Recently odix CEO, Dr. Oren Eytan spoke with Jen Stone (Principal Security Analyst, MCIS, CISSP, CISA, QSA) of the Security Metrics podcast to discuss his journey from an innovative military cyber environment to the enterprise ecosystem: applying knowledge and leadership to different touchpoints of success. We have provided some highlights of the conversation below.
Jen Stone: Can you tell me about your experience in the Israeli military and how that paved the way for your current success?
Oren Eytan: I joined the Israeli Defence Forces (nearly 40 years ago), as nearly every Israeli does. My service began after I graduated with a bachelor’s degree in electrical engineering from Tel Aviv University. In the military I served as an engineer where I began primarily working in R&D. After many years of service, I rose to the rank of Col and lead MATZOV where I was responsible for the Center of Encryption and Information Security. My task was to protect all this infrastructure, and make sure that all the processes and all the units can, you know, communicate safely, can transfer data safely, and, in fact, make sure that the continuity of all the all the processes and the moves and the maneuvers that the military needs to do.
Jen Stone: What role did technological innovation have in the IDF’s perspective on the evolution of cyber risks?
Oren Eytan: if we go back to the 80s, the military was already leading the market in communication, the most sophisticated communication system were far and away military systems. And then the cellular systems emerged, that was the point where the civilian market was ahead of the of the defense and military market. Because they, they saw the potential, and then they got the lead in communications over the military and forced a reassessment. As a result, the military saw its short comings and made more of an active role in emphasizing technology to secure critical core infrastructure elements.
Jen Stone: what sectors are classified as critical infrastructure? What elements and broader factors characterize the prioritization of critical infrastructure?
Oren Eytan: I think the right way to characterize which sectors are deemed critical infrastructure, is by defining if this area suffers potential damage can that cause significant impact on public health and security of individual and nations. If, for example, if you hit the one of the US grids, and New York is going to be in the dark. I think that makes the grid critical infrastructure, because you don’t want, you know, millions of people to live in, in the dark, and in the hospitals that don’t have electricity. So it may cause a lot of casualties. I think the evaluation of importance must be based the impact to a society, if an industry is substantial damage will it affect thousands or millions of people ability to meet their basic needs by this disturbance.
Jen Stone: How is security risk assessment different between critical infrastructure enterprises and SMBs?
Oren Eytan: First, the in the size, I mean, when you are talking about critical infrastructure, you usually talk about enterprises and large enterprises. And obviously, when you are talking about SMBs obviously, that not that big. So, I said there are there are few or two major differences. One of them is you know, the critical infrastructure and need to protect itself against a specific set of threats. So, and these threats are much more severe than, you know, SMBs need to deal with because usually critical infrastructure or targets of, you know, nations and states and, you know, really heavy resource and very talented hackers and attackers.
So, first of all, I think the level of the threat is different. And that’s the reason. A lot of, you know, the critical infrastructure, what they are trying to do, is to do an assessment regarding the risk that they have, because they have so many of them. And so, they do some risk analysis, and then they see, okay, where are we vulnerable. And at this point, we need to protect ourselves in a better way, where SMBs, you know, they’re, they’re less aware. Usually, the attacks over there are more or less common because hackers also not going to invest a lot of, you know, efforts in attacking an SMB. So this is one big difference about the threat landscape. The other big difference is the way that and the behavior of critical infrastructure and assembly is critical infrastructure usually have their own on prem solutions, on prem systems.
Jen Stone: What is odix, and what do you do?
Oren Eytan: Not moving too much into the technical area, odix looks at files and file-based attachments and through our patented Content Disarm and Reconstruction process sanitize malware and malicious codes embedded into these files. We developed our own unique solution that is able to sanitize files is able to disarm the file from the malware, regardless of the malware type, (this is great for spotting zero-day attacks), because we’re completely agnostic to the malware type, we do what I call deep file analysis, we break the file to the smallest component, and then we do analysis on each part of it. And then we reconstruct this file again only from the good portion. Because our process is completely agnostic if there was a model, and we may even don’t know that the model was there, we simply ignore it. And we provide you a fully functional file that you can do whatever you want with it. Gartner gave it the name, CDR, content disarm and reconstruction. And but we’re doing much more than CDR, we’re doing all the deep fire inspection. And we’re doing a lot of stuff inside, in order to make sure that the file that you get the end of the day is clean and ready to go.
To watch the full podcast please visit https://www.securitymetrics.com/learn/cybersecurity-innovation-from-military-to-enterprise