“Ruthlessly prioritize what’s critical”: Check Point expert on CISOs and the evolving attack surface
On stage during the opening keynote at Check Point Experience in Vienna, founder and CEO Gil Shwed is telling the audience about a spike in what the company defines as ‘gen V’ ransomware attacks in 2023.
Throughout the conference, Check Point has used the example of gen V attacks as a backdrop against which to argue for enterprises to adopt its vision for holistic security platforms that are comprehensive, consolidated, and collaborative. Shwed stresses that the 90% increase in gen V ransomware attacks, surpassing 5,000 in total throughout 2023, can be best fought through a joined-up approach to security.
“I believe the most important element here is the third C, and that’s collaboration. The only way to prevent attacks and take advantage of all the innovation in our industry, all the innovation that we deliver, and all the investment that you make in security, is to make these technologies work together for you.”
Unlike older attack methods that typically look to compromise and exfiltrate data from a single hard drive or server, Shwed says, gen V attacks move laterally and proliferate throughout an enterprise to disable the business’s core functions.
Although Check Point has placed focus on switching up defense tactics throughout the event, it has ultimately presented itself as an agent of change when it comes to its security platform. The future, the firm says, is cyber collaboration.
‘True’ security through innovation
Check Point’s head of global CISO and C-Suite advisor for EMEA Deryck Mitchelson tells ITPro the end goal for all security platforms is to provide CISOs and other leaders with full visibility as well as actionable intelligence across the IT estate.
“We’ve been talking about platform plays for many years. Gartner came out and said this would be a direction that they see executives want to go in for the same reasons… it is full visibility but it's also actionable intelligence.”
Powering these actionable insights is AI, a vital cog in Check Point’s vision for a collaborative, cloud-based, AI-powered security platform. AI security is a phrase that has popped up over the course of the event and one of the major announcements in Vienna is the release of Check Point’s flagship generative AI product, the Infinity AI Copilot.
To harness the benefits conversational AI agents can provide security professionals the various components of an enterprise’s security architecture need to be able to jointly feed the model with relevant data, and this where a unified and collaborative approach is key.
All of this brings the company closer to what Shwed calls ‘true’ security platforms, which combine a patchwork of endpoint solutions, threat detection systems, and monitoring tools into a unified security solution. It's a more technological shift than strategic, as Check Point aims to deliver collaboration by way of AI oversight.
Check Point’s vision of a collaborative security platform
The overriding message Shwed returns to throughout his keynote presentation is that security systems have to work together and this has been reflected in the company’s wider strategy throughout.
He sees Check Point’s automation and collaboration platform Playblock, launched at the end of 2023, as the first step towards this goal. The Playblocks system can provide automatic mitigation responses for both Check Point and third-party security products.
“Security has to work together. One of the first steps is we need to make that collaboration message real and not an architecture but a true platform and a true architecture is the launch of Playblocks last quarter making security collaborative.”
Collaboration across an overarching platform, between the individual components will often require interfacing between third-party products, and this is an area where Check Point thinks it can differentiate itself from the competition.
This will not be a seamless process, however, as enterprises will need to create and interconnect application programming interfaces (APIs) and subsequently manage this interface. It’s also worth noting that Check Point’s platform remains optimized for internal products first and while third-party products can be integrated into the platform as well, it requires extra legwork.
There’s every sign, however, that Check Point is invested in making cross-product collaboration work. VP of Email Security Gil Friedrich tells ITPro about a project involving a Fortune 50 company where Check Point worked alongside Palo Alto Networks to provide an integrated solution for their customer.
Create alignment across your teams and transform the way you manage risk
“We had a customer that asked us to integrate with Palo Alto’s EXSOAR, so you could think, Check Point, Palo Alto, competitors? maybe we would say no – there is no chance we would say no! We got amazing support from Palo Alto to get that integration done … both parties wanted to give the best service and understood that it comes from collaboration.”
Friedrich explains Check Point’s vision of collaboration in the security space extends beyond the company’s own product ecosystem in order to provide the best protection for any customer, regardless of their security stack.
“In that respect, we might compete on the business side but we have the same goal and we collaborate to fix it, promoting a more secure world.”
Business email compromise attacks are evolving, but what can be done about it?
Check Point makes a strong argument for unified platforms in the face of AI-enhanced multi-vector attacks that are becoming increasingly targeted and frequent. By championing collaboration across a platform between first and third-party products, it looks to be on the right path towards achieving this goal and ahead of competitors. But the platform clearly still has some way to go before its customers will be able to enjoy the freedom of unifying the patchwork of products in its security stack under one umbrella.
