Israeli cybersecurity outfit offers Asia lessons in hacker-fighting

TOKYO -- An Israeli cybersecurity training company is pushing into Asia, offering clients a people-driven approach to preparing for online attacks.

CyberGym is backed by Israel Electric Corp., a government-owned utility that fends off millions of cyberthreats every month. The training company's "white hat" hackers all have experience in the military or security agencies.

This month, CyberGym opened a training center in Tokyo through a joint venture with Japan's VLC Holdings. This is its second operation in Japan, as it also partners with Hitachi to provide training geared toward the energy sector.

The goal is to establish a global network of physical facilities for teaching companies and institutions how to protect themselves online.

CyberGym has a presence in eight countries. Since late last year, it has set up sites in Australia and New York, and it is to open a new one in South Africa in September. By 2020, it plans to expand to the U.K. and an additional state in the U.S.

"We want to connect all of them so that we have what we call WCWA -- World Cyber Warfare Arena," said Ofir Hason, CyberGym's chief executive and a veteran of the Israel Defense Forces' elite Unit 8200 intelligence division. This way, resources and information on new threats would be shared globally.

Speed is crucial for minimizing damage from cyberattacks -- and this is one area in which Asia has considerable room to improve.

CyberGym's new training center in Tokyo will teach companies how to contain attacks and learn from them.

U.S. cybersecurity company FireEye found that the median time for detecting cyberattacks is 498 days in the Asia-Pacific region in 2017, meaning attackers "maintain access in compromised organizations for far too long," FireEye said. The global median is 101 days.

The advent of the internet of things and spreading digitalization have also made companies more susceptible to attacks. A report by Check Point Software Technologies, another Israeli cybersecurity company, predicts hackers will increasingly target blockchains, cloud systems and IoT devices.

IEC is all too familiar with the danger. "On annual average, every two hours we found something new," said Yosi Shneck, the utility's senior vice president. Since it is difficult to detect every attack, Shneck stressed that "you have to be prepared, not only to defend the company but also to deal with events."

Unlike many cybersecurity companies that sell software, CyberGym focuses on human skills. Trainees range from mechanical and electrical engineers to members of information technology departments. There is also training for executives, who will have to make crucial decisions and handle public relations in the heat of an attack. 

Programs vary from enhancing basic awareness to preparing for attacks by international cyberterrorists. Companies learn how to contain attacks so that they can continue operating, as well as conduct investigations to strengthen their defenses for the future.

"Organizations got tired of buying niche products," such as firewalls and anti-virus software, because "they discovered it is not effective anymore," Hason said.

He said companies have to "race" to keep up with increasingly sophisticated hackers in Asia, many of whom hail from China and North Korea. At the same time, he said, the "battlefield is very unclear," meaning it is difficult to gauge the skill of one's adversaries and the tools they are using. Even distinguishing between "the bad guys and the goods guys" can be tough.

Hason said CyberGym is "definitely" considering expansion to other Asian countries, such as Vietnam and Thailand. "We still need to build business cases and find the right partner to do it."

He wants to continue building CyberGym's network beyond Asia as well, to countries where political issues do not get in the way. And Hason said he hopes to extend partnerships with academic institutions to "shift the chances for the good guys."