natali_mis - stock.adobe.com

CPX 2025: Check Point CEO talks up hybrid mesh security

At CPX 2025 in Bangkok, Check Point CEO Nadav Zafrir outlined a vision for network security centred on hybrid mesh architecture and AI-powered capabilities

Check Point’s newly minted CEO, Nadav Zafrir, kicked off the company’s CPX 2025 conference in Bangkok this week with a bold vision for the future of network security, centred on the “hybrid mesh architecture” and artificial intelligence (AI)-powered security.

Speaking at the event’s opening keynote, Zafrir, a veteran in the cyber security industry, underscored the importance of “real security” in a world saturated with buzzwords and hype. He noted that while AI presents both opportunities and challenges, Check Point’s core mission remains the same – that is, to protect critical infrastructure and sensitive data from increasingly sophisticated attacks.

“We live in a hyperconnected world, rapidly evolving with the emergence of AI,” said Zafrir. “This new dimension demands a shift in our approach to security. It’s no longer enough to solely rely on cloud-based solutions. We need a flexible, adaptable framework that empowers organisations to consume security where and when it’s needed.”

This framework, he said, is the hybrid mesh architecture. A departure from the cloud-only secure access service edge (SASE) approach, it allows organisations to integrate on-premise and cloud security offerings. This flexibility allows for a better user experience, enhanced security and better control over cloud costs.

Zafrir noted that the hybrid mesh will allow organisations to adapt their security posture to their specific needs, adding that it’s about creating a security fabric which encompasses all endpoints and connections, ensuring consistent protection regardless of location or device.

Nataly Kremer, Check Point’s chief product officer, said the hybrid mesh architecture lets organisations move beyond the confines of cloud-centric SASE offerings.

“Instead of forcing all traffic through the cloud, the hybrid mesh allows businesses to dictate the inspection point for each use case,” she said. “This means organisations can leverage the power of the cloud when needed, while retaining the flexibility to secure traffic locally on-premise, ensuring optimal performance, cost efficiency and, most importantly, security.”

Read more about cyber security in APAC

Zafrir noted that while Check Point had been late to the SASE market, the company was able to learn from the mistakes of others and develop the right architecture. “When you think about a hybrid mesh, sometimes you want to connect from your branch office to the internet, and you’d want to go through a SASE infrastructure to get the security in the cloud,” he said.

“But other times, you want flexibility, because you want to go directly from your datacentre to your cloud environment and you don’t want to go through a SASE architecture. And many times, your users need connectivity to the internet, but it’s not always through SASE.”

At the event, attended by customers and partners across the Asia-Pacific region, Check Point executives also dived deeper into the company’s product roadmap, including innovations in its Quantum, CloudGuard and Harmony product lines, along with advancements in AI-driven security for both on-premise and cloud environments.

These include the launch of AIOps, a new cloud service designed to predict and prevent network issues before they arise, and enhancements to Check Point’s web application firewall, boasting a 90% reduction in false positives through advanced AI engines.

Check Point also envisions the rise of the autonomous firewall, where AI makes real-time security decisions based on contextual awareness. “Instead of having thousands of predefined rules, we want to have AI that makes decisions in real time based on context,” said Kremer.

Addressing the growing concern of AI-driven threats, Zafrir acknowledged the nefarious potential of AI in the hands of malicious actors, citing the potential for AI-driven malware and the automation of sophisticated attacks.

He also pointed to threats around deepfakes, the expanding attack surface, as well as threats to AI models. “[Attackers] can go after your models, steal them and poison the data that feeds your models, which makes it incredibly hard to understand where the output stems from,” said Zafrir, adding that Check Point is developing capabilities to counter such threats, including tools to safeguard AI models and protect against AI-driven attacks.

Read more on Network security strategy