Cybersecurity Quality as the Pillar of National Cyber Resilience

Author: Elad Gabay, Cyber Program Manager & Business Development, Cyber Division, IAI/ELTA

National Cyber Resilience – Do not compromise on the Cybersecurity Quality of Mission Critical Systems

The emerging and ever-growing cyber threats aimed against nation-states, governments, critical infrastructures and private citizens present an ever-evolving challenge, where the defenders are hard-pressed to counter and even detect advanced, persistent and low signal threats.

Israel Aerospace Industries (IAI) Cyber Division has adopted a unique approach by providing early warning and detection of national-level complex cyber-attacks against government, critical infrastructures, as well as military and mission-critical organizations. This holistic approach enables combining heterogeneous security systems’ events and alerts with context-related information and incorporating various analysis engines to provide cyber situation awareness.

For many years, nation-states and large enterprises have signed large contracts acquiring sophisticated military solutions in order to strengthen their capabilities and position themselves in the international arena. Specifically, several countries are investing heavily in acquiring very advanced capabilities transforming them into dominant players.

In the military world, many standards have been written aiming to allow assessing the quality of the systems and to ensure a high level of usability and interoperability. The deployment of such systems typically lasts for several years because of the desire to verify and validate the capabilities of the system and subsystem under optimal conditions.

Companies are engaged

As we lift our heads towards the sky, we can see fighter jets that were created thirty years ago or even more. Similarly, many legacy systems have been on battlefields for decades. These systems were designed by excellent engineers based on the battlefield requirements at the time, with a forward vision of several years ahead. However, the current battlefield has changed. These systems were built for a particular format of threats.  Today, the attacker may not be holding a weapon but rather merely holding a keyboard.

Cybersecurity Quality of Mission Critical Systems – The IAI Way

For decades, IAI has developed robust product lines, which are delivered to many countries worldwide. IAI’s customers are purchasing its products because of their advantageous capabilities with a significant emphasis on quality.

IAI understands there is a paradigm shift, and is investing more in cybersecurity in order to maintain its business lines. IAI has set a goal of being one of the world’s leading companies in the field of national grade and military cybersecurity.

IAI understood there must be a change in how it operates and creates solutions in order to protect against opponents who are equipped with just a computer, and are constantly innovating and coming up with new attack tools, methods and techniques.  

In order to develop a cybersecurity solution in a rapid prototyping methodology, taking into account that each product merits a specific, tailored solution, the entire project engineers must work together, utilizing a security by design approach, as part of a companywide eco-system.

Development projects must register their needs, map out and assess their cybersecurity threats and risks, with a future outlook, and define the special structure of their systems. This allows for designing and tailoring an effective cybersecurity solution. In parallel, advanced cybersecurity tools and building blocks to confront current and future cyber threats must be developed.

In order to effectively map out and assess the threats and risks of complex, mission-critical systems, IAI has developed TRADES, a field-proven threat and risk assessment and methodology, and the TRADES tool – an open source, easy to use, tool supporting the methodology.

The TRADES tool has been published by IAI as an open source package on github.com/IAI-Cyber/TRADES.

IAI’s Cybersecurity Center (CSC), is an international center of excellence of cybersecurity expertise, which has the following task:

1. Protection of mission critical systems
2. Investigation of cyber incidents
3. Defining policy, procedures and guidelines
4. Designing and developing building blocks, infrastructure and technologies for cyber protection
5. Capacity buildup – continuous training and assessment of cybersecurity engineers.

The IAI Cyber Division is a one stop shop for national grade, end-to-end, cyber solution, by integrating best of breed commercial off-the-shelf solutions and products with unique building blocks developed in-house. The division’s national grade cyber solution incorporates state of the art technology, field-proven methodology, an adaptable framework in order to counter future threats that are bound to appear in the dynamic cyber domain, a framework for international collaboration and a field-proven framework for capacity build-up.

Follow Us

Cybersecurity Quality as the Pillar of National Cyber Resilience