct result of two things, both of them linked to the government.

The first is the role of the Israeli Defense Forces. “The IDF is really an innovation hub,” says Kozlovski. “The informed decision by the IDF to let people who are just released take the knowledge acquired while they are in the army without being too concerned about IP or commercialization of it, created many technologies that were commercialized and industrialized in a very fast way.

Role of Israel's Chief Scientist

“Checkpoint is a good example. Two people in a unit in the army honed their expertise and a short time after being released opened a company based on this model.”

The second, he says, is a deliberate program by the Office of the Chief Scientist to seed very early-stage cybersecurity companies. “Most
of the early-stage innovation and R&D... is being sponsored by the government,” says Kozlovski “This creates a very lucrative program for private investors to step in shoulder to shoulder with the government.”

The combination of military experience and government direction has given Israel a huge lead on the rest of the world, a lead that Israel’s unique position makes hard to overtake.

“You don’t need a lot of training to start a mobile or Internet company; basically you just apply whatever innovation you can imagine the Internet will carry. It is more having a good UI,” he says “But cybersecurity innovation requires a lot of knowledge, it requires years of experience to understand the operating system and the protocols and the attack chain and many elements that are the core of the network.

IDF Cybersecurity Warrior

“If you look at a guy in the U.S., even if you are brilliant and went to college and left at the age of 22, most of the time you have taken two classes in Info Sec. If you are a cybersecurity warrior in the IDF, you have years of experience already; it is really hard-core experience. Many of them start training at the age of 16 pre-army, but even if you start at 18 when you are released from the army you have four to six years of experience. You have a huge head start ahead of anyone else,” says Kozlovski.

So where is this head start taking Israeli cybersecurity start-ups? “There is a growing realization that the classic form of anti-virus detection is no longer good enough,” says industry analyst Keren Elazari. She said detection rates had been falling dramatically. “It used to be 80-90%, now that is much lower; [only] 30-40% of attacks are detected. And I am talking about the classic protection of PCs and networks, I am not even talking about the new smart grids and the like.”

Companies focused on finding new ways to detect attacks include Tel Aviv-based CyberX, which recently landed a $2 million funding deal. The company provides security for the industrial Internet. “If you go into the domain of the Internet of Things [IoT], specifically more in the industrial IoT, you have a huge domain which lacks security from the ground up,” says founder Omer Schneider, who served in an IDF cyber unit.

He said the old idea of perimeter defenses was no longer sufficient. “People will get through the fence,” he says. “To get inside is just a matter of time.”

Is The Password Dead?

CyberX’s model relies on looking for anomalies in the system. “We model the infrastructure behavior and we analyze the data we get,” says Schneider. “What we are doing is looking at your internal network and looking at your internal processes,” he says, refusing to release further details.

The security of connected devices — including medical devices — will be a big area, predicts Elazari. “I know that GE has people in Israel looking at this, General Motors has people looking at automotive security. Intel and Cisco are both looking at IoT security. There are not so many start-ups in this field yet. Expect to see more,” she says.

Israeli start-ups are also focusing on authentication technologies. As countless leaks have shown (the latest being an unverified claim of 1.2 billion passwords stolen by Russian hackers) the username/password system is increasingly being seen as an inadequate.

Oren Kedem, Vice President, Product Management at Tel Aviv-based BioCatch, says the company, which has installations in the UK, Spain, Italy, Brazil, the U.S. and Canada, uses biometric analytics to identify unique individuals. “The first thing we extract are physiological traits,” says Kedem. “Things like left-handed versus right-handed. If you’re holding your device, what is the hand tremor? Everybody has their own distinct way.”

The company also has some 40 hidden challenges. “Let’s assume you need to click on a button on a form. We deflect the trajectory of the cursor by two or three degrees. That would cause you to miss the button if you continue to move the mouse in your normal manner. What you do, and you do it subconsciously, you correct the trajectory. What we do is we pick up on how you do it. We look
for challenges that you respond to in a unique and consistent manner.”

The software has another very important advantage for the bank. Not only does it prevent fraud, it also reduces bank costs.

Savings Of $1.2 Million A Day

“We were in one particular bank that had 12.5 million log-ins a day. We identified about 10% as high risk. They have this mechanism called step-up authentication — secret questions, SMS authentication, etc. They have five different mechanisms. More than 20%
of people fail. When you ask them “what is your pet’s name?” they can’t remember. No one remembers the answer they gave three years ago. So what did these people do? They call the bank. It costs something like $4 a call. They have 300,000 people calling the bank a day. That’s $1.2 million a day just because of poor authentication mechanisms. That’s the direct cost. The indirect costs are much higher. We can authenticate 80% of those people. We could save 250,000 people calling.”

What links CyberX and BioCatch, and many other Israeli cybersecurity companies, apart from geography, says JVP’s Kozlovski, is that they are taking an entirely new approach to cybersecurity. “We no longer believe in the perimeter defense. Now it’s about whether I can have the ability to make some sense of what the data is showing me and understand patterns, anomalies and profiling to detect and be alerted in real time. We call this paradigm proactive security. It is about detecting, predicting and preventing events. This requires a very different wave of innovation. It’s much more about big data and analytics and statistical modelling.”

Elazari is bullish. “The future of the industry is this new type of analysis. And the reality is that Israeli companies have been working on this for the last few years.”

The Chosen Start-Ups

Hermetic.IO Hermetic is developing innovative technology that allows service providers using crypto keys to easily implement strong crypto key security in their apps, and to release users from the need to deal with complex passwords.

Dataflow Dataflow is a provider of Application Security Management (ASM) solutions for the Microsoft .NET Framework and JAVA Run-time environment. DataFlow is among the first products to have an active approach that deals with the source of the majority of security problems, the code itself.

Siemplify Increasing cyber alerts are forcing prioritization that often leads to attacks going unhandled. By applying intelligence investigation methods into the response, SIEMplify automatically evaluates the context, relationship and nature of alerts providing greater visibility, better detection and faster responses to actual security breaches.

Capy Instead of indiscernible squiggly letters and lines, Capy’s CAPTCHA, designed for mobile devices, is a puzzle in which a user needs to move a missing piece or pieces back into the picture. The company claims a turn away rate of less than 2%, compared to traditional rates over 13%.

Scadafence ScadaFence Network Intrusion Detection System for SCADA networks automatically identifies network day- to-day routine. Then, by applying cyber security behavioral algorithms, it is able to determine malicious intent and unauthorized operations.

Minereye Minereye’s solution learns and identifies patterns in content to provide real-time control over information assets across your network. The service reports back in real time if it identifies content that is similar to your registered data.

This article is one of a bigger pool of stories appearing in a DLD Informilo special edition print magazine that has been distributed at the DLD Tel Aviv festival 2014. This story also appears on

Mentioned in this article

8402529834 c1073fa411 o
Keren Elazari
Cyber Security Researcher & Author
Tel Aviv
Kozlovski nimrodbw
Nimrod Kozlovski
JVP Cyber Labs
JVP Cyber Labs
Tel Aviv