Guidelines for a National Cyber Strategy | INSS
go to header go to content go to footer go to search
INSS logo The Institute for National Security Studies, Strategic, Innovative, Policy-Oriented Research, go to the home page
INSS
Tel Aviv University logo - beyond an external website, opens on a new page
  • Contact
  • עברית
  • Support Us
  • Research
    • Topics
      • Israel and the Global Powers
        • Israel-United States Relations
        • Glazer Israel-China Policy Center
        • Russia
        • Europe
      • Iran and the Shi'ite Axis
        • Iran
        • The Israel–Iran War
        • Lebanon and Hezbollah
        • Syria
        • Yemen and the Houthi Movement
        • Iraq and the Iraqi Shiite Militias
      • Conflict to Agreements
        • Israeli-Palestinian Relations
        • Hamas and the Gaza Strip
        • Peace Agreements and Normalization in the Middle East
        • Saudi Arabia and the Gulf States
        • Turkey
        • Egypt
        • Jordan
      • Israel’s National Security Policy
        • Military and Strategic Affairs
        • Societal Resilience and the Israeli Society
        • Jewish-Arab Relations in Israel
        • Climate, Infrastructure and Energy
        • Terrorism and Low Intensity Conflict
      • Cross-Arena Research
        • Data Analytics Center
        • Law and National Security
        • Advanced Technologies and National Security
        • Cognitive Warfare
        • Economics and National Security
    • Projects
      • Preventing the Slide into a One-State Reality
      • Contemporary Antisemitism in the United States
      • Perceptions about Jews and Israel in the Arab-Muslim World and Their Impact on the West
  • Publications
    • -
      • All Publications
      • INSS Insight
      • Policy Papers
      • Special Publication
      • Strategic Assessment
      • Technology Platform
      • Memoranda
      • Posts
      • Books
      • Archive
  • Database
    • Surveys
    • Spotlight
    • Maps
    • Real-Time Trackers
  • Events
  • Team
  • About
    • Vision and Mission
    • History
    • Research Disciplines
    • Board of Directors
    • Fellowship and Prizes
    • Internships
    • Newsletter
  • Media
    • Communications
    • Video gallery
    • Press Releases
  • Podcast
  • Newsletter
New
Search in site
  • Research
    • Topics
    • Israel and the Global Powers
    • Israel-United States Relations
    • Glazer Israel-China Policy Center
    • Russia
    • Europe
    • Iran and the Shi'ite Axis
    • Iran
    • The Israel–Iran War
    • Lebanon and Hezbollah
    • Syria
    • Yemen and the Houthi Movement
    • Iraq and the Iraqi Shiite Militias
    • Conflict to Agreements
    • Israeli-Palestinian Relations
    • Hamas and the Gaza Strip
    • Peace Agreements and Normalization in the Middle East
    • Saudi Arabia and the Gulf States
    • Turkey
    • Egypt
    • Jordan
    • Israel’s National Security Policy
    • Military and Strategic Affairs
    • Societal Resilience and the Israeli Society
    • Jewish-Arab Relations in Israel
    • Climate, Infrastructure and Energy
    • Terrorism and Low Intensity Conflict
    • Cross-Arena Research
    • Data Analytics Center
    • Law and National Security
    • Advanced Technologies and National Security
    • Cognitive Warfare
    • Economics and National Security
    • Projects
    • Preventing the Slide into a One-State Reality
    • Contemporary Antisemitism in the United States
    • Perceptions about Jews and Israel in the Arab-Muslim World and Their Impact on the West
  • Publications
    • All Publications
    • INSS Insight
    • Policy Papers
    • Special Publication
    • Strategic Assessment
    • Technology Platform
    • Memoranda
    • Posts
    • Books
    • Archive
  • Database
    • Surveys
    • Spotlight
    • Maps
    • Real-Time Trackers
  • Events
  • Team
  • About
    • Vision and Mission
    • History
    • Research Disciplines
    • Board of Directors
    • Fellowship and Prizes
    • Internships
  • Media
    • Communications
    • Video gallery
    • Press Releases
  • Podcast
  • Newsletter
  • Contact
  • עברית
  • Support Us
bool(false)

