Cyber 9/11 is coming - returning Check Point UK boss
Nick Lowe reflects on his time away from Check Point as he returns to the vendor he left in 2011
"I think we are going to witness, certainly in our lifetimes, a 9/11-type cyber event. I'm convinced of it. In our lifetimes we're going to see it."
These are the ominous words of Check Point's returning UK and Ireland boss Nick Lowe, who rejoined the vendor last month following his departure in 2011.
Lowe left the Israeli giant for a five-month stint at CyberArk, before entering the start-up world with AppSense and Silicon:SAFE.
Lowe reflected to CRN on how drastically the cybersecurity threat has changed during his time away from Check Point.
"If you go back 10 years to probably the prime time on my last watch, people were worried about it; they were worried about infection, to some extent loss of internal services and - I don't want to trivialise it - but it was just bloody inconvenient," he said.
"There were the big breaches, but it was just bloody inconvenient. Now cyber has moved from being bloody inconvenient to company threatening.
"We did a big briefing yesterday, and I've not heard of this before, but [the company] got a ransom attack which is not encryption, but [the hackers] saying 'we've changed your processes, and if you want us to tell you where we've changed them, you need to pay us'. So they've got a fully operational environment but they've got process changes, and they're going 'shit'."
Lowe referred to a second conversation he had on the same day with an employee from a healthcare institution. He said she explained to him how the healthcare industry is now less concerned about its data being encrypted and more worried about extremely sensitive data being changed - possibly affecting prescriptions or operations.
He warned that the advancement in cyber threats is reaching a point where something on an unprecedented scale will hit.
"Now it's not a problem from an operational [perspective]; it's about survival," he said. "Companies will fold.
"I think we are going to witness, certainly in our lifetimes, a 9/11-type cyber event. I'm convinced of it. In our lifetimes we're going to see it.
"If you take the internet down, and I don't want to trivialise stuff, you're just causing a lot of pain. A lot of businesses will find it difficult to function. But what happens if I switch off all the water pumps into London and London can't have water for two days? You're starting to move to very different use situations."
Start-up success
Lowe had a short spell at CyberArk after leaving Check Point and then moved to AppSense, where he spent the best part of four years.
He joined the company in what he referred to as its "second phase and was tasked with growing the British business into a multinational firm".
"We took it from a small company to the US, Asia, Australia - we took it to a global brand and it was a real British success story, and then we sold it to Landesk," he explained.
His most recent venture was with UK start-up Silicon:SAFE, which was backed by AppSense chairman and serial software investor Charles Sharland.
The timing of the Silcon:SAFE story was perfect, he explained, coming just as the sale of AppSense was being finalised.
"The chairman of AppSense is a very well-known UK technology entrepreneur; he has invested a lot, and he knew that I had a particular bent for cyber and of course at AppSense we were doing some cyber stuff," Lowe said.
"He said 'go and have a coffee with them' and it was basically a twinkle in the eye of two academics who have extremely good credentials.
"I went over there and had a coffee with them and then three hours later ended up in the car park ringing Charlie Sharland and telling him these guys are seriously onto something. Five hours later I finally drove out of the car park and he said 'I'll invest but will you go over and run it'.
"The timing was perfect. We took the company from a twinkle in the eye to patents granted, and David Cameron referencing us. It was just a magic story."
Lowe remains a shareholder with a non-executive interest in Silicon:SAFE, but his sole focus is now on Check Point.
Coming home
While the security landscape has evolved in Lowe's time away from Check Point, he admitted his shock at how the company has transformed internally.
"Check Point as a company has changed," Lowe said. "As a company grows rapidly, you end up trying to be all things to all people and I'm really surprised at how able we've been to get traction with these new technologies. Usually when you have new technologies coming to market, a salesforce becomes fixed in the past - it has a bellwether product that it's selling.
"What surprised me when I was coming back from the outside was that I expected to find a company that was stuck, but what I found was a company that internally had fundamentally moved with the times.
"We've taken the company forward and I was genuinely surprised about that. It's a very, very different company that I left, where we had super-specialised skills in one area.
Addressing the fragmented market
Lowe said that on his return to Check Point the cybersecurity market is as fragmented as it has ever been, with more start-ups than ever before receiving venture-capital backing at an unparalleled rate.
He explained that these can only go on for so long, as partners and end users become increasingly overwhelmed by the number of siloed security solutions available.
"The thing that got me was, because I've been on the other side now and I saw the fragment piece, Silicon:SAFE did this really minute sliver of security and identity - and I was thinking all through that period that cyber is changing," he explained.
"Go back 10 years and you needed good, solid perimeter technology. You needed to stop the bad guys getting in and you probably needed good antivirus. The suite of what you needed probably had three, four, five, six types of technology. Now what you need is much broader.
"You have a vendor that does 'this piece', another vendor that does 'this piece', so you had five vendors but now you've got 20 or 25 vendors - all with a different management system, all with a different console, all with a different kind of products - none of which are interoperable. What I believe in and one of the strong drivers in me coming back was the fact that Check Point has always been the gold standard for management."
Lowe explained that over the next few years the cybersecurity space is going to go through a consolidation phase of both vendors and resellers. He believes smaller start-up vendors will start to be acquired more frequently by larger players, and the same will happen with resellers and systems integrators, as the technologies start to become integrated.
With this in mind, he says cybersecurity is going to move to a single-layered approach with one management system that will control the likes of end-point security, firewalls, mobile devices, advanced threat detection; all aspects of security.
"I fundamentally believe this is going to be the next part of where cyber is going," he said.
"I think there will be a cyber layer that you adopt and I think Check Point is a company that is in its infancy when you think about where were going. That layer is what we'll provide."