The Dynamics of the Largest Cybersecurity Industrial Clusters: San Francisco Bay Area, Washington D.C. and Israel

​The cybersecurity industry, driven by national security interests and private-sector protection, plays a critical role in our shared economic and cultural reality. The underlying premise of this report is that the cybersecurity industry does not emerge in a vacuum; rather it is influenced by environmental conditions present in a particular place and time. Thus, rather than using theory to analyze cybersecurity industry, this report uses field data to illuminate theory and policy with a focus on the relationship between economic development and physical environment.


​The contribution and novelty of this report is threefold. First, the report assesses the key features of cyber companies; second, it defines related taxonomy and typologies of companies; third, it places the companies in a socio-geographical context. Empirically, this report focuses on both the distinct and the shared characteristics of the world’s three largest regional cybersecurity ecosystems: Silicon Valley, Washington D.C., and Israel. These three clusters each contain several hundred cybersecurity firms specializing in a wide array of products and services. Using the Cybersecurity150 as a gauge, approximately 32% of major firms are located in the San Francisco Bay Area (SFBA), 9% in metropolitan Washington D.C., and 12% in Israel.


Benefits of clustering cybersecurity industry: access to a pool of specialized labor, knowledge spillover, access to capital, and inter-organizational linkages. Research suggests that clusters’ economics should be linked to their social dimensions and the configuration of the built environment. In addition, based on the empirical analysis, we suggest using a nuanced taxonomy of cybersecurity clusters using a spectrum of intensities: mega-, mesa- and micro-clusters, sub-clusters, and hot zones.


This report is part of a broader project on the Dynamics and Geography of the Cybersecurity Industry supported by the Blavatnik Interdisciplinary Cyber Research Center (ICRC) at Tel Aviv University. The information and discussion presented below are based on a review of existing literature; a wide-reaching data collection process conducted in 2018 and 2019 using industry databases, online literature, interviews and other sources; and Geographic Information Systems (GIS) analysis. In sum, cyber industry cannot be understood in isolation, but only as part of a larger context. Although this industry has some unique features, cybersecurity clusters are not autonomous, and their emergence is connected to a wider technological infrastructure, and to a particular political urban and regional context.

Tel Aviv University makes every effort to respect copyright. If you own copyright to the content contained
here and / or the use of such content is in your opinion infringing, Contact us as soon as possible >>