The Knesset Foreign Affairs and Defense Committee (FADC) published a report on Monday praising measures put forth by the government in the field of cyber-security, a field in which Israel is considered to be a global leader. The committee suggested guidelines for the administration of the new authority responsible for Israel's cyber-attack preparedness, but also expressed concerns that the new body, the National Cyber Authority, would not fit in well with the existing security agencies.
The committee's concern was echoed by politicians. "The National Cyber Authority and the security agencies are bodies with different interests and methods," said MK Anat Berko (Likud). "This is why I am concerned about the need to divide responsibilities between them."
"Since the National Cyber Authority is not a security agency and includes civilian bodies as well, I am afraid of the possibility of sensitive information leaking outside," added Berko.
A subcommittee of the FADC focusing on cyber security has held a series of discussions over the past year with the goal of studying and overseeing improvement of defenses against cyber attacks and of examining the implications of the government's decision to establish the National Cyber Authority as well as its implementation.
The new report summarizes the research conducted by the subcommittee and presents its conclusions on the optimal way to divide responsibility between the different bodies involved in cyber protection and on necessary further measures.
The report states that the cyber threat is a growing challenge to the State of Israel, but says that the government has recognized the threat in time and has started taking steps to prepare an adequate response.
The new authority will consider both security and political-diplomatic implications and will properly organize the gathering of information on cyber attacks against Israeli targets.
The authority will not gather intelligence independently, but will rely on the work of existing intelligence agencies. The Israeli security agencies will continue to be responsible for their own cyber protection and they will be the ones to actually collect the information.
Reprinted with permission by TPS