Check Point has a new CEO for the first time in more than 30 years. That doesn’t mean the security specialist is suddenly taking a different approach. In an industry that is increasingly shifting toward detection, Check Point continues to insist on prevention.
CheckPoint’s annual CPX conference in Vienna is a celebratory edition this year. Last year, founder Gil Shwed surprisingly announced he was stepping down as CEO of his company after 30 years. A year later, his successor is ready to take over the torch. The house DJ is already laying down solid techno beats from the morning to wake up the crowd for the big moment.
First up is Shwed himself. He will then no longer be in the spotlight, but will remain closely involved with his company from the background. He seems to like the new role: “Instead of fifty meetings a week, I have no more than ten. It’s much more relaxed now. I feel like a proud father watching his son move out of the house to live with his new wife. Even though my son is now independent, that doesn’t make him any less my son. But I know the business is in good hands,” Shwed sounds slightly emotional.
Prevention first
Shwed has every reason to slow down. Few people can say they invented an industry. Shwed can call himself “the father of the firewall. In 1993, he developed the first stateful inspection firewall, the precursor to the modern firewall, of which he is still a patent holder. The invention marked the beginning of the Check Point company.
From our last conversation with Shwed, we learned that Check Point divides the evolution of cyber attacks into generations. Anno 2025, we are at the fifth generation, he says. “Cyber attacks have evolved from simple to complex. Each generation builds on the previous one and becomes more sophisticated. The current wave is characterized by multi-vector attacks. The sixth generation is upon us: security will have to keep evolving.”
So Check Point will not immediately run out of customers. After 32 years, the philosophy hasn’t changed much. Where competitors excel with their high detection rates, Check Point has sworn by prevention since day one. Shwed: “It’s important to know you’ve been attacked, but by then it’s actually too late. Prevention of damage is always more effective. But it’s just the hardest part to get right. You don’t want to overload security teams with false reports.”
The firewall is not dead
In recent years, the firewall has been declared “dead” several times by industry experts: an opinion Shwed logically disagrees with. “The firewall is older than the Internet. Over the years, of course, devices have become much more sophisticated. Today there are hundreds to thousands of access points that need to be secured. The network is the most critical aspect of IT, because that’s where you can control everything.”
“The firewall is the door between the Internet and the internal company network: it remains a crucial line of defense. Even if you have a good safe to put your valuables in, you don’t leave your door open to burglars. Firewalls are now ingrained at various levels. Large organizations can have up to thousands of firewalls in use. That’s not even counting the personal firewall on employee laptops.”
It is important to know that you have been attacked, but by then it is actually too late. Prevention of harm is always more effective.
Gil Shwed, Check Point founder
Bells and whistles
Then it’s time for new CEO Nadav Zafrir’s baptism of fire. What he is about to say turns out to be a surprise even to Check Point employees. “Shouldn’t it be obvious after the previous keynote: I’m that new woman Gil was talking about. And you know who always has the last word in a marriage”. There is no sign of any nervousness on Zafrir’s part.
Zafrir shares his view of the security market. “An asymmetry has emerged between defenders and attackers: attackers are faster than us in exploiting new technologies. We must therefore be honest with ourselves and remain innovative. If we don’t keep our eyes open, we will be mercilessly punished. Only with teamwork can we overcome this asymmetry”.
The new CEO is not shying away from poking at the competition. “In recent years, the industry has gotten a lot of bells and whistles. It is high time that security revolves around securing again. Our society is under pressure.”
Promptly, Zafrir conjures up some charts claiming that Check Point stops more vulnerabilities than rivals, but also that its own software suffers fewer vulnerabilities. “Because of our high level of prevention, we reduce the chances that something bad can happen. But what companies don’t want at all is for their security vendor itself to be the problem.” A jab at Fortinet, which recently faced a serious leak in its firewalls.
Hybrid SASE
To stay true to its philosophy, Check Point has had to evolve with it. Security today has to be ingrained everywhere in the IT ecosystem. Zafrir acknowledges that life for security teams has not gotten any easier. “Complexity is pushing us to the edge. We have to be careful not to fall over the cliff. Security today consists of multiple layers, with the network as the most important layer. Without a secure network, you cannot possibly secure the rest. A lot is changing, but what is not changing is that we depend on the network.”
