Check Point CEO: Companies must shift from cyber detection to prevention

Shwed highlighted the challenge faced by enterprises when trying to identify the right technologies offered by thousands of different vendors.

By EYTAN HALON
Check Point Software CEO and founder Gil Shwed addresses the Cyber Week Tel Aviv University Conference, June 26, 2019 (photo credit: CHEN GALILI)
Check Point Software CEO and founder Gil Shwed addresses the Cyber Week Tel Aviv University Conference, June 26, 2019
(photo credit: CHEN GALILI)
Enterprises must change their cybersecurity priorities from investing in cyberattack detection technology to investing in prevention technology, according to Check Point Software CEO and founder Gil Shwed.
Addressing the Cyber Week Tel Aviv University Conference on Wednesday, Shwed said that approximately 80% of current cybersecurity investments focus on detection, while just 20% on prevention. The ratio, he claimed, ought to be flipped.
“We need to be able to block the attack before it occurs, and that’s how we’ll reduce risk surface and block them,” said Shwed, who co-founded global cybersecurity leader Check Point in 1993 with Shlomo Kramer and Marius Nacht. “Companies should focus most energy on prevention and the rest of it on analyzing, processing and knowing what’s happening.”
Committing resources to prevention is critical, said Shwed, as damage caused by cyberattacks can be immediate. In 2018, Check Point blocked over 100 million unknown attacks, and its ThreatCloud Managed Security Service exceeded 86 billion compromise queries per day – compared with six billion daily searches on Google.
“If in the physical world we can collect intelligence, process it and run faster than the bad guys, in cyber space we have no time,” said Shwed, adding that “you can’t rely on human beings to be faster than the bots and machines. Because we are fighting machines, we need to have electronic warfare that will fight automatically and prevent damage before it happens.”
Emphasizing that companies need to urgently step up their capabilities to combat fifth-generation cyberattacks, potentially devastating large-scale and multi-vector assaults, Shwed highlighted the challenges faced by enterprises in trying to identify the right technologies offered by thousands of different vendors. Cloud infrastructure applications in particular, he added, are often the weakest link for companies.
“You can’t build a solution by looking at 3,000 vendors,” said Shwed, Israel’s eighth-richest person. “You need to build an architecture based on fewer specialized technologies, and consolidate and simplify. If you have a firewall, use the advanced capabilities. If you use an end-point system, do the same to protect against previous four generations and also fifth-generation threats.”
Highlighting potential dangers posed by cyber vulnerabilities, Check Point Research – the threat intelligence arm of Check Point Software – announced on Wednesday that along with Petah Tikva-based CyberInt, the company had identified a chain of vulnerabilities in the Origin gaming client developed by video game giant Electronic Arts (EA). If exploited, the vulnerabilities would have likely lead to player account takeover and identity theft.
Games developed by EA such as Fifa, The Sims, and Medal of Honor to name a few, leverage the Origin client gaming platform, which allows users to purchase and play EA’s games across PC and mobile.
Researches disclosed the vulnerabilities to EA, ensuring that an update be rolled out before threat actors exploited them. Vulnerabilities found in the platform did not require users to hand over login details, but instead took advantage of abandoned sub-domains and EA’s use of authentication tokens, in conjunction with the OAuth Single Sign-On (SSO) and TRUST mechanism built into the user login process.
“EA’s Origin platform is hugely popular, and if left unpatched, these flaws would have enabled hackers to hijack and exploit millions of users’ accounts,” said Oded Vanunu, head of products vulnerability research at Check Point. He added that “along with the vulnerabilities we recently found in the platforms used by Epic Games for Fortnite, this shows how susceptible online and cloud applications are to attacks and breaches. These platforms are being increasingly targeted by hackers because of huge amounts of sensitive customer data they hold.”