TEL AVIV, Israel –– CSOs are too conservative in running their operations and don’t invest in the latest technology that could better protect their firms, says the head of Israel’s best-known security firm.
“I think the biggest mistake [they make] is not just being reactive but investing in the technology they already know, instead of saying ‘We need a new strategy and we need to grow the architecture we’re dealing with,’” Check Point Software Technologies CEO and co-founder Gil Shwed told a group of international reporters here on Monday.
“So instead of saying ‘We know how to operate a firewall, so let’s renew our firewall’ — and that’s great because we sell firewalls – [they should say] ‘We need a system that addresses mobile, that addresses cloud, that addresses mainly advanced threats and to upgrade our firewall and our entire system to deal with the full spectrum of threats. Most IT departments are busy supporting what they know how to deal with rather than making the bold step forward.”
Asked to comment on why some countries are doing better than others in cyber security, he said the fault isn’t with nations but with companies. “The good news is everybody’s interested in more cyber security… The bad news is if we’re talking about advanced threats or securing things like the cloud or mobile security the number of companies that are deploying these technologies is between one and four per cent around the world. So it’s still very, very low.
“The number of companies using technologies to prevent advanced threats is between four and eight per cent– and even those eight per cent may not deploy it across the entire company.” He repeated that the problem is organizations persist in doing what they know.
“We [the security industry] speak about the problem but we’re not doing enough … In terms of nations, I think the level of nation-wide security in most countries today is relatively low.”
Not, he added, that governments should “build fortresses. That would lead to better security but it would also lead to a closed environment.”
And despite increases to cyber security by most national governments around the world, Shwed isn’t impressed. “Most counties that I’ve seen are still in intelligence collection, building cyber security centres to collect information about attacks.” But the Internet has no borders, he said, so the attacker can either be “the kid next door” or a nation-state.
Shwed is one of a number of executives of cyber security firms being made available to reporters here to cover the annual Cyber Tech security conference this week as an example of Israeli know-how and entrepreneurship.
All emphasize the fact that Israelis have to serve several years in the military after high school before starting their working career (unless they stay to have military careers) as an advantage. Many – like Shwed and his partners – worked in intelligence-related fields.
For Israelis, Check Point is a star example of what can happen when things go right. The company, which sells products ranging from desktop and mobile protection to enterprise software blades, now has annual revenues in the US$1.7 billion range. With 4,300 employees around the planet – including support offices in Vancouver, Toronto, and Ottawa — it calls itself the biggest pure play security vendor in world.