5 Boldest Statements From Check Point CEO Gil Shwed At CPX 360
Simplifying The Complex
Solution providers should expect to see security delivery and security services decoupled and a dramatic proliferation in the number of secured assets a typical organization has, according to Check Point Software Technologies Founder and CEO Gil Shwed.
Shwed told the more than 3,000 attendees at the CPX 360 2019 in Las Vegas Tuesday that the recent emphasis of detection and response is misguided since the virtual world operates at greater speed and with far less accountability than the physical world. Shwed also discussed why he think the healthcare industry is under-protected and why mobile security is too often overlooked.
Here's a look at what Shwed had to say during his keynote address about how simplifying and consolidating security delivery and services will give CISOs far greater oversight and control around their own ecosystem.
5. ‘I think healthcare is an industry that's way under-protected’
Healthcare is one of the most complicated environments to operate in from a cybersecurity perspective, Shwed said, with dozens of different types of machines in each hospital as well as very old software that nobody can touch or path. Shwed said security in the healthcare arena has to be structured differently since healthcare organizations operate in an open environment that's accessible to the public.
Yet at the same time, Shwed said the financial services industry has invested a huge amount into cybersecurity technologies even though their infrastructure is very simple. Financial institutions have to grapple with many applications and users, Shwed said, but benefit immensely from only having to secure a single type of machine and server, as well as operating in a closed environment.
"Cybersecurity remains something that we all need to worry about," Shwed said.
4. ‘Mobile is today our weakest link’
In order to consolidate beyond the network, Shwed said organizations must consider different attack vectors and have an offering that secures the data center, cloud, endpoint, network perimeter, IoT devices, and mobile. Even though mobile is very straightforward to secure, Shwed said it's the attack vector that's most frequently overlooked.
"We all owe it to ourselves to make sure that the device that spies on us 24/7 is secure," Shwed said.
The future, Shwed said, lies in simplifying security, consolidating it, and making it once again affordable from a resource allocation perspective. The maze has begun to be conquered using Check Point's Infinity architecture, Shwed said, which includes threat intelligence that can be shared with the endpoint, mobile devices, network, cloud, and unified management system.
3. ‘If we accept the detection mentality, we're lost’
The majority of customers and vendors alike speak about detecting the next attack, but Shwed said that's misguided. The mentality coming over from the physical world of detecting an intruder, retaliating against them, and then taking action to recover the losses simply doesn't carry over to cyberspace, according to Shwed.
"We can't accept the detection mentality," Shwed said. "We have to do prevention. We have to stop the attacks from getting in."
Malware is capable of shutting down a computer and stealing most of a user's data from the cloud within 10 minutes, according to Shwed, meaning that by the time an attack has been detected, it's typically too late. Plus Shwed said there's no need to wait from the IT department to respond if the attack was prevented in the first place.
"There's nobody to prosecute, and there's nobody to catch," Shwed said. "It's too hard to find them."
2. ‘Not only are there too many solutions, but even if you use a lot of solutions, they don't cooperate’
The cybersecurity space has become exponentially more complex over the past decade, Shwed said, with the number of threat actors increasing from less than 50 to more than 1,000 and the number of alerts generated each day going from less than 1,000 to more than one million.
A lack of interoperability between offerings from different vendors could mean, for instance, that malware blocked at the entrance to a network isn't blocked on the cloud or when downloaded to a different location, according to Shwed.
Today, Shwed said a typically 10,000-user enterprise has roughly 11,000 secured assets, with each user having roughly five assets. But just a few years from now, Shwed anticipates that same enterprise would have 100,000 secured assets, with nearly 50 assets (primarily based in the cloud) attached to each year.
It previously took roughly three decades to see a tenfold increase in the number of secure assets, Shwed said. Now, Shwed said that figure it expected to grow tenfold in just two years.
1. ‘We will break up our infrastructure completely. We will basically separate between security delivery and security services’
In the coming years, Shwed said security delivery will be a very simple, straightforward, and lightweight process flexible enough to accommodate everything from conventional networks and endpoints to virtual servers, computer-less functions, web apps, and custom apps.
Security services, meanwhile, will be consolidated into a very sophisticated cloud, Shwed said, with Check Point deploying new technologies that can be architected centrally to support these complex environments. AI and real-time communication will make it easier for Check Point to bring security to entities both large and small in the enterprise, according to Shwed.
Up until the present, Shwed said every group in the enterprise took care of securing their own devices and writing the security for their applications. But now, Shwed said control is being returned to the CISO to define the correct way to enforce security across the entire enterprise and decouple it from application logic.
"It reduces the complexity greatly," Shwed said.