Is the future of cyber security a one-stop-shop, an all-encompassing platform that promises to do everything short of physically kicking in the door to arrest cyber criminals? Check Point founder and CEO Gil Shwed is betting the farm that his new concept, Infinity Next, will not only be that platform, but that it will chart a path forward for the entire sector as we move into the 2020s and a fast-changing world of dynamic, adaptive threats.
The Infinity Next platform was revealed over the course of three Check Point roadshow events that took place in Bangkok, New Orleans and Vienna during January and February 2020, and is already well in use at some of Check Point’s larger corporate customers. Shwed thinks it heralds a step-change in how the world “does” cyber security.
Like his peers and contemporaries at the heart of Israel’s booming security sector, Shwed’s pathway into security began in the Israeli Intelligence Corps’ renowned signals intelligence and code decryption team, Unit 8200. So perhaps it is no great surprise that he talks of security in terms that a military man will comprehend.
“We need to first fight jointly,” he tells me when we sit down in an austere meeting room in a Vienna conference centre. “If malware can infect you through your email, through a download, or through your mobile, you need to fight it on every front to contain it and stop it. You need to integrate the different elements of cyber security.
“An enterprise cannot afford to have 10, 20 or 30 cyber security vendors – and that’s not a huge number; I just met a partner with a customer that has 202 – but our job is to consolidate that. We also need to simplify complexity. And, last but not least, we need to prevent attacks. Those are the three principal ideas in everything we do at Check Point, and with Infinity Next in particular.”
Shwed believes that through Infinity Next, Check Point will be able to play a bigger role in its customers’ security posture, saying that supplying just network security or endpoint security solutions is no longer enough in a cloud-first world.
“That is, I think, what we need to do in the next decade – to try, as much as possible, to make security simple, available and uniform, so it can fight these threats,” he says.
“There is a huge amount of investment from customers in remediation. I wouldn’t say that’s useless, but it’s almost useless”
Gil Shwed, Check Point
So would it be fair, perhaps, to characterise Infinity Next as a move away from post-incident mitigation and recovery to stopping the incident from ever happening?
“Absolutely,” says Shwed. “If you look at our industry, 80% of new startups and products are about detection and remediation, and there is a huge amount of investment from customers in remediation. I wouldn’t say that’s useless, but it’s almost useless.
“Knowing that you’ve been hacked yesterday is, well, the damage is done. You cannot recover it. If somebody steals money from me, my insurance can give it back to me but if somebody steals my data, I cannot get it back – it’s out there. I cannot get my reputation back. That’s why we need to prevent the attack from happening at the starting point, and that’s a very important element of our strategy.”
Prevent, don’t mitigate
To Shwed’s mind, the current crop of security technologies on the market give too much credence to the maxim that you will inevitably get attacked and breached when the solution is, to his mind, to detect and remediate those attacks. He believes there is still an urgent need for something that revolves around stopping the attack, rather than detecting it after the fact.
Check Point’s heritage in defensive firewall technology would suggest this belief is not unfounded. The simplistic version of the company story credits Shwed with inventing the firewall in the 1990s, although actually he invented stateful inspection, a key element of modern firewalls.
“Over the years, we have developed a huge set of technologies for preventing and stopping attacks,” he says. “The question now is how do I re-engineer them so we can put them everywhere?”
During his keynote presentation earlier in the day, Shwed told the audience that currently, a complete “soup to nuts” Check Point security solution adds up to about 5GB of software, so the challenge is to take that 5GB package and re-engineer it so that Infinity Next can work on a PC, a bring your own device (BYOD) smartphone, an internet of things (IoT) device, or in the cloud.
“The re-engineering is about taking that knowledge – which cannot be developed overnight; it was developed at Check Point over 25 years – and make it accessible to every asset,” he says.
Naturally, automated components will play a key role in this, both in terms of attack detection, and in terms of provisioning, says Shwed. Infinity Next will enable users to deploy secure workloads in the cloud without having to hang around waiting for the security team – particularly useful for cloud-centric teams that frequently complain that security is one of the biggest roadblocks they face to getting things done more quickly.
“When I talk about automation, it’s both of these things, although mainly the latter,” says Shwed.
Ultimately, Shwed hopes this will increase his customers’ understanding of exactly what it is they’re going up against, and along the way he is enhancing his own ability to understand the world of cyber threats and criminals.
“In the past, I just built firewalls and I didn’t need to understand who was behind them; I just needed to make sure that the wall was tall enough and strong enough,” he says. “But today I need to understand the people on the other side, I need to understand what they’re looking for and how they operate. That is partly why we have such a big research team at Check Point, which we didn’t have a decade ago.
“That’s one element of it. The second challenge we have is to prevent unknown attacks – to make sure that when there is a new threat, we can either prevent it before it happens, or when it does happen, we can stop it quickly.”
Read more Security Interviews
- F-Secure’s Mikko Hypponen discusses cyber weapons and nation state threats, and explains why arms limitations treaties might one day expand to include malware and other threats.
- Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up.
- Cyber security technology innovator and veteran Steve Grobman shares his views on adversarial artificial intelligence, post-quantum cryptography and security for next-gen tech.
In a complex and dynamic threat environment, getting things right is a tough call, and Shwed has one eye on the future. “My strategy has always been – sometimes it’s good, sometimes it’s not good – to try to think where the market is heading, what customers need, and what’s the right thing to do,” he says. “And I think that’s what we’re trying, and if we can predict that in the right manner and the right direction, then we will be ahead.”
Shwed adds: “Being in this industry, I’ve learned to sleep well at night. I don’t sleep a lot, but I sleep well, let’s put it that way. If I didn’t sleep because of what might happen, then I would never sleep.
“If you look at our infrastructure, we are very, very vulnerable, and that gives me a lot of work. I wish I could say the job is almost done, but there’s still much more that we need to do. That’s what keeps me awake, at least during the day.”
With early customer feedback proving positive, Shwed’s hope is that 10 years down the line – just as the security industry moved towards a software-first model during the 2010s – Infinity Next will help push it towards a model that prioritises integration and automation, and perhaps, eases a few CISOs’ headaches.