'We are two generations behind': Check Point CEO slams cybersecurity of enterprises
The average enterprise hasn't made it past app security, Gil Shwed tells conference
Cybersecurity measures are lagging as far as 30 years in the past for the average enterprise, Gil Shwed, Check Point founder and CEO, stated during the vendor's CPX360 event in Las Vegas, Nevada.
During a keynote at the security vendor's largest North American show yet, Shwed pointed to infamous hacks of 2017 - from elections to Equifax to WannaCry and more - saying the year was a "wake-up call".
However, there's still room to go, according to the executive.
He detailed four past "generations" of security: the advent of antivirus in the late 1980s, the invention of firewall in the 1990s, the rise of application protection, such as intrusion prevention, in the early 2000s and polymorphic payload threats popularised in 2010 and combatted with technologies like sandboxing and anti-bot.
Now, the security industry is in its fifth generation of security, which includes large-scale, multi-vector attacks and state-sponsored technologies, Shwed said. However, the average enterprise has not moved past application security, he claimed.
"The attacks are well beyond generation four… Where's our protection? We are applying more and more protection knowing that cyber security is important, and yet the rate of security that we've implemented in our systems is somewhere between [generation] two and [generation] three," he said, noting that on average, enterprises are implementing generation 2.8 protection.
"No wonder a major attack can hit us, because we are two generations behind."
Urging the industry to move forward, Shwed pointed to need for strategies that encompass threat prevention technologies applied everywhere (from datacenter to cloud, endpoints, network perimeter and mobile) with shared intelligence, plus consolidated management.
"When we look at these generation five attacks, we understand that the generation four protection is not enough anymore," Shwed told delegates. "Yes, these attacks are also polymorphic, but we can't just let them in and detect them later. We need prevention. We need to do it in real time… And we also need to cover our weakest points, and that's the cloud and mobile."
The channel may see challenges, however, in customer concerns about implementing all the security technologies necessary to fight the fifth generation of security.
Common comments, Shwed said, are around complexity and the belief that their organisation will never be attacked.
Customers also say it can take six months to implement each technology, meaning by the time all the solutions are deployed, the landscape will look differently.
Another concern cited by Check Point customers is that there's no way to really prevent security attacks.
"I disagree with that," Shwed said. "It is our job to block these attacks, and we're proving every day that it can be done.
Shwed noted that Check Point is currently working on addressing the sixth generation, expected to hit in 2020, for securing the Internet of Things (IoT). He said this will include nano agents, or open source software plug-ins controlling every security attribute, including for IoT devices, mobile operating systems and cloud, web and micro services.