NATASHA COHEN, RACHEL HULVEY, JITTIP MONGKOLNCHAIARUNYA ... · feedback: Bob Butler, Amir Becker, Chris Cook, Chris Fogle, Cliff Zintgraff, Dan Blumberg, Ian Whiting, John Dickson,

NATASHA COHEN, RACHEL HULVEY, JITTIP MONGKOLNCHAIARUNYA, & ANNE NOVAK WITH ROBERT MORGUS & ADAM SEGAL

CYBERSECURITY AS AN ENGINE FOR GROWTH

SEPTEMBER 2017

About the Authors

Natasha Cohen received a master of public administration from Columbia University’s SIPA and is director of cyber policy and client strategy at BlueteamGlobal.

Rachel Hulvey received a master of international affairs from Columbia University’s SIPA and researches international maritime law related to governance of islands in the South China Sea.

Jittip Mongkolnchaiarunya received a master of international affairs from Columbia University’s SIPA and is a research assistant at the University of Sydney.

Anne Novak received a master of international affairs from Columbia University’s SIPA and is a security analyst for Afghanistan.

Robert Morgus is a senior policy analyst with New America’s Cybersecurity Initiative and deputy director of the FIU-New America C2B Partnership.

Adam Segal is the Ira A. Lipman chair in emerging technologies and national security and director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations.

Acknowledgments

The authors would like to thank Adam Segal and Robert Morgus for their guidance and assistance with the development of this project and the refining of the content of this paper. As well, we appreciate the support from the School of International and Public Affairs (SIPA) at Columbia University, and New America and the extensive help of New America’s staff for their support on this project. In particular, we want to thank Ian Wallace who provided us with feedback and strategic support as the co-director of New America’s Cybersecurity Initiative.

We would also like to thank the experts we interviewed for this project and the reviewers who provided us with feedback: Bob Butler, Amir Becker, Chris Cook, Chris Fogle, Cliff Zintgraff, Dan Blumberg, Ian Whiting, John Dickson, Joseph Krull, Joseph Sanchez, Ken Pollock, Lior Tabansky, Menny Barzilay, Robert Katz, Roni Zehavi, Stephen Rhodes, William Garrett, and Yoav Tzuya.

About New America

New America is committed to renewing American politics, prosperity, and purpose in the Digital Age. We generate big ideas, bridge the gap between technology and policy, and curate broad public conversation. We combine the best of a policy research institute, technology laboratory, public forum, media platform, and a venture capital fund for ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who believe deeply in the possibility of American renewal.

Find out more at newamerica.org/our-story.

About the Cybersecurity Initiative

The goal of New America’s Cybersecurity Initiative is to bring New America’s focus on big ideas, bringing together technology and policy, and public engagement to the cybersecurity conversation. In doing so, the Initiative provides a look at issues from fresh perspectives, an emphasis on cross-disciplinary collaboration, a commitment to quality research and events, and dedication to diversity in all its guises. A collaboration between New America’s Open Technology Institute and International Security program, our work explores important cybersecurity policy questions at all levels of government and policy making, from the state and local to national and international. Examining issues from the vulnerabilities equities process in governments and the importance of cybersecurity policy at the state and local level to the potential of strong and stable international regimes to promote better cybersecurity, New America’s Cybersecurity Initiative seeks to address issues others can’t or don’t and create impact at scale.

Our work is made possible through the generous support of the Florida International University, the William and Flora Hewlett Foundation, Microsoft Corporation, the Government of the United Kingdom, Endgame Inc., and the MITRE Corporation.

Find out more: newamerica.org/cybersecurity-initiative

http://newamerica.org/our-story

http://newamerica.org/education-policy

Contents

Executive Summary 2

Introduction 3

Study Methodology 4

What Drives Industry Clustering? 5

Understanding the Cybersecurity Industry 7

Case Studies 10

National Government Planning: Beersheba, Israel 10

Riding the Coattails: Malvern, United Kingdom 13

Local Government Planning: San Antonio, Texas, United States 15

Common Factors for Cluster Growth 19

Recommendations for Policymakers 23

What We Don’t Know 24

Notes 25

CYBERSECURITY INITIATIVE2

Cybersecurity is one of the fastest growing industries in the world. In light of greater demand from private businesses, consumers, and the public sector, the global cybersecurity market is expected to increase to $125 billion in 2020, while cybersecurity unemployment is expected to remain at zero percent. National and local governments are actively seeking to leverage this dramatic projected growth by developing and attracting cybersecurity talent and industry. So far, cybersecurity ecosystems have popped up in various places around the globe, usually in regionally-defined “clusters” that provide the necessary factors to support development.

This study examines three case studies, Beersheba, Israel; Malvern, United Kingdom; and San Antonio, United States, to begin to shed light on how national and local governments can attract and develop a cybersecurity industry. While each geography is unique and driven by factors specific to its particular situation, this study has been able to draw several conclusions about factors that contribute to cluster growth:

1. Proximity to government cybersecurity functions enables a local talent pool, and opens up contracting opportunities. Government employees cycling out of government service can also seed the area with local companies, especially if support programs like incubators

or bootcamps are available to help the transition to the private sector.

2. The ability to attract or develop a workforce is imperative. Workforces can be attracted from other parts of the country or world if the quality of life is perceived to be superior. In addition, higher education institutions, if properly structured, as well as government and military institutions can play a large role in helping to develop or create a local workforce.

3. Research centers and incubators provide much-needed capacity to develop a workforce and capture valuable intellectual property. Technology transfer programs, which are often run by major government entities or universities, can also be facilitated by providing incentives to large businesses to transfer technology and practice to smaller businesses and startups.

4. Industry leadership helps focus development programs, raise public awareness, and bring crucial capital to the market. Industry leaders can come from the government in the form of government cybersecurity agencies or military cyber units, large companies or chambers of commerce, and academia.

EXECUTIVE SUMMARY

CYBERSECURITY INITIATIVE Cybersecurity as an Engine for Growth 3

The initial set of recommendations is:

1. Partner with the private sector and local nonprofits.

2. Be creative and develop a program that is customized to the particular area.

3. Develop connections between military and government units that have use for the local talent and the companies that surround them.

4. Facilitate the local placement of national government cybersecurity capacities.

The report then concludes by highlighting a number of questions we don’t yet have the answer to but that would be useful for better understanding cybersecurity cluster growth, including:

1. Is sector specificity going to drive the future of the cybersecurity industry?

2. What are the best ways to train and educate a cybersecurity workforce?

3. Does making your locality “cybersecure” attract other industries and investments?

INTRODUCTION

Cybersecurity is one of the fastest growing industries in the world. Projections anticipate that global spending on cybersecurity products will reach $1 trillion cumulatively over the next four years and that cybersecurity unemployment will remain at zero percent over that period of time as job openings continue to outpace supply.1 With such dramatic growth, the cybersecurity industry has the potential to function as a major driver of economic growth. In regions where cybersecurity industry “clusters” have popped up, this regional concentration can produce substantial contribution to the local economy. Given the positive future

projections of the overall need for cybersecurity, national and local governments are actively seeking to attract and develop cybersecurity capacity. As the Christian Science Monitor noted, many localities want to incubate cybersecurity industry clusters, but few have achieved this goal.2

Through an analysis of the cluster economy literature and a comparison of three different cases that vary in geography, structure, and stage of development, this study begins to identify factors that have so far driven the development of local cybersecurity industries. Close analysis of clusters


in Beersheba, Israel; Malvern, United Kingdom; and San Antonio, United States, have yielded distinct conclusions that can help other countries and local governments analyze their own markets and inform future decision making. Our initial findings suggest that proximity to governmental cybersecurity functions, the ability to either attract or develop a workforce, the presence of research centers, and strong industry leadership are major contributors to cybersecurity cluster growth.

This report will review existing theory surrounding agglomeration economies and provide an overview of the economics of the global cybersecurity market and the current state of clustering. It will then focus on three key case studies to draw conclusions and highlight lessons for stakeholders. The primary goal of this study is to compile and analyze relevant information from interviews and literature to provide a launching pad for future studies.

To complete the research in this report, the team conducted a thorough literature review of existing academic and journalistic writing on agglomeration economics (the theory behind clustered development) and the cybersecurity ecosystem. The team also used summaries of similar clusters as a reference and guide during this study.

The research team selected three case studies as examples: Beersheba, Israel; Malvern, United Kingdom; and San Antonio, United States. These case studies were selected for their differences in maturity, size, and geography, and were chosen to provide an effective, if limited, sample from

which to generate summary conclusions about the development of cybersecurity clusters. The team used a combination of desk research, phone interviews, and questionnaires to gather information about each cluster.

