IT security, risk, governance, continuity and compliance
technologies are fast becoming some of Israel's top
exports.
Analysing and dealing with risk is inherent in Israeli society,
says Eyal Adar, founder of IT security assessment firm
White Cyber
Knight (WCK), which means Israeli firms are good at
security.
WCK is one of 40 IT security-related companies registered with
the Israeli business development organisation
Managing Investments Worldwide
(MiW). Eight were showcased in London by MiW with UK counterpart
Launchpad Europe.
The rapid project development many young Israelis learn during
military service prepares them well for life in a start-up, says
Adar. "Young people working in small groups to meet challenges with
limited resources is excellent training for a start-up way of
thinking."
Adar made his way from the military into security research for
the European Commission and then on to founding WCK.
The firm developed its WCK-Lancelot software between 2006 and
2008 to improve the way businesses manage security risk, governance
and compliance.
Adar's approach is to map IT components to business services to
present technical information in a way that is easily understood by
auditors and managers. "The software prioritises remediation
according to business criticality," he says.
Encryption is critical
GED-i, which was founded in
2006, specialises in protecting critical information through
encryption technology. Businesses are increasingly relying on
IT-based storage for their key data assets, but much of that data
is still raw and unprotected, says David Saar, GED-i
co-founder.
Encryption is a critical last layer of defence and will become
as common in business organisations as firewalls, he says.
GED-i has spent three years developing a standards-based
enterprise data encryption system that uses millions of keys, one
for each data segment. This offers a high level of security and
control to data owners, which will be particularly useful in a
cloud-based computing era.
GED-i's technology is designed to prevent hackers from
assembling data in a readable form, even if they crack the
encryption codes.
The latest enhancements to the system can shuffle data segments
and randomly rewrite the data to ensure it cannot be recovered,
even by a sophisticated forensics specialist.
SaaS authentication
Voice recognition is at the heart of a leading-edge
authentication software-as-a-service (SaaS) offering from
Haifa-based Sentry Com. The
service provides financial and other organisations a way of
authenticating users and transactions that cannot be manipulated or
circumvented by hackers.
Cybercriminals are using a growing number of Trojans to steal
identities, which means that every transaction needs to be
verified, says Eli Talmor, chief executive at Sentry Com.
The service verifies users' hardware and voice biometrics,
username and password, to provide three-factor authentication.
"Once authorised, users are able to digitally sign transactions
independently of the browser sessions used for online banking,"
says Talmor.
The transaction record provides irrefutable proof for both the
bank and end-user of the details of that transaction, making it
impossible for hackers to modify.
The service, which is to be launched at the end of the year on
Amazon's cloud-based computing platform, avoids the weaknesses of
phone and mobile text channels and the inconvenience of token-based
authentication, says Talmor.
The SaaS model enables organisations to use the technology
without hardware or other costs, he says.
Sentry Com's authentication service has been piloted by Rolls
Royce, which is using the system internally, and the municipality
of Rome, which plans to roll out the system for use by citizens to
access services.
These and other companies at the London showcase event
demonstrate that Israeli firms are a growing force.