This year’s Cyber France-Israel forum focused on the convergence of cybersecurity and AI. Nadav Zafrir: AI will become a new attack vector.
And for the third time, the guest speaker was Nadav Zafrir, long-time head of the IDF cyber-intelligence service, Unit 8200.
« AI is happening quickly, becoming easier to use and to understand for individuals and enterprises alike, » he began, « and when all of us use this technology on a daily basis, the impact will be dramatic. « Already, 50% of code on the cloud is AI generated, whereas a few years ago, the figure was zero. However, attackers are also taking advantage of AI. It will become a new attack vector. »
To put it simply, hackers, whether criminal, or linked to nation-states, or both, have access to the same AI technology as corporate, government and health care entities protecting their data and clients, or not.
Sharon Issaci, from former Team8 company Sygnia and a repeat CYFI participant, said, « We are integrating AI in our tools to help protect the AI used by our clients. And if cyber companies do not adapt as we are doing, they will be become irrelevant. » He added that until now, « the oil and gas, manufacturing and healthcare sectors have underinvested in security technology. »
Sygnia offers « one-stop » solutions for both operational tech (OT) and information tech (IT): detect, triage, forensic, contain, remediate and recover. He said few companies deal with both OT and IT.
Issaci’s European clients are mostly in the UK, Benelux, Germany and Switzerland. « We don’t have as many clients in France as we would like, » he said. « The French ecosystem must open up to outside wisdom and experience. »
Issaci also noted that following the AI wave, quantum computing will also be a big game changer. The only other person present to pronouce the word « quantum » was CYFI organiser Dominique Bourra. More from him in a bit.
Israeli companies present included Maor Investments, Silverfort, Vulcan Cyber, Adaptive Shield, BigID, Forescout, Reflectiz, Cyfox, Cybergym, Sygnia and from Team8: Cyberpion and its newest member, Gem Security. With at least a couple of top figures from Sygnia, the innovation Gem brings is its real-time detection, with built-in incident response know-how. The website includes a recommendation from former NSA boss Admiral Mike Rogers, a Team8 partner.
This was VP of Business Development Adi Foksheneanu’s first visit to France. « We already have clients in the US and elsewhere in Europe, » she said, « and we’d love to grow in France, hence the importance of this event. Technology must not be a sovereign-only collaboration. »
This was echoed by Pierre Calais from Egerie, a major French cyber supplier, who noted, « there is no real European market or vision. Each country has its local champions and its own approach to the cloud. »
Another French cyber provider present for the second time was Hugues Thiebeauld, the head of Bordeaux-based eShard, which focuses on testing of mobile phone devices and applications, often with clients in the banking sector. « We don’t work with many French companies, but we do work with many others in northern Europe, » he said.
And what about the CISOs, you may be wondering. The CISO at a major vehicle manufacturer already works with Team8’s Claroty, and is one of more than 300 people to attend the annual CISO Village gathering organised by Nadav Zafrir in Tel Aviv. This was his first time at the forum in Paris. « It’s always interesting to see what technology is out there, » he said, wishing to remain anonymous for an unknown reason.
The CISO at a major French on-line bank, a forum regular, who for some odd reason also wished to remain anonymous, said that he already works with Israeli cyber companies. « AI allows us to develop our client services, but it also helps hackers because it allows them, for example, to simulate human beings, » he commented. « I think the banking sector is the best protected of all because it is the classic target. For example, you might think, but wrongly, who would want to target a hospital ? »
Of course, the press coverage of an attack on a large public hospital south of Paris last September opened a lot of eyes here. Oana Nedelcu from Forescout, present at the October Paris forum, commented then that suddenly many hospital executives were very concerned and taking her calls. Now she says, « The problem is that public hospitals have little to no money for cybersecurity for either administrative or bio-medical operations. Signing with them is going to take time. »
Olivier Daloy, consultant for BluEnable and a former CISO at LVMH and Thales, commented, « We see companies and cutting edge technology at this forum that we see nowhere else in France. The master classes and speed dating 1on1 sessions are effective. And AI is speeding up technology innovation. »
Working between suppliers and small to mid-sized French company end users, Eric Melki at Infoclip commented that the forum went well for him, but that « in France, CISOs often do not get the recognition they deserve, even though director generals know there is a security problem, and AI is a whole new ballgame for many. »
Back to Nadav Zafrir. He told CISOs, « You must translate cyber into risk management to help board members understand security better. And hiring practices must change, because for some professions, AI will change work as we know it. » (it’s life, Jim, but not as we know it…Star Trek!!!)
He called on companies to introduce a mindset based on potential, not on experience or degrees, noting that at Team8, he never asks what kind of higher education degrees employees have, if any. « People are curious and agile, » Zafrir said. « You need to expose them to the right technologies and give them opportunities. »
Published by Globes, Israel business news – en.globes.co.il – on March 26, 2023.
© Copyright of Globes Publisher Itonut (1983) Ltd., 2023.