When Cyber and Geopolitics Intersect

10–18–2023 (Wednesday)

Hello and welcome to another edition of The Intentional Brief - your weekly video update on the one big thing in cybersecurity for growth stage companies, investors, and management teams.

I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.

Today is Wednesday, October 18, 2023, and we’re going to try to balance both zooming out and zooming in as the world enters another phase of geopolitical destabilization in Israel.

When Cyber and Geopolitics Collide

This week, the world - including the cybersecurity world - continues to have eyes on the conflict between Israel and Palestine in Gaza. There’s lots of obvious reasons why this is garnering attention that are discussed in plenty of depths in other places.

What I’d like to do here is focus a little bit on the cyber story - or potential story - coming out of this conflict and potential and existing conflicts like it.

First, I think it’s worth acknowledging that Israel has perhaps the world’s best pool of cyber talent, bar non - and on a per capita basis are certainly leading the world. Their cyber operations are likely in full swing supporting kinetic efforts across the theatre, in both a military and intelligence capacity.

At the same time, Israeli allies like the US and others are offering public and back channel warnings to Hamas and its proxies like Iran and North Korea that they should really think twice (or maybe even three times) before entering this fray.

Will we see cyber war at play here? We probably won’t see it, but it will probably be a part of the conflict, much in the same way that it continues to be a part of the conflict in Ukraine.

Russia and China continue to operate in a mixed military and intelligence manner, with additional support from threat actors with plausible deniability (think ransomware crews, etc.).

But what are we to make of this as investors, executives, and security teams?

For one, it’s tempting to get pulled into the natural dynamic around geopolitics and conflict. Tribalism is a very human function, and it’s always tempting to have an “other” to discuss in any context.

But the truth is that attribution - for defenders and operators alike - is largely irrelevant.

Certainly military, law enforcement, the intelligence community, and threat intelligence companies (or roles within large companies) have an interest in the who and the why (people + motivation), but for the vast majority of us, our cyber energy is better looking inward.

It doesn’t matter who is carrying out the attack when we’re in the midst of defending it. It doesn’t matter what their larger political or social goals are if they’re compromising our machines. All that matters is the things that we’re responsible for within our own spheres of influence, and ensuring that we’ve done everything we can to prepare for, identify, and be able to recover from whatever the landscape might throw at us - focused attack or collateral damage.

We need to double down on our efforts to understand baseline network and activities so that we can better identify anomalies. This means ensuring that tools, data, and alerts are in place, and that our teams are aware, trained, and practiced in responding to a variety of events.

We need to ensure that potential leverage points - like email and social media campaigns that use the attacks in Israel as a way to get attention and deliver malicious links or files - are minimized for our users. This may mean additional notes about awareness go out, or get addressed in an all hands, or that leadership needs to think about how to frame this issue in a sensitive way that keeps the level of responsibility high for all employees.

None of us are in the business of solving the conflict between Israel and Gaza, but each of us can get plenty distracted by the cyber (and other) implications.

I’m here to remind you that these distractions will continue, be it this one, Russia invading Ukraine, China posturing against Iran, North Korea and Iran doing their things, or any number of other domestic and international political issues. We need to make sure that we have a clear focus on what matters to our businesses, and be mindful of the intersectionality of these conflicts.

There’s plenty of other work to be done.

Fundraising

From a fundraising perspective, last week put up a very impressive amount of new funding, with a total of more than $24B in newly committed capital. The bulk of this number was contributed by Warburg Pincus announcing the raise of $17.3b for its 14th global flagship fund, so congratulations to our friends over there. Well done, and look forward to seeing that capital put to use in the near future.

To close the loop on the geopolitical angle, the public markets continue to be a bit shaky - largely due to the conflict in and around Israel, and certainly there are many tech startups at various stages who have employees, offices, funders, and customers in Israel and the conflict will impact them in a myriad of ways. Again, focusing on what we can control, optimizing for resilience, and working to prevent distraction amongst our teams is the order of the day.

You can find back issues of these videos and the written transcripts at intentionalcyber.com, and we’ll see you next week for another edition of the Intentional Brief.