Publications

Home Publications Memoranda Guidelines for a National Cyber Strategy

Guidelines for a National Cyber Strategy

Memorandum No. 153, Tel Aviv: Institute for National Security Studies, March 2016

עברית
Gabi Siboni
Ofer Assaf
Photo: Getty Images

In recent years, activity in cyberspace has developed at a rapid and intense pace. In 2002, the government of Israel addressed this challenge by establishing the National Information Security Authority. Since then, Israel’s functional continuity has become even more dependent on technology in general, and on cyberspace activity in particular. As a consequence of this dependence, the threats to Israel’s functional continuity have intensified. Numerous states and enemies are systematically developing capabilities and acting against various systems and elements in Israel. In January 2012, the Israeli government established the National Cyber Bureau to regulate activity in cyberspace. The subsequent establishment of a National Cyber Defense Authority represents another step in this direction. In parallel, Israel must work to consolidate and outline a national strategy for activity in cyberspace, which will serve as the cornerstone of national growth in cyberspace. The primary document should be a national policy framework for cyberspace activity, which will define the overall national goals in the field of cyber activity and the methods for integrating them in defense, the economy, and other national efforts. Thereafter, each state entity will be required to formulate its own organizational strategy for cyber activity.




 Executive Summary

In the past few years, activity in cyberspace in the State of Israel has developed at a rapid and intense pace. In 2002, the government of Israel addressed this challenge by establishing the National Information Security Authority. Since then, Israel’s functional continuity has become increasingly dependent on technology in general, as have other countries worldwide, and on cyberspace activity in particular. As a consequence of this dependence, the threats to Israel’s functional continuity have intensified. Numerous states and enemies are systematically developing capabilities and acting against various systems and elements in Israel.

Several years ago, the Israeli government established the National Cyber Bureau to promote and regulate activity in cyberspace. The establishment of a National Cyber Defense Authority represents another step in this direction.

In parallel, Israel must work to consolidate and outline a national strategy for activity in cyberspace, which will serve as the cornerstone of national growth in cyberspace. The document outlining the national strategy should be one of several documents. The primary document should be the national policy {image} framework for cyberspace activity, which will define the overall national goals in the field of cyber activity and the methods for integrating them in the defense, economy, and other national efforts. Finally, each state entity operating in this space will be required to formulate its own organizational strategy for cyber activity.

Activity in cyberspace includes a number of components: one is defense, which is a fundamental element. The following entities in Israel require defense: institutions responsible for state security; institutions supplying essential services, and those responsible for administrative procedures and everyday life; and the institutions for which an attack would influence morale and the general sense of order, governance, and sovereignty. The sources of the cyber threat are multiple, and include hostile states, enemy states, terror organizations, hacktivists, and even private individuals. In parallel, the State of Israel is also exposed to criminal activity in cyberspace, including business espionage and intellectual property theft, financial crime, and other types of crime that take advantage of the cybernetic space (drug dealing, pedophilia, arms dealing, and so forth).

In addition to the defense component, Israel also must address the offensive component on a national level. Naturally, the ability to cover these components in this paper is extremely limited. Rather, the goal of this document is to propose guidelines for formulating a national cyber strategy in the field of defense and offense. These guidelines do not encompass all aspects of the field; they do not relate to the legal features nor to issues relating to Israel’s cyber industry.

The primary objective of a national cyber defense strategy is to maintain the state’s functional continuity. A second goal is to enable the relevant Israeli authorities to decide upon and implement operations against enemies in the cybernetic and kinetic space, with confidence in the state’s ability to withstand a cyberattack. In the defense strategy, we propose to differentiate between three types of attacks: 1) advanced persistent threat (APT) – penetration into the depth of an organization’s computer system; 2) rapid, superficial attack, which has immediately recognizable results, and aims to change the site or prevent access to it and to the services it provides in the cybernetic space (Defacing, DDoS); 3) infrastructure attack – by damaging hardware components.

We suggest the following recommendations for preventing and defending against the three types of attacks:

1. Construct the system with a combination of tools and capabilities that do not require previous information and knowledge of attack components and methods, with an advanced capabilities system based on previous knowledge, specifically for defense against APT attacks.

