Israel tightens homeland security cooperation with US
Government to government cooperation on homeland security cyber defense between the US and Israel is spiking, Merlin Cyber founder David Phelps has said in an interview.
During Phelp’s visit to Israel following a parallel visit by the US Department of Homeland Security to the Jewish state earlier this summer, he discussed the implications of US President Joe Biden’s executive order opening new US federal cybersecurity contracts to Israeli companies, estimated to be worth $200 billion.
Prior to Biden’s order, foreign companies, even from Israel, were often shut out of such sensitive US government cyber defense contracts.
Phelps said he works “Day to day with the Department of Homeland Security across a number of components, especially CISA [the Cybersecurity and Infrastructure Security Agency]. I work with them both at senior levels” and at the implementation levels, including helping America decide which technologies to acquire and how to integrate them.
But now there is an “increasingly pressing need for effective data protection in today’s uncertain world,” he said, noting the “special role of Israeli cyber technology in filling this need.”
He gave two examples of Israeli cyber firms, among others, already deeply involved in these processes and which he and Merlin assisted in breaking in.
One is CyberArk, whose work revolves around deals for technology for civilian agencies, and another is Forescout, which then rolls out cyber defense software to other federal government agencies.
Forescount is focused on network security, but cyber defense firms assist the US government with managing cyber events, identity security of employees and other issues. Three other Israeli firms which Merlin helped to penetrate into the US government market are Palo Alto Networks, Okta and Sepio Systems.
One agency Phelps discussed was the Department of Veteran Affairs, where outside companies are assisting with securing veterans’ personal healthcare digital data.
Penetrating the US government cyber market is still a big challenge for startups even if it is now legal, he said, because “it requires a strong presence in the region and readiness for the long sales cycles that come with selling to bureaucratic institutions.”
Further, while he said it was “not simple to convince some branches of the US government to adopt foreign technologies, it isn’t impossible either.”
ADDRESSING GOVERNMENT employees’ and the general public’s awareness of cyber vulnerabilities, Phelps said that there is “a little more awareness than in the past.”
When US consumers are directly affected, such as during the hack of the Colonial Pipeline Company, awareness grows because they think about “how cyber security can affect energy, can affect fuel prices.”
While adding that so far most of America’s infrastructure has not been hit hard by cyberattacks, many Americans unfortunately still do not see the cybersecurity threat as “front and center,” he said.
The job of his firm is to stay “ahead of the curve,” Phelps said, regardless of how aware the public may be.
Despite some important successes by the Biden administration in multiple rounds of creating new cyber duties and reporting rules for agencies and companies, the cyber expert said that fixing gaps “takes time to roll out initially across the government.”
Besides greater attentiveness to securing cyber supply chains generally, he said it is positive that “people want more insight into what they are buying” regarding their digital infrastructure.
Another challenge Phelps acknowledged was how reliant the US and the West have been and still are on Chinese technology products – this at a time of a technology race between the countries.
It will take a while before the US government and the broader American public are able to reduce their dependence on Chinese appliances, products built into cars and a variety of other technologies, he said.
It is unclear how many years it will take the US government to adjust, Phelps said, with a lot depending on shifting investments in manufacturing physical technologies, but that getting the US less reliant on China was well under way.
Prior to establishing Merlin in 1997, Phelps developed a deep understanding of the federal marketplace over 25 years, including serving in the US Navy and in industry positions with Ford Aerospace, Martin Marietta, Loral Aerospace and The Aerospace Corporation.
Merlin Ventures, the investment arm of Merlin Cyber, has an office in Tel Aviv dedicated to “sourcing Israeli technology and enabling cybersecurity companies to accelerate their scaling-up and sell to the American federal market at an earlier stage than before.”