The team deliberately opted against examining Silicon Valley, California and the greater Washington, D.C. metro area because while these are important cybersecurity clusters, the co-location of technology and defense clusters makes isolating development factors specific to cybersecurity highly difficult.

STUDY METHODOLOGY


To explain the emergence of competitive industries and the increased output from a specific region, a branch of development theory has focused on the positive inputs and externalities created by agglomeration economies, otherwise known as “clusters.” The concentration of firms supports the development of regional clusters by:

1. Lowering input costs, such as skilled talent, capital, and technology through economies of scale; and

2. Facilitating productivity growth through information sharing and knowledge spillover so each firm produces more output per input.3

Existing cluster literature highlights four main pillars of innovation economies: social and business networks, research institutes and universities, relevant industries and sectors, and government policies. Figure 1 shows in greater detail how each contributes to the growth of local clusters.

Social and Business Networks

Sociologists stress the impact of knowledge transmission in fostering development. Bathelt, Maskell, and Mamberg, for example, argue that

a critical driver of growth is the creation of an information and communication ecology, where the co-location of many firms within a region diffuses knowledge through face-to-face contact,4

participation in conferences, and informal meetings.5 Given the sensitive and competitive nature of the technology industry, later research has defined more precisely how knowledge transmission occurs. In her book, Saxenian describes how the rapid movement of technologically sophisticated employees between firms in the region drove growth in Silicon Valley. She postulates that benefit from knowledge spillover from this constant exchange of personnel exceeded, and continues to exceed, the loss from the departure of experienced personnel.6

A ban on non-compete agreements in the California legal code further encouraged labor mobility, which has been key to the development of the Silicon Valley technology industry.7

Research Institutes and Universities

Higher education institutions boost factor productivity by increasing the availability of labor and intellectual capital in a region.8 Studies have shown that the productivity of manufacturing plants in cities that experience large increases in the share of college graduates rise more

WHAT DRIVES INDUSTRY CLUSTERING?


than the productivity of similar plants in cities that experience small increases in the share of college graduates.9 Reports from the Seoul, Korea technology cluster further support this finding and tie it concretely to the technology field, demonstrating the critical contribution of universities to economic development through the preparation of high-quality graduates.10

Private research and development institutions (independent or as units of existing companies) also contribute to the development of technology clusters, as they allow the firm to limit risk during the uncertain process of developing technology and support knowledge sharing efforts. The R&D centers in the Cambridge, United Kingdom technology cluster demonstrate the benefit of utilizing firms that each have multiple clients operating in the same space, as they are able to act as knowledge transmission mechanisms that increase the overall quality and exposure of new research.11

Relevant Industries and Sectors

No industry exists on its own; the relationships built with other relevant industries and sectors play a key part in the development of business and expertise in a region. Surrounding or related industries provide key financial resources and the customer base that drives growth. They also allow for the transfer of industry-specific information and expertise needed to facilitate a successful

business ecosystem. 12 Public-private cooperation, as demonstrated by biotechnology clusters in Belgium and Germany, can also provide additional monetary, knowledge, and operational resources.13 Public-private partnerships (PPPs) come in three varieties: financial partnerships, partnerships based on expertise, and partnerships based on the market.14

Government Policies

The final development factor is the effect of government policies. Breznitz argues that the central government facilitates and encourages innovation through the development of public research institutes, financial incentives, and global linkages. Public research institutes provide resources and support the development of expertise in areas that are strategically advantageous for federal or state governments. In Taiwan, state-owned research institutes create urgency and distribute funding for ambitious technology initiatives. State-driven research has also been an important mechanism for growth in Israel, where R&D funding drives private innovation and supports research efforts in fields such as biotechnology, nanotechnology, agriculture, and—more recently—cybersecurity, as we discuss below.

State policies can also support growth through indirect financial incentives. 15 In Ireland, the government successfully lobbied multinational IT companies to operate and invest in the local

Figure 1 | Pillars of Innovation Economies

Social & Business Networks

Research Institutes & Universities

Relevant Industries/Sectors

Government Policies

· Market pooling· Workforce mobility· Mentorship· Business relationship

· Highly skilled workforce· Research· Teaching specialization· Funding

· Market expertise· Funding· Private-public

cooperation

· Linkages to global markets

· Procurement· Incentives & subsidies


economy through corporate tax incentives.16

Governments can also propel growth through facilitating links between local and foreign companies or governments.17 China has utilized regulations requiring foreign firms to partner with

local companies to drive domestic growth and create opportunities for technology transfer with the expectation that they will benefit local development in the long-term.18

Any comparative learning process across clusters must understand how the cybersecurity industry differs from other sectors. While individual developers, hackers, and organizations often protect proprietary cybersecurity information, the industry nonetheless has a strong open source and information sharing culture.19 The root of the open source movement is in hacker culture dating back to the 1960s.20

The Importance of Geography and Knowledge Transfer

Although few industries are more virtual than the cybersecurity industry, the importance of geography and proximity cannot be understated, especially in building trusted relationships that underpin strong information sharing partnerships and vital knowledge transfer. Impactful information is often shared privately between cybersecurity

professionals with these trusted relationships.21

The communication channels for these types of exchange are virtual and personal, and many information security professionals point to the value of face-to-face interaction in building trust to share information more quickly over virtual channels. The cybersecurity industry is flush with conferences and gatherings that enable these interactions. Some of these national or international conferences are structured, but others are less formal and serve local communities. Once trusted relationships are established, virtual forums on the internet or the Deep and Dark Web augment and strengthen personal ties and enable more efficient flows of information.

Public or government-led information sharing among cybersecurity professionals is a more recent development, but has quickly grown. Although threat intelligence companies keep some of their information and analysis proprietary, many

UNDERSTANDING THE CYBERSECURITY INDUSTRY


publish reports online or share threat indicators. Formalized information sharing initiatives such as computer emergency response teams (CERTs), information security and analysis centers (ISACs), and information security and analysis information organizations (ISAOs) serve not only to share threat information, but also to strengthen the ties between public and private organizations within an ecosystem.22

The cybersecurity industry is also greatly affected by its increasing relevance to every sector, public and private. Cluster literature often refers to the importance of related or complementary sectors. For cybersecurity, every industry is a potential partner.

While this means there is enormous potential for growth in multiple locales, so far clustering has primarily occurred around government cyber units, for reasons expanded on below.

The Cybersecurity Industry and Clustering

In the last several years, high profile cyberattacks have affected both the public and private sectors around the world. Governments and non-state actors are now capable of executing cyberattacks that can steal classified or confidential information and/or disrupt or sabotage critical infrastructure and national security systems.23 The increasing

114 2

9

20

16

719 5

5

4 9

11

8

6

9937

14

22

3

3

2

23

26

2

33

19 12

424

3 3

Figure 2 | Global Clustering of Cybersecurity Industries

Source: Cybersecurity Ventures


prevalence of these attacks and mounting damages stemming from their success has driven a rise in demand for cybersecurity services and expertise.24

In this environment, investment in cybersecurity has steadily grown. Industry investment had its most significant jump in 2013, increasing by 60 percent, and has continued to rise since.25

The cybersecurity industry, while global, does show definite clustering. Using data from Cybersecurity Ventures, we mapped the top 500 cybersecurity companies.26 The results, shown in Figure 2, depict heavy clusters in the United Kingdom, the United States, Germany, and Israel, with smaller clusters in other areas of Europe, North America, and Asia.

As global threats multiply, governments are also increasing spending on defensive and offensive cyber systems and the personnel that support those missions. In the United States, federal spending on cyber defense is expected to increase over 35 percent by the end of 2017, as the government rushes to stay ahead of emerging digital threats.27 In light of greater demand from private businesses, consumers, and the public sector, the global cybersecurity market is expected to increase to $125 billion in 2020.28 Israel, which has one of the most prolific cybersecurity industries per capita, raised $581 million for 365 companies in 2016, about 15 percent of all capital raised by the industry worldwide.

114 2

9

20

16

719 5

5

4 9

11

8

6

9937

14

22

3

3

2

23

26

2

33

19 12

424

3 3

#

Single company

L EGEND:

No. of companies in the top 500


To inform analysis about what factors can help drive the development of cybersecurity industry clusters, we have collected data on three case studies: Beersheba, Israel; Malvern, United Kingdom; and San Antonio, United States. Additional clusters, identified through our analysis of the global top 500 cybersecurity companies, include the Washington, D.C. metro area, New York City, and the San Francisco Bay Area, all of which have more than 20 of the top 500 cybersecurity companies.

However, we have chosen to highlight Beersheba, Malvern, and San Antonio because they neatly illustrate three unique approaches: one involving heavy national government planning, one a cybersecurity industry piggy-backing off of related industry, and the final depicting heavy local government support.

