Israel has surpassed China as the preferred place to apply venture capital (VC) investments in cybersecurity companies outside the U.S.
The Amount of Investment into Israeli Cybersecurity
To put the amount of investment into Israeli cybersecurity into numbers, in 2018, start-ups in Israel received almost 20% of the global VC cybersecurity investments, totalling $1.19 billion. That was up 47% from the previous year.
In 2019, there were about 450 cybersecurity companies operating out of Israel, which makes up 5% of the global cybersecurity market.
Where the Cybersecurity Industry Began
The cybersecurity industry itself was founded in Israel in the late 1980’s, when several local companies developed anti-virus software and information security.
The cybersecurity industry is an important part of Israel’s overall software industry, and is an ecosystem that includes a wide range of companies that offer protection from cyber warfare and cyber crime.
The Cybersecurity Ecosystem
Some of the companies in the ecosystem have worked in Israel a long time as independent companies, and they work alongside start-up companies that were sold to foreign companies, but continue to operate in Israel, as centers of development of the acquiring companies.
Israel’s Talent Pool
One of the reasons why Israel excels in cybersecurity is its talent pool, made up members of military intelligence units. In fact, it is unusual to find founders of security start-ups who didn’t receive their initial training in intelligence services.
Training in intelligence services gives founders of security start-ups a network of co-founders and employees to call upon right from the beginning.
Israel’s Approach to Cybersecurity
The Israelis are world leaders in cybersecurity, and it is not so much cybersecurity technology that makes them leaders as it is their approach to cybersecurity.
The usual approach to cybersecurity has been reactive, with a focus on potential attackers, but not in Israel.
When a government gets involved, and national policies are developed, there are often problems with coordinating effort, because different entities are assigned responsibility to different types of attackers, fragmenting all of the efforts.
To combat that problem, Israel’s national cybersecurity policy is proactive, with a comprehensive, long-term strategy of not reacting to potential attackers, but to potential threats, and assets that need protection, making organizations the first line of defence.
The Three Levels of Cybersecurity Strategy
The strategy has three levels: Robustness, resilience and defense. 95% of threats are reduced by building up the first two levels alone.
The first level, robustness, operates much like immunization in the health sector. It is not up to the government however. The individual organizations are responsible for their immunization.
The second level, resilience, has more government involvement. It involves information sharing, analysis and reduction of specific cyberattacks.
The third level involves responding to a mega event. This is exclusively the responsibility of the government, including finding the attacker and going after them.
Israeli early-stage start-ups received more investment than the U.S. start-ups because Israel had advantages in development of solutions that were based on deep technology, and they had more innovative solutions.
Clearly, Israel has earned their top placing in cybersecurity.