Check Point pledges end to security updates

At Check Point’s CPX 360 event in Vienna, Austria, the security supplier’s founder and CEO Gil Shwed has expanded on his vision for the next decade in cyber security, promising to end the headache of pushing constant security updates to a myriad of IT assets through a new, all-encompassing platform dubbed Infinity Next.

Reflecting on the changes in the world of cyber security since he started Check Point in 1993, Shwed said he feared that the emergence of organised cyber criminal gangs, evolving cloud risks, targeted ransomware, mobile malware and internet of things (IoT) attacks were being missed by organisations that still focused on an earlier generation of security that prioritises perimeter protection but little else, when the world has moved on.

“We are not protected against current attack levels and volumes,” said Shwed. “Why are we so behind? How do we change it? 2020 is a good time to redefine security and that’s what we want to do now. We call it Infinity Next. We believe Infinity Next is a technology that will revolutionise security, power innovation, and power the next decade.”

According to Shwed, Infinity Next will address the concerns of chief information security officers (CISOs), who say that they have too much technology and too many products; of security engineers, who say that they are overwhelmed and cannot secure clouds and IoT estates; and DevOps teams, who say security should be automated and that they cannot wait for human approval.

He said there were several different methodologies by which one might meet these needs. The most obvious would be to buy more products to secure everything, but that is very expensive. Another might be to move to native security in the cloud, but this is not enough, according to Shwed. The third choice would be to use stitched-together products from large acquisitive suppliers, but these don’t necessarily work together or create a uniform environment.

“The challenge we need to solve is how do we get an environment with the highest security level, with full, manageable coverage, that we can work with,” he said.

Check Point proposes to meet these differing needs by defining and building Infinity Next around three core principles – real-time prevention, agility and securing new assets, and consolidated protection.

Shwed said the result will provide adaptive protection for cloud-native technology, every device that connects to the network, and the network itself. Ultimately it will encompass 60 total security services, all managed through a centralised web portal.

Meanwhile, he said, a lightweight so-called “nano agent” will connect into the Infinity Next Cloud to automatically provision, manage, update and patch security services across the user’s IT estate.

Shwed claimed that, as an example, a mid-sized organisation that currently buys from 19 security suppliers and spends $6m (£4.6m) on security, could use Infinity Next to cut this to four suppliers and a spend of $2.7m.

“Infinity Next is going to be a revolutionary technology,” said Shwed, “with one cloud in the middle that delivers the highest level of security to the datacentre, the branch, the cloud, the IoT and the endpoint.”

Computer Weekly understands that Check Point’s Infinity Next concept is already live with a limited number of early adopters, and will become more widely available in the near future.