National Government Planning: Beersheba, Israel

Case Summary

Beersheba, Israel is an early stage cybersecurity industry cluster located in south-central Israel. There are currently 400 cybersecurity professionals working in Beersheba, employed by approximately

18 unique companies or regional offices.29 The Israeli national government has played a large role in developing the industry cluster in Beersheba and the decision to develop Beersheba into a cybersecurity hub can be traced back to the 2010 establishment of the National Cyber Initiative.30

Case Context and Local Factors

O V E R V I E W

• Underdeveloped territory

• Mandatory conscription

• Culture of innovation

• Small country, global world view

• Diverse business environment

U N D E R D E V E L O P E D T E R R I T O R Y

Growth in the inner part of the country where Beersheba is located has been slower than the coastal regions. Since the country’s founding, policymakers have wanted to attract business and talent to this area. David Ben-Gurion famously promoted policies to “make the Negev bloom” in

CASE STUDIES


the 1950s, but successive governments have had difficulty fostering the conditions that would make it attractive enough to draw significant investment.31

M A N D AT O R Y C O N S C R I P T I O N

Due to the constantly evolving, high threat environment, Israel has had mandatory conscription to its military services for nearly all citizens since 1949. Utilizing national-level testing and education programs, the armed forces have been able to recruit and place talented conscripts in technical intelligence or combat units, provide them with the necessary skills, and create a pool of highly trained cybersecurity professionals who are also well-networked.32 In fact, 60 percent of all high-tech workers in Israel served in technological and combat units.33 The training provided by military service may also have had an impact on the demographics in the Israeli high-tech sector; female representation in Israel is 35 percent, while in the United States it is approximately 25 percent.34

I N N O VAT I O N C U LT U R E

Over the last few decades, Israel has had substantial success developing a high-tech economy through a combination of public and private incentives. In 1984, Israeli law established benefits for companies locating their R&D efforts in Israel; in 1991, the Yozma program was established to provide venture capital support to Israeli companies, helping to grow the nascent startup community in Israel.35 By the late 1990s, the technology industry had matured enough that it became advantageous to keep Israeli startups operating in the country even after they were acquired and large companies began to relocate their R&D divisions to Israel.36

The National Cyber Initiative sought to take advantage of the established innovation culture, infrastructure, and growing demand internationally and domestically for cybersecurity expertise to develop the cybersecurity ecosystem in Israel.37 The initiative committed Israel to continuing to invest

in R&D, to develop Beersheba as a cybersecurity hub, and establish a new cybersecurity authority to protect the civilian sector from cyber threats.

G L O B A L W O R L D V I E W

Because Israel is so small, businesses that establish there necessarily look to international markets as their prime clientele.38 Israel’s high threat environment (it is the most heavily targeted country in the world in cyberspace) further spurs the desire to partner with allies to facilitate the growth of cybersecurity expertise and resources.39

In 2016, the Israeli and British governments announced an agreement to deepen cooperation to tackle cyberattacks and announced academic programs to encourage information sharing between experts in both countries.40 There is also a current bill proposed in the U.S. House of Representatives to provide grant money to joint U.S.-Israel cybersecurity projects.41

D I V E R S E B U S I N E S S E N V I R O N M E N T

Despite the early stage of its development, Beersheba boasts a diverse business environment that includes large companies, startups, co-working spaces, and incubators.

So far, there are several large companies that have already located their R&D or cybersecurity elements in the area. These include EMC, Deutsche Telekom, Paypal, Oracle, IBM, and Lockheed Martin. These large companies provide needed capital and opportunities for partnerships for small business and the research community. Small business in the area can also take advantage of the resources established in Beersheba as they incorporate and move to independent operations. WeWork, the co-working space, also has an office in the city, and there are several incubators, including one run by the venture capital (VC) firm Jerusalem Venture Partners (JVP), up and running.42


Development Factors

O V E R V I E W

• Government planning

• Proximity to government cybersecurity functions

G O V E R N M E N T P L A N N I N G

The Israeli government has committed to improving transportation and fostering higher education institutions in Beersheba. Prime Minister Benjamin Netanyahu regularly visits the city and has made clear that the technology sector there has the government’s backing.43 At the 2014 CyberTech conference in Israel, the prime minister described the government’s plans to create a cyber hub in the desert city:

What we’re doing is turning Beersheba and the whole Negev into the cyber region of Israel and I think of the eastern hemisphere. We have moved significant units of the Israeli Defense Forces to the south; we’re putting our national cyber command smack in the University of Beersheba … So you have our security outfits, our university and an industrial park all within walking distance of 100 yards. That’s called a cyber-hub. It’s a big thing.44

Several government planning initiatives have contributed to the creation of this “cyber-hub.” For example, tax incentives and eased visa requirements have attracted domestic and international talent to the area,45 and the government has also improved the transit options to the area, realizing that two hours is longer than most Israelis are willing to commute. In addition to upgraded high-speed trains to Tel Aviv, the government has planned to create the Trans-Israel Highway that will serve as a direct route to the area.46 In doing so, the Israeli government hopes to compensate for the notion that Beersheba is not yet an appealing location by enabling more commuters.

In the long run, it appears the government would prefer to develop Beersheba and foster a more local workforce. However, developing Beersheba is still a work in progress. Experts estimate that it will take another five to ten years to be self-perpetuating. Right now, the area is still heavily supported by the government. Despite the clear opportunities and early successes, the region does face several challenges:

1. Convincing Israelis to commute long distances is difficult. Because Israel is such a small country, most Israelis live and work in close proximity. The hour-plus commute from the population centers of Tel Aviv and Jerusalem, and the harsh desert climate, makes Beersheba a hard sell. Most entrepreneurs who start companies in the area today are either from the region originally or face pressure from investors to locate there.47

2. Beersheba lacks some important infrastructure. The military and intelligence units pledged to relocate to the area, but this move is still years away. While some Israelis may get their degrees at Ben-Gurion University, many move back to the coastal regions or other more established centers after they graduate.48

P R OX I M I T Y T O G O V E R N M E N T

C Y B E R S E C U R I T Y F U N C T I O N S

The first government cybersecurity body to move to Beersheba was the National CERT, which was formally founded in the area in 2016. Within the next several years, Israeli intelligence organizations and command, control, communications, computers, cyber, and intelligence (C5I) military units will be relocating to the area.49 This large-scale shift will move approximately 300,000 soldiers, including 7,000 career officers, to Beersheba, and will also likely spur the relocation of defense contractors who desire to be closer to their clients.50


L O C A L C Y B E R S E C U R I T Y- S P E C I F I C

H I G H E R - E D U C AT I O N

Ben-Gurion University, located in Beersheba, has Israel’s first cybersecurity graduate program and a nationally-funded research center of excellence.51

The university also employs business-friendly technology transfer programs designed to facilitate the export of innovative discoveries made at the university to the private sector.

Riding the Coattails: Malvern, United Kingdom

Case Summary

The United Kingdom has one of the most successful cybersecurity industries when measured in terms of economic growth. The sector alone contributed £1.8 billion in exports to the U.K. economy in 2015 and grew from £17.6 billion in 2014 to almost £22 billion in 2015.52 Despite its relatively small size, the United Kingdom has 17 cybersecurity clusters.53 The first and most prominent cluster is Malvern, known as “Cyber Valley,” which includes more than 80 small companies operating in and around the towns in the counties of Herefordshire, Worcestershire, and Gloucestershire. The cluster has proved considerably successful in boosting the economy of the region, with a 71 percent increase in employment between 2011 and 2014 and a 56 percent growth in gross value added in the same period.54


O V E R V I E W

• History of (non-cyber) defense research

• Standard of living

• Existing cybersecurity workforce

H I S T O R Y O F D E F E N S E R E S E A R C H I N S T I T U T I O N S

The presence of the Defense Evaluation and Research Agency (DERA), at one time the United Kingdom’s largest science and technology organization, and its privatized successor, QinetiQ, has helped to facilitate the development of Malvern as a center for cutting edge research. Experts who get their start at these R&D facilities also help to develop the startup community with ideas they have spun out of the more established organizations.55

The expertise at these R&D centers may also help offset the lack of a large university in the area.

