Conferences can be an opportunity to learn, and such was the case last week when Itai Greenberg, chief strategy officer with Check Point Software Technologies Ltd. met with a group of Canadian channel partners at the company’s CPX 360 Americas event.
The annual partner and end-user event, which was simulcast in Toronto, New York and several other locations across North America, provided him with an opportunity to have a frank discussion on what the company is doing right and what needs to change when it comes to its overall channel strategy.
In an interview with Channel Daily News, Greenberg, who aside from strategy, also oversees business development and mergers and acquisitions (M&A) for Check Point, described the channel as absolutely critical.
“Without them we cannot succeed,” he said. “It’s very, very clear.”
It’s also important for both vendor and channel partner to communicate with each other, which is something that happened last Wednesday when Greenberg met with a “room full of partners to listen to what they have to say.”
The frank and open discussion turned out to be beneficial for both sides. Partners had one major concern, and it had nothing to do with the overall Check Point product portfolio, but with “improving the way we tell our story to the market. They believe we can do a better job.”
Asked what partners need to do, Greenberg said that first, “understand that their customers are not just buying products, they are buying services,” and second, “be verbal and help us to understand where are you struggling, and what are the areas that we as a company need to do better.”
The two not only need each other, but both need to be on the mark, as illustrated by the company’s 2023 security report released last week. Findings revealed cyber attacks hitting an all time high, the result of what the company said was “response to the Russo-Ukrainian war. Education and Research remains the most targeted sector, but attacks on the healthcare sector registered a 74 per cent increase year-on-year.”
Authors of the report noted that cyberattacks have risen by 38 per cent in 2022 compared to the previous year, with an average of 1,168 weekly attacks per organization being recorded.
The key to prevention lies with products and services, and to that end, two launches took place at the conference.
Speaking in New York, company founder and chief executive officer Gil Shwed predicted the world is on the verge of what he described as a “very interesting revolution – the AI revolution. We have been investing in building AI technologies – more than half of our threat engines at Checkpoint contain AI – but I think 2023 might be the tipping point where (it) becomes an important part of our life and our world.”
Speaking in Toronto, Greenberg said that today, using AI technology is “the only way that you can deal with a cyber attack. The proliferation of attacks, the variety of the attacks, and how fast they’re changing, it’s very hard for a deterministic approach to actually block the attack.
“You need to go with something that is powered by machine, powered by AI, to understand what are the patterns of the communication, the data, the source, the destination. Now, in order for you to come up with a good technology that actually is accurate, you need to rely on long lists of indicators.”
Those theories, those sentiments are what are behind two product announcements he delivered at CPX 360: Check Point Horizon XDR/XPR and Quantum SD-WAN, both of which are generally available now.
The latter is a new software blade in the Check Point Quantum Gateways, a unified management platform that contains an assortment of threat management capabilities, that the company says provides protection against zero-day, phishing and ransomware attacks.
“Most existing SD-WAN technologies in the market are not built with security in mind,” the company said in a release. “Connecting branch office SD-WANs directly to the internet bypasses traditional data centre-based security, exposing branch offices to cyberattacks.”
According to Check Point, Quantum SD-WANs block upwards of 99.7 per cent of new malware, which means branches no longer need to choose between rapid connectivity and security.
Meanwhile, Horizon XDR/XPR – XDR is short form for extended detection and response, and XPR stands for extended prevention and response — Check Point said, “elevates cyber security with a focus on proactive prevention using intelligent correlation of data, stopping cyber attacks from spreading across all vectors and minimizing the impact of threats.
It contains the following capabilities:
- The ability to take immediate preventive actions such as blocking, isolating assets, quarantining, and integrating with both Check Point and third-party security products.
- Streamlined cybersecurity management, which provides organizations visibility into attack behavior, context and damage, and detailed analytics on indicators of compromise.
- The ability to enable organizations to “consolidate and optimize their security operations, improving collaboration between security and IT teams to strengthen threat prevention across multiple vectors.”
Dave Gruber, principal analyst at research firm ESG, said, “the extended detection and response movement was fundamentally driven by the growth of a more advanced, multi-vector threat landscape. Yet prevention solutions remained siloed, often falling short in their ability to ward off advanced threats.
“The introduction of Check Point’s extended prevention and response introduces a more integrated approach to threat prevention, following principles already proven by XDR (offerings). This advancement in collaborative prevention technology looks promising and could potentially drive change across the broader security industry.”
Paul Comessotti, sales and operations executive with Check Point, who is based out of Calgary, said that attacks are happening so quickly now that the response part of the equation can no longer be handled by human beings.
“Horizon takes that out of the people’s hands and puts it in the experts’ hands using AI. For example, if something happens in Singapore, two seconds later, personnel in the Toronto office, although they are not being attacked, will not only know about it, but know they are protected. Rather than wondering what is going to happen, the prevention measures are shared via ThreatCloud AI. The technologies and the intelligence are applied and it’s all automated for them.”