Over the past year, the Foreign Affairs and Defense Committee`s Subcommittee for Cyber Affairs held a series of meetings and tours in order to study and oversee the state`s preparations with regards to cyber defense, as well as to examine the significance of the government`s decision to establish a National Cyber Defense Authority.
The subcommittee summed up its work in a report which sought to determine the appropriate distribution of authority and responsibility among all the bodies dealing with cyber defense, in order to provide the best possible response to the various threats Israel faces.
The report states that the threat of a cyber-attack on Israel is intensifying. The government and the security bodies recognized this challenge in time, according to the report, ”and over the past few years have taken important steps to formulate a response which matches the intensity of the threat.”
”The establishment of the National Cyber Defense Authority has created dilemmas regarding the distribution of responsibility between the Authority and other security bodies, which stemmed from different approaches to the cyber threat and what the correct defense strategy should be, as well as from the fear that without adequate supervision, a new body may have more capabilities than necessary.”
”There is no one body which can deal with this challenge, and tight cooperation between all the elements – with all their relative advantages – is required,” the subcommittee`s report states.
”During its work, the subcommittee was exposed to arguments and even friction between the various bodies, and it commented on this. It views the understandings that have been reached between the bodies recently as a positive development,” the report reads.
”The subcommittee attaches great importance to the establishment of the National Cyber Defense Authority and believes it should be the element in charge of cyber defense in the State of Israel.”
According to the report, the National Cyber Defense Authority ”will know to take all the civil, diplomatic and security considerations into account and will have access to the civil sector, the security establishment and its partners in the international community.”
The report also stated the following:
”The National Cyber Defense Authority will be in charge of strengthening the national resilience, endless guidance and the management of attacks on Israeli targets.
The security entities will continue to be in charge of the protection of [critical infrastructures), and will lead the activity which is endless and has security features for cyber defense. The proposed arrangement opens a path to differences of opinion and difficulties in imposing authority. There must be a clear mechanism to manage future disagreements.
In any case, the authority must not be made into another intelligence agency. The authority will be based on the [information] gathering abilities of existing intelligence bodies and on information which it receives through its people.
The committee praises the work and contribution of the National Cyber Bureau, as a body which is disconnected from daily events and which operates according to its main mission to turn Israel into a leading country in cyber defense.
The wording of the future cyber law must be written with the participation and involvement of all relevant bodies in the security and civil establishment. The law must ensure that the entrance of the authority as a new competitor will not [violate] the restrictions that were imposed until today on the Shin Bet, in all things related to ensuring the protection of individuals` rights.”