S TA N D A R D O F L I V I N G

The cost of living in the Malvern area is far lower than major urban centers. For instance, in 2017, the rent prices in Worcester are 65.11 percent lower than in London, which is recognized as one of the major hubs of the digital economy in the United Kingdom.56 This relatively low property cost is one of the main reasons many companies moving to the area.57 In 2016, 95 percent of local startups in Malvern also reported they were satisfied with overall quality of life, where only 59 percent of those in London said so.58

E X I S T I N G C Y B E R S E C U R I T Y W O R K F O R C E

Malvern boasts a large concentration of cybersecurity specialists. After DERA was privatized, many government employees moved directly to QinetiQ, but others moved to several of the smaller companies located in the area. Some of Malvern’s startups, DeepSecure and D-RisQ for example, have also been spinouts founded by former employees of QinetiQ.59 Although Malvern does not have a university within city limits, there are many universities in nearby towns, which gives companies easy access to a skilled workforce.60


Development Factors

O V E R V I E W


• Private sector leadership

• Research and training centers

• National-level programs



Malvern’s proximity to Hereford, home to the headquarters of military and intelligence agencies such as the British Special Air Services (SAS) and Government Communications Headquarters (GCHQ), serves as another important development factor of the cluster growth, encouraging knowledge transfer from the well-funded public sector to the private sector.

Although the strong links with GCHQ and other government entities benefit companies in the area from a business development and access perspective, they also present a reputational challenge for companies seeking to operate internationally. Some executives have cited concerns that they are viewed as being too close to the British security services to get into international business, especially in countries less friendly with the United Kingdom.61 Government officials, less impacted by market forces, see this relationship from a different perspective. Dr. Ken Pollock, a cabinet member responsible for economy, skills and infrastructure at Worcestershire County Council, believes that the close collaboration with private security experts has helped dispel some of the negative GCHQ image and pushed forward its positive, defense initiatives such as the Cyber Essentials standard.62

P R I VAT E - S E C T O R L E A D E R S H I P

Despite the government presence, the Malvern cluster is primarily private sector driven. Area experts have been gathering for monthly industry discussions (started by Dr. Emma Philpott of the local business catalyst organization Key IQ) since 2011 to facilitate information sharing and encourage business development opportunities.63 These discussions provide a venue to discuss common barriers to operating in the cybersecurity market, share information about trade missions or events, and encourage collaboration. The regular meetings facilitate efforts to develop specialized skills and collaborate on efforts to win government contracts, an initiative that is of particular importance to small and medium enterprises (SMEs) that have traditionally had difficulty competing with the breadth and depth of larger organizations.64

In 2014, Key IQ also created the U.K. Cybersecurity Forum to facilitate communication and collaboration between all U.K. cyber clusters. The forum provides a venue for sharing business opportunities and best practices and a mechanism for member companies’ employees to gain security clearances—one of the biggest barriers to SMEs getting government contracts.65

R E S E A R C H A N D T R A I N I N G C E N T E R S

The Malvern cluster’s main source of R&D is the research center at QinetiQ, which functions similarly to a university lab.66 The area also boasts several smaller local labs shared by several small companies. One, a so-called “dirty lab” where malware can be tested, was founded by four Malvern companies (3SDL, Borwell, C2B2 and DeepSecure) and two other local companies with the assistance of Parliament Member Harriet Baldwin who helped secure government funding for the lab.67

In 2014, the community of cyber professionals in Malvern founded the National Cyber Skills Center (NCSC) to raise awareness about the industry and attract skilled labor. The center, the only one of its


kind in the country, offers cybersecurity training and hands-on ethical hacking experience.68 The NCSC is also working with the University of Worcester to build out a cybersecurity degree program.69

N AT I O N A L- L E V E L P R O G R A M S

The national-level government does not provide any financial support or tax incentives specific to the Malvern region, but has several initiatives to promote cybersecurity nationwide.70 One of the more prominent initiatives, run by the Department for Culture, Media and Sport (DCMS), is the Cyber Growth Partnership, which encourages connections and collaborations among industry, academia, and government organizations.71 The GCHQ Cyber Accelerator, run jointly by DCMS and GCHQ, facilitates access to technological experts and mentors from GCHQ, who can provide information about the current threat environment.72 DCMS

is also creating a Cyber Schools Program, in which 14- to 18-year-old students are exposed to a comprehensive cybersecurity curriculum that mixes classroom and online instruction with real-world challenges and hands-on work experience.73

G O V E R N M E N T P L A N N I N G

Local-level government institutions play the most direct role in promoting the Malvern cluster by providing funding to SMEs and other business resources for emerging startups.

Local Government Planning: San Antonio, Texas, United States

Case Summary

San Antonio’s cybersecurity industry has a long history built upon the presence of the 25th Air Force,

Malvern and Other U.K. Clusters

Cyber Growth Partnership (CGP) was founded in 2012 as an advisory board to provide strategic guidance to, and independent oversight of, government and the implementation of the National Cybersecurity Program.74 The CGP also runs the Cyber Exchange, an online forum for cyber business to engage, connect, and collaborate.75

With representatives from academia, government, and industry, CGP looks to build off the success of the Malvern cluster to help establish other regional cybersecurity clusters. Solent Cluster, officially launched in 2014, has been one of the most successful.76 The area is host to two universities (University of Southampton and Southampton Solent University) and is in close proximity to the Royal Navy.77 The local government has also actively assisted private sector by investing in businesses in the area.78

Cambridge and Oxford have also recently emerged as strong clusters. Both areas host outstanding universities that graduate students with cybersecurity skills.79 Small businesses also benefit from Cambridge University’s incubator, Ideaspace, the St Johns Innovation Center (Europe’s first incubator), and the Judge Business School’s Accelerate Cambridge program.80 Companies located in Oxford leverage local networks and co-working spaces such as the Oxford Startups Meetup, Digital Oxford, the Saïd Business School’s co-working space, the Oxford Launchpad, and Isis Innovation.81 However, both areas face funding challenges and get little support from local government. Other challenges in these clusters include a weak supporting economic environment in Cambridge and lack of high-speed connectivity and other digital infrastructure in Oxford.82

Cybersecurity as an Engine for Growth 15


located at Lackland Air Force Base since 1948. The 25th Air Force provides intelligence, surveillance, and reconnaissance (ISR) services to the Air Force and the NSA.83 The NSA has also had a presence in the area for decades, originally operating in an annex of Lackland Air Force Base before moving to an independent building in southwest San Antonio.84 The major factor supporting the recent development of this cluster is the city’s proximity to military and government organizations, which was significantly bolstered by the recent arrival of the 24th Air Force, Air Forces Cyber, which was founded at Lackland Air Force Base in in 2009 and became fully operational in 2010.85 From 2011-2014, San Antonio’s 100 cybersecurity companies increased regional jobs by 30 percent.86

San Antonio’s economic development has historically focused on attracting companies from the outside and connecting to federally-controlled government money. However, research by development economists helped San Antonio change focus to a model that relied on expansion from within by supporting collaboration between local start-ups and forming local relationships to units operating in the San Antonio area. The researchers recommended that local enterprises forge stronger connections with education institutions, and combining efforts of smaller firms to achieve government recognition and assistance. 87


O V E R V I E W

• Standard of living

• Area-specific challenges

S TA N D A R D O F L I V I N G

Compared to Maryland and Northern Virginia, which are dominated by large firms, San Antonio has benefited from relatively the area’s low cost of living. This feature has been particularly attractive

to retiring military personnel already accustomed to the area and to cyber professionals from elsewhere looking to launch businesses in an area with lower overhead costs.

A R E A- S P E C I F I C C H A L L E N G E S

The area also faces several other challenges that may have limited the success of the state-level programs described above: lack of local customers, and highly specialized local talent. The small regional airport nearby lacks the capacity to efficiently move business travelers to locations around the country, presenting a barrier to smaller, local companies hoping to expand and export their expertise nationally or globally. In addition, due to the specialized nature of military training, the local workforce does not always support the wide range of skills necessary for the industry. Local firms must sometimes hire experts from Austin or other regions of the country to fill the gap.88

Development Factors

O V E R V I E W

• Local government programs

• Private sector leadership


• Research and training centers

L O C A L G O V E R N M E N T P R O G R A M S

Public-private partnerships and strong leadership from the local government supports the San Antonio industry cluster. San Antonio has had several cybersecurity education programs operating in the area for some time, but has only recently been able to forge the connections between the private industry and academia to make full use of them. The CyberTexas Foundation has been


able to coordinate connections between academia and the private industry to foster an internship pipeline through the Cyber Innovation and Research Consortium (CIRC).

State-level government policies designed to attract technology companies have had negligible influence on the San Antonio cluster.89 Texas, which does not have a corporate income tax, has an Emerging Technology Fund and a Product/Business Revolving Loan Fund that provide funds for research, commercialization, and production. However, these programs have so far failed to attract established companies and large conglomerates to the area.90

T E C H N O L O G Y T R A I N I N G

& R E S E A R C H I N S T I T U T E S

San Antonio has an impressive array of cybersecurity higher education institutions and is currently working to enhance K-12 curriculum. Although five of the local universities qualify as Texas cyber centers of academic excellence, the University of Texas at San Antonio stands out with the Institute for Cyber Security (ICS) and Center for Infrastructure Assurance and Security (CIAS). The University of Texas at San Antonio is also home of the National Collegiate Cyber Defense Competition, which provides a forum for students to test their operational skills managing and protecting existing network infrastructure.

