A fundamental change is currently taking place in the Israeli market that affects every organization that holds personal information: Amendment 13 to the Privacy Protection Law comes into effect and brings with it stricter requirements, increased oversight by the regulator, legal risks – and, exposure to significant fines.
But if we look at the big picture – this is not a time for panic, but an opportunity for a smart and measured systemic upgrade.
It's time to turn regulation into an advantage:
Professional gap mapping reveals that in many cases, the gaps are small and can be closed without heavy investments.
The regulation does not aim to punish – but rather to ensure that personal information in Israel is managed in a safe, professional, and responsible manner.
Organizations that respond correctly gain image and operational differentiation from their competitors.
What do the regulations actually require?
To comply with the 13th Amendment, organizations must implement several core principles:
Hardening information security – using advanced technological means such as SIEM, DLP and MFA. Access control according to the principle of proportionality – access only to those who need it, at the time required.
Ongoing risk management – identifying, analyzing, and addressing security breaches.
Documentation and control – writing policies, managing logs, preparing for audits.
Mapping gaps in the law – understanding the situation and building a precise action plan.
The role of the information security specialist in the process:
Legal service is an important foundation – but alone it is not enough.
To meet the requirements and build a process that proves compliance with the requirements, professional guidance from a technological and strategic expert is required.
Identifying information security weaknesses in relation to the law
Building application solutions according to budget and organizational environment
Implementation and professional support of technological tools and means
Preparing professional documentation that serves both regulation and management
Training and raising awareness among managers and employees
Why not wait?
Amendment 13 requires not only that you secure yourself – but that you be able to prove that you have taken the necessary steps.
Once such a process is carried out correctly, the benefit is not only legal, but also business:
Improving organizational reputation
Strengthening customer trust
Streamlining internal processes
Reducing legal and operational risks
Compliance with additional global requirements (GDPR, ISO, etc.)
In summary:
"Gap mapping" is not a drama – but a first and critical step on the path to ensuring a safer and more controlled future.
Most organizations find that the gaps that need to be addressed are not far beyond their capabilities.
The goal is to reach the destination without incurring heavy expenses – and with a result that returns the investment.
Cybersecurity & IT – Two Worlds, One Solution
About the Author
Idan Zabari, a leading strategic consultant in the fields of IT and information security, assists businesses and organizations in information protection, technological innovation, and regulatory compliance.