Targets of politically motivated cyber-attack are often singled out for very specific reasons. But for Ilan Abadi, CISO of Teva Pharmaceuticals, his employer’s nationality is all it takes.
“Teva is associated with the Israeli flag so we are always under attack by radicals or activists coming from the regional conflict. Teva is one of the biggest companies in Israel; activists recognize that,” he tells Infosecurity at RSA Conference 2015.
The medicine giant has over 43,000 employees worldwide in 60 countries; in 2014 alone it produced 60 billion tablets, and one in eight prescriptions in the US originates with Teva, Abadi explains. Though founded in Israel, it is a truly global organization, one with vast IT infrastructure.
But as if managing the security of an organization of this size wasn’t complicated enough, Teva’s position as an Israeli company leaves it open to aggressive and persistent cyber-attack. With more than 300 websites in many languages, most of them hosted outside Israel, managing Teva’s security requires a particularly aggressive defense posture, Abadi explains.
“Most of the attacks are against web servers. Maybe it’s about vandalism or to get to the data and embarrass Teva, or even to get from those sites inside the network, because some of them connect to databases in our network. For that we need a special and advanced solution. We need the right tools that can serve all kinds of platforms and devices.”
To combat many of the unique problems Teva experiences, it has begun deploying technology from Sentrix, another company with Israeli origins. Its co-founder, Israel Barak, started his career in the Israeli cyber defense forces, founding the Red Team unit responsible for compromising Israeli defense systems to identify gaps.
Sentrix bases much of its R&D operations in the US, giving Barak a strong insight in how companies operate differently in the two regions – particularly when it comes to hiring skilled personnel.
“If you’re looking at the R&D people we recruit in Israel, one of the differences I see is the level of independence and the confidence of their ability to achieve their goals working individually or in small teams,” he explains. “Often in the US, people are used to working in large groups. In the Israeli defense forces people get used to working in small teams to achieve very specific goals.”
Abadi also believes that Israel’s national service program has a positive impact on developing people with the right skills for security jobs: “In Israel you become older very young. At 18 you join the army; you have to be mature very fast.”
However, while he believes Israel is very good at dealing with short-term problems, Abadi sees the US as possessing more advanced cyber capabilities in the long run: “The US has the ability to have a dream and make it come true in the long term. In Israel we’re so focused on whether we’ll stay on the map or not.”
This difference in situation is borne out also in the way that organizations collaborate with government on cyber intelligence-sharing. In Israel, Abadi suggests, the focus is always defense as it relates to short-term conflict. In the States, meanwhile, he sees a greater emphasis on intel-sharing that benefits the business landscape.
“In the States they realize that if something goes wrong with the economy it’s going to harm the US. People will lose jobs; so I see that the States has more tools and is more involved. Look at Sony; the government knew after just days what had happened.”
He adds: “In Israel our problem is more physical, in terms of ISIS and other groups. Israel has a very high level of attack capabilities but not necessarily defense. It’s only just begun that the government is looking at business needs, so there is a growing budget. A company like Teva cannot budget for the kinds of attacks that activists or governments can raise. Most of the companies now realize that there is another border to Israel, and it is not a physical one.”