The CyberTexas Foundation, a nonprofit working to promote cyber education in the local public school system, heavily supports secondary school cyber education to develop the regional talent supply and provide students with the opportunity to gain critical training and certifications.91 In addition to certificate and dual credit programs, it introduced the Air Force’s CyberPatriot competition to middle and high schools in the area and coordinates extracurricular training. San Antonio’s public schools have also started a CyberStar curriculum for middle school students, designed to teach students

basic networking and security skills.92 The program allows students to participate in competitions, training, and internships for up to 10 years and graduate from high school with the option to enter the information technology workforce or pursue higher education.93

P R I VAT E - S E C T O R L E A D E R S H I P

San Antonio’s Chamber of Commerce has been a great source of support to the burgeoning cluster and was instrumental in the lobbying effort to bring the 24th Air Force to the area. From 2007 to 2012, the chamber’s cybersecurity focus was on connecting local industry to the new units and their mission and eventually, on setting up the necessary infrastructure to support the classified nature of the work. The chamber helped to create industry events and forums to facilitate military leadership’s connections with the local industry around them and help the local, often smaller companies get access to the military in ways larger, national companies would in Washington.94

With a receptive Air Force, this line of work blossomed, but in 2012, the chamber expanded its interest to the commercial industry in San Antonio, then an untapped market. The chamber commissioned a study of the industry, which upon completion helped the chamber to source funding to pay for research and launch a series of initiatives, some of which are still internally run and some have been spun off into their own organizations.95

The new funding also allowed the chamber to elevate one of its employees to run the cybersecurity initiative full time, which has helped concentrate and focus the chamber’s program.96



The San Antonio cyber industry is made up of two general categories of company operating the area: large defense contractors serving the military, and start-ups formed by retired military personnel


San Antonio Chamber of Commerce Cybersecurity Initiatives97

CyberTexas CyberTexas has since spun off into its own independent organization, but originated at the Chamber. Since its creation, CyberTexas has supported middle and high school students in their cybersecurity studies and helps connect them with mentors in the industry. It has since expanded its mandate significantly and is involved with the Cyber Patriot program, cybersecurity exercises and training events for the local community, and local industry development.

Higher Education Engagement

The Chamber has constant contact with colleges and universities in the area to help develop curriculum and connect these higher education institutions with the needs of the area’s cybersecurity industry.

Experiential Learning The Chamber is supporting the creation of a security operation center (SOC) in the port area of San Antonio that will serve as an experiential learning platform for the area’s students. Eventually, local municipalities will also be able to use the center for their cybersecurity needs.

Smart Cities The Chamber’s smart cities initiative is focused on encouraging partnerships between the companies with cybersecurity products and expertise with the initiatives currently being run in San Antonio to foster a data-driven and technology enhanced approach to governance and services.

Cyber Bootcamp Realizing there was a dearth of cybersecurity product companies in San Antonio, the Chamber launched a bootcamp program for military personnel. The bootcamp has helped provide business skills for retiring military personnel and help them develop their commercial ideas.

BuildSec Foundry Founded by Graham Weston, BuildSec Foundry is the outcome of an initiative to foster early stage product cybersecurity companies. Focusing on ground-floor startups, the BuildSec Foundry is a 12-24 month program that supports founders with assistance in setting up their company, product testing, institutional capital, and more. The program will eventually foster six companies per year.

serving the private sector.98 Both benefit from the presence of active units from the Air Force and the NSA. These government organizations provide contracting opportunities for local firms, such as IPSecure, which services the 25th Air Force’s Computer Emergency Response Team. A study commissioned by the City of San Antonio estimated that military-based cybersecurity/IT provided more than $300 million in local contract opportunities.99

In addition, the military provides a robust talent pool with highly skilled technical expertise. Private companies hire from this group of well-trained outgoing military staff and have developed an unofficial but still robust recruitment pipeline.


While each cluster described above is driven by factors specific to its particular situation, we have isolated four (often related) factors that appear to contribute to cluster growth: (1) proximity to governmental cybersecurity functions, (2) the ability to either attract or develop a workforce, (3) research centers, and (4) strong industry leadership. National and local governments, as well as potential private investors and companies, can play a role in influencing these factors.

Proximity to Government Cybersecurity Functions

The presence of government cybersecurity departments, especially military or intelligence organizations, drives development for two primary reasons. First, cyber units of these institutions provide the local economy with a trained talent pool. Government cybersecurity programs provide strong operational on-the-job training that can create a core of local experts. Government employees cycling out of government service can also seed the area with local companies, especially if support programs such as incubators or bootcamps are available to help transition them to the private sector.

Second, the presence of government cybersecurity functions can drive local cluster growth because proximity to contractors tends to be important to public sector clients, often more so than their private sector counterparts. Government cybersecurity units attract both established companies and startups seeking to win contracts and support their clients. This seed funding and support then bleeds over to the private sector and facilitates growth.

In addition, defense contractors sometimes co-locate with their clients, driving development of a cluster around government cyber programs.100 Many businesses that are currently co-located with their clients in Tel Aviv and other areas in Israel are expected to move all or part of their cybersecurity operations to Beersheba when the military and intelligence units move to the region in the next several years.101

Proximity to prospective clients allows for greater information sharing opportunities and allows business leaders to more easily align their priorities with those of prospective clients. For example, because of its geographic proximity to British government cyber units, Malvern cluster members regularly attend meetings and form personal relationships with decision makers.

COMMON FACTORS FOR CLUSTER GROWTH


This constant exchange of information has been able to facilitate greater understanding between the public and private sectors.102

Private companies in other potential partner industries place less emphasis on co-location and are more likely to take advantage of expertise built elsewhere. As the industry continues to evolve and mature, however, clusters may form around other complementary sectors to facilitate the exchange of information and talent.

Workforce Development and Attraction

Although more research is needed to truly understand best practices in developing a cybersecurity workforce, we nonetheless observe that local universities, like Ben Gurion University (BGU) in Beersheba, which has a working relationship most cybersecurity companies in the area, play a significant role in helping facilitate the development of a local cybersecurity workforce.103

BGU has strong technical credentials and has plans to grow its student body over the next ten years. It emphasizes a dual-focused theoretical and practical curriculum that it facilitates through collaboration programs with major industry firms and other companies in the area.104

In San Antonio, the local nonprofit CyberTexas runs the Cyber Innovation and Research Consortium (CIRC) that facilitates connections between the private sector and academia. The effort established an informal internship pipeline and provides a channel for local businesses and universities to partner with local business to meet growing workforce demands.105 Malvern’s National Cyber Skills Center (NCSC) likewise serves as a training center and conduit to academia for companies operating in the area.

Government support for cybersecurity workforce development comes in a variety of permutations and must be customized to a particular area’s

features to have good effect. Successful government programs include tax incentives that help to attract large corporations, direct funding to startups and accelerators or incubators, and programs that facilitate information sharing and close professional relationships between government and private industry.

Successful national-level programs can also help to develop education programs. In 2012 and 2013, Israel’s National Cyber Bureau allocated funds for cybersecurity research and launched the creation of university centers of excellence. Although Tel Aviv University was the first to be established, Ben-Gurion University (BGU) in Beersheba was the second. The BGU program (described more in detail in the case study above) is heavily focused on technology and engineering as opposed to the more interdisciplinary program in Tel Aviv.106

The strong cybersecurity presence in the Israeli military also serves to foster the development of the industry. The pipeline for cyber talent starts at the middle school level, and the various military services “graduate” thousands of trained professionals every year.107 The British Cyber Schools Program, targeted towards 14- to 18-year-olds is less military-focused, but seeks to provide integrated cybersecurity instruction to students country-wide. In San Antonio and Malvern, local governments have had a strong impact through direct funding initiatives and support to education.

In 2016, the local council in Malvern adopted cybersecurity as a key initiative for the county, pledging to fund three rounds of cyber education for small and medium businesses through the “Growing Cyber” program, promoting cyber and tech apprenticeships, and providing funding for the NCSC.108 The area’s Chamber of Commerce also supports the local cybersecurity industry by providing human resources support and offering access to small pots of government funding to help small businesses grow and attract business.109


Research Centers and Incubators

In addition to degree programs, universities also host research institutions, which can contribute to sector development. Successful technology transfer programs and research partnerships support the establishment of new companies and expose students to the real-world problems and environments they need to function in the cybersecurity industry. Technology transfer programs are often run by major government entities or universities working on cutting edge research, but can also be facilitated by providing incentives to large businesses to transfer to smaller businesses and startups (or vice versa).