Check Point’s answer to the complex security issue is hybrid SASE. Check Point swears by SASE, but understands that customers are not always willing to move the center of gravity of their security to the cloud in one fell swoop. “Cloud security is extra complex. Moreover, the cloud is not as secure as people think. The challenge is building architectures strong enough to manage risk at multiple levels. Good security should not have a single weak point,” Shwed said.
Without a secure network, you cannot possibly secure the rest. A lot is changing, but what is not changing is that we depend on the network.
Nadav Zafrir, CEO Check Point
Hybrid SASE offers customers a more “gradual” path, where companies move to the cloud what they can, combined with security in the edge and on device where it remains necessary. “Vulnerabilities in the edge are underestimated,” believes Lotem Finkelstein, Director of Threat Intelligence at Check Point Research.
Finkelstein explains his statement, “We do not yet fully understand exactly how our devices are connected. During the corona pandemic, we had to make an accelerated transition toward cloud and hybrid networks. Changes we thought were temporary have turned out to be permanent. Security should not stop these changes, but just allow them to happen in a secure way.”
Hybrid work has created a new reality for security, observes Sergey Shykevich, Threat Intelligence Lead. “Corporate networks today are usually well secured, but hybrid workers often use their own devices that are less secure. It is also difficult to avoid using work devices for personal purposes. Employees are reluctant to have monitoring software installed on their personal devices because it feels like an infiltration into their privacy.”
Platformization
Shwed sees other factors that increase complexity. “The security market is far too fragmented. And I’m not saying that because we don’t want competition. There is too much technology to choose from. Customers are leaving things open because they can’t get their bases covered anymore. No one can manage an entire IT environment on their own: vendors and solutions should come together.”
Zafrir shares that sentiment: “I personally dislike the term platformization. The word is used a lot these days, but what does it really mean? There is no one solution in the market that has one solution for everything. We strive to continue to innovate and give customers what they need to meet their security challenges. But we also want to be honest about what we don’t have yet, or what we can still improve.”
In time, AI will be so deeply embedded in everyday applications that it will be almost impossible to stop it completely.
Sergey Shykevich, Threat Intelligence Lead Check Point Research
For, with and by AI
Zafrir’s presentation suddenly takes a dark turn when it comes to AI. “AI is no longer a future, but there are still many unknown variables. We genuinely don’t know what it will bring. How do you prepare for that?” In the background, a video of robot cats conquering humanity plays. “With real security, not hip marketing videos,” Zafrir says with another quip.
Shykevich and Finkelsteen also envision the future with AI not pessimistically, but realistically. “AI is a tool that makes everyone’s life more efficient. If you’re not using it, you’re falling behind,” Shykevich said. “We have to realize that cybercriminals will also use it to work more efficiently: cybercrime is a business. It will always be a cat and mouse game. We have to make sure that we as defenders use it better. Now we are still ahead, but the game will be played in the long run.”
Many companies are still unsure how to deal with AI. Shykevich shows understanding for that: “There is still a lot of uncertainty about how models process data. As a result, some companies prefer to hold back AI. There is no right or wrong approach, but eventually AI will be so deeply ingrained in everyday applications that it will be almost impossible to block it completely. Then it’s almost like banning Google”.
read also
Check Point: ‘AI both tool and target of cyber attacks’
“The scale at which deepfakes are spreading is worrying,” adds Finkelstein. “There was a recent example in Asia where an employee was targeted by a deepfake from his boss. We need to be vigilant: not because technology itself cannot be trusted, but because as human beings we have a right to know the truth. With identity, this is even more important”.
“There are three hatches: security for AI, security with AI and security by AI. This last hatch still gets too little attention. AI is a very good tool for research. It is not independent, but what we can offload, we already do. Every year I am more surprised at how the technology evolves. In a few years, we won’t be able to imagine life without it. Now there is still a lot of fear about it, the right rules and protection are needed. Our job is to make sure AI solutions are protected before the customer rolls them out. We take that very seriously.”.
Finkelstein ends on a positive note. “Technology is evolving and AI will spawn new products, but our basic understanding of security remains relevant. There is no shortcut: start with the basics and let new technologies be part of the transformation.”