Itai Greenberg, chief strategy officer with Check Point Software Technologies Ltd., has what some might consider the unenviable task of annually having to present a three-year product development plan to the firm’s board of directors and executive team.
As the company’s mandate is to prevent cybersecurity incidents from occurring, there is no opportunity to get it wrong. Fortunately, Greenberg, who, aside from strategy, also oversees business development and mergers and acquisitions (M&A) for Check Point, is not the type to avoid such challenges, but to embrace them.
“During the year I am presenting updates for the strategy,” said Greenberg late last week, in an interview with IT World Canada, adding that adjustments are made over time based on developments occurring in the cybersecurity market.
He needs to be on the mark, as witnessed by the company’s 2023 security report, released last week, that revealed cyber attacks hitting an all time high, the result of what the company said was “response to the Russo-Ukrainian war. Education and research remains the most targeted sector, but attacks on the healthcare sector registered a 74 per cent increase year-on-year.”
Authors of the report note that cyberattacks rose by 38 per cent in 2022 compared to the previous year, with an average of 1,168 weekly attacks per organization being recorded.
Reducing those numbers and others was a central theme behind the company’s most recent product rollout, which took place on Thursday at CPX 360 Americas, the company’s annual user and partner event, which was simulcast in Toronto, New York, and several other locations across North America.
Speaking in New York, company founder and chief executive officer, Gil Shwed, predicted the world is on the verge of what he described as a “very interesting revolution – the AI revolution. We have been investing in building AI technologies – more than half of our threat engines at Check Point contain AI – but I think 2023 might be the tipping point where (it) becomes an important part of our life and our world.”
Speaking in Toronto, Greenberg said that today using AI technology is “the only way that you can deal with a cyber attack. The proliferation of attacks, the variety of the attacks, and how fast they’re changing, it’s very hard for a deterministic approach to actually block the attack.
“You need to go with something that is powered by machine, powered by AI, to understand what are the patterns of the communication, the data, the source, the destination. Now, in order for you to come up with a good technology that actually is accurate, you need to rely on long lists of indicators.”
Those theories, those sentiments, are what are behind details about two product announcements he delivered at CPX 360: Check Point Horizon XDR/XPR and Quantum SD-WAN, both of which are generally available now.
The latter is a new software blade in the Check Point Quantum Gateway, a unified management platform that contains an assortment of threat management capabilities that the company says provides prevention against zero-day, phishing, and ransomware attacks.
“Most existing SD-WAN technologies in the market are not built with security in mind,” the company said in a release. “Connecting branch office SD-WANs directly to the internet bypasses traditional data centre-based security, exposing branch offices to cyberattacks.”
According to Check Point, Quantum SD-WANs block upwards of 99.7 per cent of new malware, which means branches no longer need to choose between rapid connectivity and security.
Meanwhile, Horizon XDR/XPR – XDR is short form for extended detection and response and XPR stands for extended prevention and response — Check Point said, “elevates cyber security with a focus on proactive prevention using intelligent correlation of data, stopping cyber attacks from spreading across all vectors and minimizing the impact of threats.
It contains the following capabilities:
- The ability to take immediate prevention actions such as blocking, isolating assets, quarantining, and integrating with both Check Point and third-party security products.
- Streamlined cybersecurity management, which provides organizations visibility into attack behavior, context and damage, and detailed analytics on indicators of compromise.
- The ability to enable organizations to “consolidate and optimize their security operations, improving collaboration between security and IT teams to strengthen threat prevention across multiple vectors.”
Dave Gruber, principal analyst at research firm ESG, said “the extended detection and response movement was fundamentally driven by the growth of a more advanced, multi-vector threat landscape. Yet prevention solutions remained siloed, often falling short in their ability to ward off advanced threats.
“The introduction of Check Point’s extended prevention and response introduces a more integrated approach to threat prevention, following principles already proven by XDR (offerings). This advancement in collaborative prevention technology looks promising and could potentially drive change across the broader security industry.”
Paul Comessotti, sales and operations executive with Check Point, who is based out of Calgary, said that attacks are happening so quickly now that the response part of the equation can no longer be handled by human beings.
“Horizon takes that out of the people’s hands and puts it in the experts’ hands using AI. For example, if something happens in Singapore, two seconds later, personnel in the Toronto office, although they are not being attacked, will not only know about it, but know they are protected. Rather than wondering what is going to happen, the prevention measures are shared via ThreatCloud AI. The technologies and the intelligence are applied and it’s all automated for them.”