BGU’s successful technology transfer program uses multiple models, but generally intellectual property is shared between the university and the faculty member(s) working on the project. The university also runs a for-profit company that can hold IP developed by faculty and students, enabling potential return on investment.110

The Israeli VC firm JVP has already invested in three companies based on technology that was originally developed at the university.111

In San Antonio, Build Sec Foundry is an incubator founded and supported by the local Chamber of Commerce that leverages an executive board comprised of local business owners and chamber officials to support newly founded

cybersecurity companies and encourage long-term local partnerships. The incubator, which is located at the Geekdom co-working space, also encourages collaboration between early stage companies and ultimately hopes to draw on “graduated” companies for support to new ones, facilitating knowledge transfer.112

Recognizing that many local startups were run by former military personnel, the San Antonio Chamber of Commerce also started the Cybersecurity Bootcamp program to support the business creation pipeline. The bootcamp is a quarterly program that provides men and women leaving government service with entrepreneurial education; still in its first year of operation, the bootcamp has already led to the founding of two successful startups.113

Industry Leadership

As with any new initiative, strong leadership that can help focus development programs, raise public awareness, and help to bring in capital, is crucial. Leadership can come from the private or the public sector—both have been successful in the past—but the individual or organization must serve as a focal point for the local cluster, increasing the exchange of information and supporting the development of cross-organizational relationships.

As with any new initiative, strong leadership that can help focus development programs, raise public awareness, and help to bring in capital, is crucial. Leadership can come from the private or the public sector—both have been successful in the past—but the individual or organization must serve as a focal point for the local cluster.


In Israel, CyberSpark, the “Israeli Cyber Innovation Area” was created as a joint venture of the Israeli National Cyber Bureau, Beersheba Municipality, Ben-Gurion University, and other leading companies in the area. Industry leaders EMC, JVP, BGNegev, and Lockheed-Martin also cofounded the CyberSpark Industry Initiative to serve as a nonprofit organization that could coordinate industry activities and lobby for policies that benefit the area.114

Although cybersecurity companies have been operating in the Malvern area for some time, the cluster did not begin to coalesce into an effective network until Key IQ’s Dr. Emma Philpott formed a meet-up in September 2011.115 This meet-up has since evolved into a regional institution and has inspired various other gatherings of

British cybersecurity business leaders to help foster the growth of the industry in other areas around the country. As a leader of the group, Dr. Philpott has also played a role in the organization efforts to get the British government to enable members of the Cybersecurity Forum to get clearances and offer SMEs-friendly contracts.116

In San Antonio, the local Chamber of Commerce has successfully focused development efforts on the startup community, determining that the local cluster would need to depend on these companies rather than relocating large conglomerates. It was able to augment the attractiveness of the region (climate, low cost of living) with a supportive network and organized programs that have allowed the cluster to grow and retain the talent that it needs to thrive.117


While each cluster is, of course, different, these common factors provide a starting point for local or national governments looking to expand their cybersecurity industry. There is no out-of-the-box solution, but with proper attention to the local considerations and strengths of each area, cybersecurity can be an engine for growth in cities around the world. Some key recommendations for policymakers arising from this report are:

Partner with the private sector and local nonprofits. While government-run programs can inject needed capital and provide direction, the private sector will need to be the driving forces for development to be successful. Local nonprofits can help to target resources and foster collaboration.

Be creative and develop a program that is customized to the particular area. Each city has its own history and resources that can be leveraged in support of cybersecurity. How those resources are integrated is key to developing such a nascent industry and can provide the core of the new community.

Develop connections between military and government units that have use for the local talent and the companies that surround them. To foster local development, governments should

think about creative ways to do contracting, make sure they attend events and get to know the local industry, and support efforts to develop the necessary infrastructure. Government programs can be lucrative but they often come with numerous administrative and capital investments above and beyond the base technology. Increasing opportunities for regular contact and supporting small and medium business needs is necessary to develop the local industry.

Facilitate the local placement of national government cybersecurity capacities. The local presence of national government cybersecurity capacities, like a military cyber command or a national cybersecurity center, is one clear driver of industry clustering. This presence serves two functions. First, it provides a ready-made workforce development program as government cybersecurity workers get trained while in public service and then can take their skills and expertise out into the private sector. Second, it creates demand for local cybersecurity contractors to assist government missions. Local governments should do everything in their power to help facilitate the placement of these units in their area and help foster their connections to the local economy.

RECOMMENDATIONS FOR POLICYMAKERS


Is sector-specificity going to drive the future of the cybersecurity industry? Our research suggests that localities are more likely to succeed if they leverage existing industry. Simultaneously, some experts hold that cybersecurity is becoming increasingly sector-specific. More research is needed to determine whether this is indeed the case, but early anecdotal evidence from industries like the financial services industry and the medical sector seem to fit this trend. Questions then remain about what this means for localized cybersecurity industries and how cities, states, and countries can best position themselves to align with this trend.

What are the best ways to train and educate a cybersecurity workforce? We know that workforce development is an important component of a cybersecurity industry cluster, but the best ways to develop a local workforce remain unclear. Current workforce development methods like four-year computer science degrees are an important component of workforce development, but alone they are insufficient for training the number and diversity of cybersecurity professionals needed.

While innovators are testing new approaches like apprenticeships and other work-based learning models, very little meaningful data exists on where students go after they leave educational and training programs. This dearth of data makes it difficult to identify and meaningfully predict where pockets of effective workforce training programs will emerge. By better tracking this data, localities may begin to identify good practices in cybersecurity workforce development.

Does making your locality “cybersecure” attract other industries and investment? A cybersecurity industry may well be an engine for local economic growth. However, the impetus for many countries, states, and cities making their locality cybersecure is a means to an end: attracting businesses. However, few empirical studies have sufficiently traced whether and how a more cybersecure locality leads to greater investment and a boon to non-cybersecurity industry.

WHAT WE DON’T KNOW


Notes

1 Steve Morgan, “Cybersecurity Industry Outlook: 2017 to 2021.” CSO Online, October 20, 2016, accessed March 30, 2017, http://www.csoonline.com/article/3132722/security/cybersecurity-industry-outlook-2017-to-2021.html.

2 Sara Sorcher, “The race to build the Silicon Valley of cybersecurity,” accessed May 16, 2017, http://projects.csmonitor.com/cybergoldrush.

3 Michael E. Porter, Competitive advantage: Creating and sustaining superior performance (New York: Free Press, 1985); and Porter”Location, competition, and economic development: Local clusters in a global economy,” Economic Development Quarterly 14 (February 2000): 15–34.

4 Bathelt, Harald, Anders Malmberg, and Peter Maskell, “Clusters and Knowledge: Local Buzz, Global Pipelines and the Process of Knowledge Creation.” Progress in Human Geography 28, no. 1 (January 2004): 31–56.

5 Timothy J Sturgeon, “What Really Goes on in Silicon Valley? Spatial Clustering and Dispersal in Modular Production Networks,” Journal of Economic Geography 3, no. 2 (April 1, 2003): 199–225. doi:10.1093/jeg/3.2.199.

6 AnnaLee Saxenian, Regional Advantage : Culture and Competition in Silicon Valley and Route 128 (Cambridge MA: Harvard University Press, 1996)

7 Bruce Fallick, Charles A. Fleischman, and James B. Rebitzer, “Job-Hopping in Silicon Valley: Some Evidence Concerning the Microfoundations of a High-Technology Cluster.” The Review of Economics and Statistics 88, no. 3 (August 2006): 472–81.

8 Allison Bramwell and David A. Wolfe. “Universities and Regional Economic Development:

The Entrepreneurial University of Waterloo.” Research Policy 37, no. 8 (September 2008): 1175–87. doi:10.1016/j.respol.2008.04.016.

9 Enrico Moretti, “Estimating the Social Return to Higher Education: Evidence from Longitudinal and Repeated Cross-Sectional Data,” Journal of Econometrics 121, no. 1 (2004): 175–212. doi:10.1016/j.jeconom.2003.10.015.

10 Dong-Won Sohn and Martin Kenney, “Universities, Clusters, and Innovation Systems: The Case of Seoul, Korea.” World Development 35, no. 6 (June 2007): 991–1004. doi:10.1016/j.worlddev.2006.05.008.

11 Jocelyn Robert, David Connell, and Andrea Mina, “R&D Service Firms: The Hidden Engine of the High-Tech Economy?” Research Policy 42, no. 6–7 (July 2013): 1274–85. doi:10.1016/j.respol.2013.03.004.