2. Implement inter-organizational information exchange of reports on attacks.

3. Formulate a continuous and broad national cybernetic status assessment by organizations such as a national Computer Emergency Response Team (CERT).

4. Establish rapid response teams, using research and data on attack tools and attack groups.

5. Cooperate with commercial defense and intelligence organizations, as well as international bodies.

6. Develop ongoing intelligence collection about enemies and opponents for the purpose of warning.

7. Formulate a plan for cybernetic response as part of a possible means of deterrence.

8. Develop the ability to recover from an attack when possible, with the understanding that the line of defense is bound to be breached, and thus Israel must organize for rapid recovery following successful enemy attacks.

9. For superficial attacks – establish the ability to recover rapidly and provide the bandwidth that overcomes blocks, by integrating with internet suppliers in the civilian sector.

10. Use ability to rapidly transfer attacked sites to alternative, temporary host sites.

11. Establish a national capability for analyzing hardware attacks due to the technological difficulty of identifying hardware attacks. This should be done in parallel to the use of locally manufactured hardware in cases requiring an exceptional level of security.

We analyzed additional issues in the chapter on defense. The need to develop a national capability to recover from a cyberattack is critical, in the understanding that the “line of defense is bound to be breached” as a determined enemy will succeed in penetrating any defense, no matter how sophisticated. Therefore, Israel will need to construct appropriate mechanisms for recovery and return to routine as soon as possible. In addition, we examined the organizational issue, through an understanding that the State of Israel should be able to provide a response, both for the security sector and for civilian sector. The security organizations must continue to manage the cyber defense of the state’s security sector, while cyber activity targeting the civilian sector will be handled by Israel’s law enforcement bodies, headed by the Israel Police. The National Cyber Defense Authority will demand cooperation and synchronization between all entities and monitor the existence and enforcement of regulation in the civil arena, which is most exposed to cyberattacks. In this context, we recommend adopting a regulatory approach in the civil sector that will mandate the cyber defense field as a component integrated within existing statutory processes, both in the founding stages for business initiatives (licenses from the various statutory planning committees) and in their operational process (business licensing law). We suggest that in this framework, businesses should be required to issue a cyber resilience report. This document will serve as the main statutory tool for identifying and analyzing the vulnerability of a business to a cyberattack, and for formulating processes of defense of these vulnerable points.

This document also relates briefly to cyberattacks and examines several attack scenarios, including attack in overt and obscure situations; attack as a method of communicating a message; and attack as part of a covert campaign. The main recommendations in this context are as follows:

1. Israel’s security organizations should be required to integrate tools for cyberattacks in their operative plans and in the actual use of force in battle, in both emergency and routine situations.

2. Cyberattack should not stand alone. It must be part of a general plan in order to wield influence in a comprehensive, overt conflict.

3. An effective attack is not necessarily a sophisticated APT attack. We recommend to fully utilize the ability to implement an effective cyberattack on a specific target through superficial, rapid, broad attacks on targets, even if these are not so-called “gold targets” (military targets, national infrastructure).

4. An effective cyberattack can be implemented through proxies, without the need to take responsibility.

5. A significant cyberattack requires build-up of force, knowledge of the target, and advanced planning.

6. A cyberattack can represent a stage in “dialogue” between countries, when the goal of the attack is to communicate a message.

7. Attackers should be integrated within Israel’s central cyber defense system, as part of the regular planning and operation of the defense system.

In conclusion, this document recommends leveraging the informality of Israeli culture. Israeli society enjoys inherent characteristics of broad personal connections through social networking, a casual manner of interaction, desire to help others, willingness to participate in activities of a national and patriotic nature, and a need to be “at the center of things” and to prove personal and professional relevance. These attributes enable recruitment of many individuals when needed, whether to assist friends or for a national goal, and all the more so in cases that combine these two motives. This type of informal activity is constant and occurs in a high percentage of cases that require it. Because it is voluntary, based on good will, and reinforced by Israeli culture, it is more intense and sometimes of even higher quality than cooperation due to structured, legal, or regulatory obligation. This type of activity can make a significant contribution to cyber defense in Israel, and should be utilized.

