IT Brief Australia - Technology news for CIOs & IT decision-makers

Video: 10 minute IT Jams - An update from Check Point Software

Fri, 18th Aug 2023
FYI, this story is more than a year old

Cyber threats are rising fast. For Sadik Kbal, Security Engineering Manager for the Office of the CTO at Check Point Software Technologies, safeguarding companies and government organisations is an evolving battle - one the company believes it is well ahead on.

Check Point Software has been at the vanguard of cyber security for three decades, tracing its roots back to the invention of the modern firewall by founder Gil Shwed in the early 1990s. As Kbal explained, "Our company was actually founded by Gil Shwed who invented the modern day firewall...he is still our current CEO and has continued to keep us at the cutting edge of technology to be ahead of the ever-shifting threat landscape."

Today, Check Point protects over 100,000 customers in 88 countries, offering a sweeping portfolio of over 82 security controls designed to tackle the full spectrum of cyber risks. These controls cover attack surfaces as varied as networks, cloud, hybrid workspaces, mobile devices, and the Internet of Things (IoT).

"We provide a number of tailored solutions to meet challenges for large enterprise, governments, midmarket and SMB businesses," Kbal said.

Check Point's technical offerings are broad. Among the flagship products are the "world's fastest firewall known as LightSpeed" and what Kbal described as "the industry's only true hyperscale firewall solution" - designed, he said, to "future-proof so you'll never have to rip and replace one of your older firewalls again in order to meet an increase in capacity."

The company's suite covers everything from securing real estate in AWS and Azure cloud environments, to defending web applications and entire application lifecycles, to hybrid workspace solutions including secure remote access, SASE, SD-WAN, and comprehensive protection for traditional endpoints, IoT, and mobile phones.

But it's not just technology on offer. Professional services span strategy and planning, implementation, optimisation, ongoing management, security consulting and emergency incident response - including services for non-customers facing immediate attack. "We also provide planning around incident response and tabletop exercises to test your organisation's cyber resiliency," Kbal added.

Asked what sets Check Point apart from the more than 3,000 security vendors on the market, Kbal was emphatic: prevention comes first. "We are the only cyber security player that does not believe in what's known as a 'patient zero' approach," he said. "The industry prefers to err on the side of caution by allowing anything that's unknown or suspicious to go into the organisation...then the onus is on the security team of that organisation to jump into action, remediate the threat, and hope it hasn't spread too much during that time. We believe that's a very inefficient and expensive way to control your risk."

Check Point has, instead, "put a lot of effort and investment into our security portfolio to be able to block all threats at the door accurately," he explained. This approach leverages proprietary technologies such as CPU-level sandboxing and features like "threat extraction" which automatically strip active content from incoming documents, ensuring only sanitised data reaches users.

Central to this is Check Point's threat intelligence operation, one of the largest in the industry. Over 30 years, the company has accumulated global telemetry from millions of sensors, incorporated law enforcement feeds, and run its in-house research projects including dark web scanning and ethical hacking. "All of that data is crunched by our 40-plus AI and deep learning engines," Kbal said. "We are then able to turn that data into meaningful insights to make an accurate prediction as to whether something should be blocked or allowed into an organisation."

On average, Check Point's cloud AI makes two billion security decisions a day. "That is why we have one of the highest catch rates and lowest false positive rates in the industry," Kbal said.

He also pointed to product security, emphasising, "We're proud to have one of the lowest vulnerabilities across our portfolio." This is in direct response to a concerning trend in which hackers increasingly target security technology itself, exploiting flaws in widely-deployed defensive controls.

Check Point's threat research division, CPR, keeps a constant watch on the threat landscape. Comprising more than 200 researchers, engineers, data scientists and ethical hackers, the CPR team produces regular reports on cyber trends. Their verdict is clear: the threat level is rising fast, especially in Australia and New Zealand.

"Over the last couple of years, we've seen exponential increases in targeted attacks, particularly towards the education, research, and healthcare industries," Kbal said. "Ransomware is still probably the most commonly used attack vector...we saw a 32% year-on-year increase against businesses using ransomware tactics." Check Point's data suggests as many as one in 40 organisations has now been hit by a ransomware attack.

Yet, ransomware is evolving into even more insidious forms. "What we've also now started to see is data extortion...where threat actors are now also making additional money by not just encrypting the data, but they steal the data and then they sell it to other parties or they sell it back to the customer for a double extortion racket," Kbal explained.

He also highlighted the rise of "wiper" attacks - malicious campaigns with the sole purpose of destroying data, often linked to hacktivist motives amid global geopolitical tensions. "We've seen prominent hacking groups now take sides...or in some cases be put under the payroll of the two parties in question," he said, referencing instability in Eastern Europe.

Mobile devices are another growing battleground. "We've seen a number of increased attacks towards mobile phones, which is probably one of the areas most organisations forget when they're building their cyber security posture...our stats indicate we've seen a lot of targeted attacks using poisoned applications and targeting OS vulnerabilities," Kbal noted.

Rounding out the threat landscape is AI. "The level of sophistication of phishing attacks we're now seeing targeting organisations has vastly increased," Kbal said. "The days of a 'Nigerian prince' email where you could easily decipher when something was iffy have now gone...professionals are being caught off guard." With large language model technologies now being used to create convincing malicious code and phishing campaigns—sometimes sold as a service on the dark web—the risks posed by AI-enabled attackers are only expected to grow.

Despite these challenges, Check Point has built a substantial presence in Australia and New Zealand over 20 years, with local teams in every state and data centre resources to support cloud and SaaS offerings. "We are a 100% channel-led organisation in Australia so we also have 400 active partners who collectively support our customers with us," Kbal said.

As for getting in touch, Kbal encouraged enterprise users to reach out directly or via community forums and live threat intelligence feeds. "You'll be able to see in real time what our threat intelligence database is seeing, the attacks we're blocking across the world, where they're originating from, who they're targeting, what styles of attacks are currently trending at any moment in any given day, which makes for quite interesting viewing," he said.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X