12 Andrea Mina, Elif Bascavusoglu-Moreau, and Alan Hughes, “Open Service Innovation and the Firm’s Search for External Knowledge,” Research Policy 43, no. 5 (2014): 853–66. doi:10.1016/j.respol.2013.07.004.

13 Jean-Pierre Segers, “Regional Systems of Innovation: Lessons from the Biotechnology Clusters in Belgium and Germany,” Journal of Small Business and Entrepreneurship; Regina 28, no. 2 (2016): 133–49. doi:http://dx.doi.org.ezproxy.cul.columbia.edu/10.1080/08276331.2015.1128256.

14 Runde, “The Future of Public-Private Partnerships: Strengthening a Powerful Instrument for Global Developmen.”

15 Breznitz, Innovation and the State, 188.

16 Alana Semuels, “Would Cutting Corporate Tax Rates Really Grow the Economy?” The Atlantic, October 20, 2016, accessed March 30, 2017, https://


www.theatlantic.com/business/archive/2016/10/would-cutting-corporate-tax-rates-really-grow-the-economy/504845/.

17 Dan Breznitz, Innovation and the State : Political Choice and Strategies for Growth in Israel, Taiwan, and Ireland. (New Haven: Yale University Press, c2007).

18 Eva Dou, “China’s Tech Rules Make It Hard for U.S. Firms to Take Control,” Wall Street Journal, June 2, 2016, http://www.wsj.com/articles/chinas-new-tech-rules-make-it-hard-for-u-s-firms-to-take-control-1464870481.

19 Christopher Tozzi, “What the Hack? Tracing the Origins of Hacker Culture and the Hacker Ethic,” The Var Guy, March 13, 2017, accessed March 30, 2017, http://thevarguy.com/open-source-application-software-companies/042915/open-source-history-tracing-origins-hacker-culture-and-ha.

20 The open-source software movement is a movement that supports the use of open-source licenses for some or all software, a part of the broader notion of open collaboration. The open-source movement was started to spread the concept/idea of open-source software.

21 Wanying Zhao and Gregory White, “An Evolution Roadmap for Community Cyber Security Information Sharing” (paper presented at 50th Hawaii International Conference on System Sciences, Waikoloa, Hawaii, January 4–7, 2017), https://scholarspace.manoa.hawaii.edu/bitstream/10125/41443/1/paper0294.pdf.

22 Financial Services Information Sharing and Analysis Center, “FS-ISAC : Financial Services - Information Sharing and Analysis Center,” FS-ISAC, accessed March 24, 2017, https://www.fsisac.com/.

23 Flashpoint, “Business Risk Intelligence Decision Report: 2016 Year in Review and 2017 Flashpoints,” Business Risk Intelligence–Decision Report (January 2017)

24 Most notably: Sony Pictures, Target, Russia hacks on DNC and the Democratic Congressional Campaign Committee

25 Hannah Kuchler, “Investors Flock to Cyber Security Start-Ups,” Financial Times, May 9, 2016, accessed February 7, 2017, https://www.ft.com/content/f5c87808-a883-11e3-b50f-00144feab7de.

26 Cybersecurity Ventures, “Cybersecurity Market Report,” Cybersecurity Ventures, February 17, 2017, accessed March 30, 2017, http://cybersecurityventures.com/cybersecurity-market-report/.

27 Morgan, “Cybersecurity Industry Outlook: 2017 to 2021”

28 Kuchler, “Investors Flock to Cybersecurity Start-Ups.”

29 E-mail correspondence with the author. Conducted April 25, 2017.

30 Interview with the authors. Conducted March 9, 2017; Interview with the authors. Conducted March 8, 2017; Interview with the authors. Conducted March 21, 2017.

31 Jean-Luc Renaudie,. “Israel’s cyber sector blooms in the desert,” Times of Israel, January 30, 2016, accessed March 30, 2017, http://www.timesofisrael.com/israels-cyber-sector-blooms-in-the-desert/.

32 Ori Swed and John Sibley Butler, “Miltiary Capital in the Israeli Hi-Tech Industry.” January 2013, accessed May 16, 2017, https://www.researchgate.


net/publication/258834011_Military_Capital_in_the_Israeli_Hi-Tech_Industry.

33 Elisabeth Braw, “How Israeli Cinscription Drives Innovation,” Foreign Affairs, April 19, 2017, accessed May 16, 2017, https://www.foreignaffairs.com/articles/israel/2017-04-19/how-israeli-conscription-drives-innovation.

34 Anita Borg Institute for Women and Technology, The State of Representation of Technical Women in Industry (Palo Alto: Anita Borg Institute for Women and Technology, 2007)

35 Interview with the authors. Conducted March 8, 2017; and Yigal Erlich, “The Yozma Program - Policy & Success Factors,” The Yozma Group, 2002, accessed March 30, 2017, http://www.insme.org/files/527.


37 Ibid.; and Interview with the authors. Conducted March 8, 2017.

38 “Globalization of Technology Ventures: Lessons from Israel”

39 Renaudie, “Israel’s cyber sector blooms in the desert.”

40 Dennis Mitzner, “Israel’s desert city of Beersheba is turning into a cybertech oasis,” TechCrunch, March 20, 2016, accessed March 30, 2017, https://techcrunch.com/2016/03/20/israels-desert-city-of-beersheba-is-turning-into-a-cybertech-oasis/.

41 Tim Starks, “Trump cybersecurity executive order on hold.” Politico Morning Cybersecurity, February 1,

2017, accessed March 30, 2017, http://www.politico.com/tipsheets/morning-cybersecurity/2017/02/trump-cybersecurity-executive-order-on-hold-218524. And “H.R.612 - United States-Israel Cybersecurity Cooperation Enhancement Act of 2017.” 115th Congress of the United States, January 31, 2017, accessed August 08, 2017, https://www.congress.gov/bill/115th-congress/house-bill/612/summary/81.

42 Interview with the authors. Conducted March 22, 2017.; and Yoni Shohet, “Meet Israel’s new cybersecurity hub,” Venturebeat. July 23, 2016, accessed March 30, 2017, http://venturebeat.com/2016/07/23/meet-israels-new-cybersecurity-hub/.

43 Shohet, “Meet Israel’s new cybersecurity hub.”

44 David Shamah, “Netanyahu: Israel is leading West’s cyber-security fight,” Times of Israel, January 29, 2014, accessed May 2, 2017, http://www.timesofisrael.com/netanyahu-israel-is-leading-wests-cyber-security-fight/.

45 Interview with the authors. Conducted March 21, 2017.

46 Viva Sarah Press, “Beersheva goes cyber,” Israel 21C, August 3 2016, accessed March 30, 2017, http://www.israel21c.org/beersheva-goes-cyber/.


48 Interview with the authors. Conducted March 9, 2017; Interview with the authors. Conducted March 8, 2017.

49 Ellen Nakashima and William Booth, “How Israel is turning part of the Negev Desert into a cyber-city,”

http://www.insme.org/files/527

http://www.insme.org/files/527

http://www.politico.com/tipsheets/morning-cybersecurity/2017/02/trump-cybersecurity-executive-order-on-hold-218524




https://www.congress.gov/bill/115th-congress/house-bill/612/summary/81




Washington Post, May 14, 2016.; Interview with the authors. Conducted March 22, 2017.



52 Department for Culture, Media & Sport, Scotland Office, “Groundbreaking partnership between Government and tech start-ups to develop world-leading cyber security technology,” September 23, 2016, accessed April 1, 2017, https://www.gov.uk/government/news/groundbreaking-partnership-between-government-and-tech-start-ups-to-develop-world-leading-cyber-security-technology.

53 UK Cyber Security Forum, “Cyber Security Clusters,” UK Cyber Security Forum, accessed April 1, 2017, https://www.ukcybersecurityforum.com/cyber-security-clusters.

54 Tech City UK and Nesta. “Tech Nation 2016: Transforming UK Industries,” Tech City UK, 2016, 62, accessed April 1, 2017, http://www.techcityuk.com/wp-content/uploads/2016/02/Tech-Nation-2016_FINAL-ONLINE-1.pdf.

55 Ibid.

56 Numbeo, “Cost of Living Comparison Between London and Worcester,” Numbeo, 2017, accessed May 16, 2017, https://www.numbeo.com/cost-of-living/compare_cities.jsp?country1=United+Kingdom&city1=London &country2=United+Kingdom&city2=Worcester.

57 Interview with the authors. Conducted April 2, 2017.

58 Tech City UK, “Worcester & Malvern,” Tech City UK, 2017, accessed May 16, 2017, http://technation.techcityuk.com/cluster/worcester-and-malvern/.