Finally, a substantial part of the strategy document should remain open to the public. Such a document should also include sections for classified issues that should remain undisclosed and that will assist in coordination and synchronization of the defense organizations operating in Israel, as far as this is possible. Formulating the document is an important and achievable challenge that can determine Israel’s status as a global leader in the cyber field.

 

The opinions expressed in INSS publications are the authors’ alone.
Publication Series Memoranda
TopicsAdvanced Technologies and National SecurityMilitary and Strategic AffairsSocietal Resilience and the Israeli Society
עברית

Events

All events
The 18th Annual International Conference
25 February, 2025
08:15 - 16:00

Related Publications

All publications
Ukraine’s Southern Operational Command/Telegram
Loitering Munitions (Explosive UAVs)
The confrontation states and the terrorist organizations facing Israel are arming themselves with massive quantities of loitering munitions. Their low cost and ease of use make them a significant, clear, and immediate threat—especially when launched in swarms. Addressing this challenge will require substantial investment to improve detection and neutralization capabilities. This threat analysis concludes with recommendations for countering this threat.
25/06/25
Shutterstock
Clouds of Competition—China’s Rise in the Middle East Cloud Market
China's technological presence in the Middle East is expanding – and its integration into the regional cloud market is just one of many examples. What challenges do these steps pose for Israel?
26/05/25
Rafael
Boost-Phase Interception (BPI) of Ballistic Missiles
Intercepting missiles and rockets at the earliest stage of their launch is an offensive action with a distinctly defensive character. Its goal is to prevent direct or collateral damage in the attacked state while inflicting maximum harm on the aggressor. For Israel, this interception method has a compounded advantage due to its small size, the threats posed by Iran and its proxies in both the near and far “ring of fire,” and the high potential for damage from strikes on civilian and military infrastructure. This article reviews the challenges and technological developments in missile and rocket interception, relevant geopolitical aspects, and lessons for the State of Israel.
09/03/25

Stay up to date

Registration was successful! Thanks.
  • Research

    • Topics
      • Israel and the Global Powers
      • Israel-United States Relations
      • Glazer Israel-China Policy Center
      • Russia
      • Europe
      • Iran and the Shi'ite Axis
      • Iran
      • The Israel–Iran War
      • Lebanon and Hezbollah
      • Syria
      • Yemen and the Houthi Movement
      • Iraq and the Iraqi Shiite Militias
      • Conflict to Agreements
      • Israeli-Palestinian Relations
      • Hamas and the Gaza Strip
      • Peace Agreements and Normalization in the Middle East
      • Saudi Arabia and the Gulf States
      • Turkey
      • Egypt
      • Jordan
      • Israel’s National Security Policy
      • Military and Strategic Affairs
      • Societal Resilience and the Israeli Society
      • Jewish-Arab Relations in Israel
      • Climate, Infrastructure and Energy
      • Terrorism and Low Intensity Conflict
      • Cross-Arena Research
      • Data Analytics Center
      • Law and National Security
      • Advanced Technologies and National Security
      • Cognitive Warfare
      • Economics and National Secutiry
    • Projects
      • Preventing the Slide into a One-State Reality
      • Contemporary Antisemitism in the United States
      • Perceptions about Jews and Israel in the Arab-Muslim World and Their Impact on the West
  • Publications

    • All Publications
    • INSS Insight
    • Policy Papers
    • Special Publication
    • Strategic Assessment
    • Technology Platform
    • Memoranda
    • Database
    • Posts
    • Books
    • Archive
  • About

    • Vision and Mission
    • History
    • Research Disciplines
    • Board of Directors
    • Fellowship and Prizes
    • Internships
    • Support
  • Media

    • Communications
    • Video Gallery
    • Press Release
    • Podcast
  • Home

  • Events

  • Database

  • Team

  • Contact

  • Newsletter

  • עברית

INSS logo The Institute for National Security Studies, Strategic, Innovative, Policy-Oriented Research, go to the home page
40 Haim Levanon St. Tel Aviv, 6997556 Israel | Tel: 03-640-0400 | Fax: 03-744-7590 | Email: info@inss.org.il
Developed by Daat A Realcommerce company.
Accessibility Statement
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.