; Tech City UK, “London,” Tech City UK, 2017, accessed May 16, 2017, http://technation.techcityuk.com/cluster/london-2/.


60 Interview with the authors. Conducted March 20, 2017; Interview with the authors. Conducted April 2, 2017.

61 John Murray Brown, “Malvern springs to forefront in fight against cyber crime,” Financial Times, September 22, 2013, accessed April 1, 2017, https://www.ft.com/content/b0c2e988-1ed5-11e3-b80b-00144feab7de.



64 Worcestershire Local Enterprise Partnership. “Worcestershire’s Cyber Valley,” Worcestershire Local Enterprise Partnership, accessed April 1, 2017, http://www.wlep.co.uk/assets/Cyber-Vale-Case-Study-NF.pdf.

65 UK Cyber Security Forum, “About”, UK Cyber Security Forum, accessed April 1, 2017, https://www.ukcybersecurityforum.com/about.

66 Peter Day, “Unlikely front line in the war on cybercrime,” BBC, January 14, 2014, accessed

https://www.gov.uk/government/news/groundbreaking-partnership-between-government-and-tech-start-ups-to-develop-world-leading-cyber-security-technology






April 1, 2017, http://www.bbc.com/news/business-25726361.

67 Phil Mackie, “Malvern ‘dirty lab’ to tackle cyber crime,” BBC, February 21, 2012, accessed April 1, 2017, http://www.bbc.com/news/uk-england-hereford-worcester-17118464.

68 Titania, “Peter Day: ‘Cyber Town Malvern’,” Titania, accessed April 1, 2017, https://www.titania.com/about-us/news-media/peter-day%3A-%E2%80%98cyber-town-malvern%E2%80%99.

69 Tom Edwards, “High-flying Tory minister hails Malvern’s ‘cyber valley’ on Worcestershire visit,” Worcester News, May 29, 2014, accessed April 1, 2017, http://www.worcesternews.co.uk/news/11244273.High_flying_Tory_minister_hails_Malvern_s__cyber_valley__on_Worcestershire_visit/.


71 CyberExchange, “Home,” Cyber Exchange, accessed April 1, 2017, https://www.cyberexchange.uk.net/#/home.

72 Wayra, “GCHQ Cyber Accelerator,” Wayra, accessed April 1, 2017, https://wayra.co.uk/gchq/.

73 Department for Culture, Media & Sport, UK government, “Cyber Schools Programme.” February 17, 2017, accessed April 1, 2017, https://www.gov.uk/guidance/cyber-schools-programme.

74 Cabinet Office and The Rt Hon Lord Maude of Horsham, “Speech on secondary anniversary of the Cyber Security Strategy,” (speech, second anniversary of the Cyber Security Strategy, London, UK, December 12, 2013).

75 Ibid., UK Government, “Policy paper: 2010 to 2015 government policy: cyber security.” May 8, 2015, accessed March 30, 2017, https://www.gov.uk/government/publications/2010-to-2015-government-policy-cyber-security/2010-to-2015-government-policy-cyber-security.


77 Ibid.; and Interview with the authors. Conducted March 21, 2017.

78 Wessex Life Science Cluster, “Solent Set to Lead UK Drive for Science and Innovation.” October 3, 2016, accessed April 1, 2017, http://www.wessexlifescience.co.uk/business-support-programmes/entry/solent-set-to-lead-uk-drive-for-science-and-innovation.


80 Tech City UK and Nesta, “Tech Nation 2016,” 38.

81 Ibid., 50.

82 Ibid., 38 and 53.

83 25th Air Force, “Twenty-Fifth Air Force,” 25th Air Force, August 05, 2015, accessed July 27, 2017, http://www.25af.af.mil/About-Us/Fact-Sheets/Display/Article/662963/twenty-fifth-air-force/.

84 Interview with the authors. Conducted July 14, 2017.

85 The 24th Air Force, “24th Air Force – AFCYBER,” The 24th Air Force, February 8, 2017, accessed July

https://www.gov.uk/guidance/cyber-schools-programme

https://www.gov.uk/guidance/cyber-schools-programme


27, 2017, http://www.24af.af.mil/About-Us/Fact-Sheets/Display/Article/458567/24th-air-force-afcyber/.

86 Adam Prager and Philip Schneider, Cybersecurity Industry Report, (New York: Deloitte Consulting, 2014), 18

87 Report was researched and presented by Prager Company and Deloitte Consulting; Interview with the authors. Conducted July 14, 2017.

88 Brad Reagan, “San Antonio Aims to Build Tech Center on Its Computer-Security Foundation,” June 21, 2000.


90 Prager and Schneider, “Cybersecurity Industry Report,” 20.

91 Interview with the authors. Conducted June 21, 2017.

92 Brett Piatt, “Cyber Workforce and Cyber Development in San Antonio – Week 13 of Cyber Talk Radio,” Cyber Talk Radio, December 20, 2016, https://www.jungledisk.com/blog/2016/12/20/cybersecurity-workforce-and-economic-development-episode-13/.

93 Cook and Sanchez, CyberTexas Foundation.

94 Garrett, interview.

95 Interview with the authors. Conducted March 24, 2017.; and Garrett, interview.


97 Damon Cline, “San Antonio offers model for cyber industry’s growth in Augusta.” The Augusta Chronicle, September 4, 2016, accessed May 1, 2017, http://chronicle.augusta.com/news/business/2016-09-04/san-antonio-offers-model-cyber-industrys-growth-augusta#.; Mike Thomas, “Cybersecurity Boot Camp Helping to Boost Veteran Entrepreneurs,” San Antonio Business Journal, May 13, 2015, accessed March 31, 2017, https://www.bizjournals.com/sanantonio/news/2015/05/13/cybersecurity-boot-camp-helping-to-boost-veteran.html.; Interview with the authors. Conducted July 14, 2017.

98 Prager and Schneider, “Cybersecurity Industry Report,” 20.

99 Ibid, 18.

100 Ibid.

101 Krull, interview.

102 Whiting, interview.


104 Mitzner, “Israel’s desert city of Beersheba is turning into a cybertech oasis.”

105 Ibid.

106 Interview with the authors. Conducted March 8, 2017.; Interview with the authors. Conducted April 2, 2017.

107 Nakashima and Booth, “How Israel is turning part of the Negev Desert into a cyber-city”; and Interview with the authors. Conducted April 25, 2017.

http://www.24af.af.mil/About-Us/Fact-Sheets/Display/Article/458567/24th-air-force-afcyber/



http://chronicle.augusta.com/news/business/2016-09-04/san-antonio-offers-model-cyber-industrys-growth-augusta



https://www.bizjournals.com/sanantonio/news/2015/05/13/cybersecurity-boot-camp-helping-to-boost-veteran.html





108 Interview with the authors. Conducted March 21, 2017.; and 3SDL, “3SDL Proudly supporting local charitiesm,” 3SDL, February 15, 2016, accessed April 1, 2017, http://www.3sdl.com/news/cyber-security/3sdl-proudly-supporting-local-charities.html.




112 Malachi Petersen and Staff Writer, “CyberSecurity San Antonio Creates New Tech

Incubator Program.” San Antonio Express-News, June 24, 2016, accessed March 31, 2017, http://

www.expressnews.com/business/local/article/CyberSecurity-San-Antonio-creates-new-tech-8320818.php.

113 Thomas, “Cybersecurity Boot Camp Helping to Boost Veteran Entrepreneurs.”

114 Cyberspark, “Cyberspark: Israeli Cyber Innovation Arena” Cyberspark: Israeli Cyber Innovation Arena, 2016, accessed March 30, 2017, http://cyberspark.org.il/.

115 Interview with the authors. Conducted March 24, 2017.; Interview with the authors. Conducted April 2, 2017.



CYBERSECURITY INITIATIVE

This report carries a Creative Commons Attribution 4.0 International license, which permits re-use of New America content when proper attribution is provided. This means you are free to share and adapt New America’s work, or include our content in derivative works, under the following conditions:

• Attribution. You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.

For the full legal code of this Creative Commons license, please visit creativecommons.org.

If you have any questions about citing or reusing New America content, please visit www.newamerica.org.

All photos in this report are supplied by, and licensed to, shutterstock.com unless otherwise stated. Photos from federal government sources are used under section 105 of the Copyright Act.

http://creativecommons.org

http://www.newamerica.org

http://shutterstock.com

CYBERSECURITY INITIATIVE

Documents

NATASHA COHEN, RACHEL HULVEY, JITTIP MONGKOLNCHAIARUNYA ... · feedback: Bob Butler, Amir Becker, Chris Cook, Chris Fogle, Cliff Zintgraff, Dan Blumberg, Ian Whiting, John Dickson,