Here’s an excerpt from this week’s CIO newsletter. To get it in your inbox, sign up here.
It’s no secret that the threat environment has changed in recent years, with more sophisticated and frequent cyberattacks. I recently spoke to Gil Shwed, co-founder and CEO of Check Point Software Technologies Ltd. He is widely credited with inventing the modern firewall and keeps a close eye (some would say obsessively) on the threat environment. Here are some of his observations:
What grows above all is the sophistication of the attacks. It becomes much easier to develop attacks. For example, generative AI makes writing malware very easy. You can go to a tool like ChatGPT, ask them to develop a back office application that collects information, and then use that information to write a phishing email that looks perfect. You can do all of this without having any programming knowledge or having the best English to write those emails.
Of course, AI can also be used to combat cyber attacks. We use a lot of AI in our tools. We have what we call ThreatCloud, a network of threat sensors that share data and work together to fight malware. We use about 75 different threat engines, as we call them, to identify and stop these attacks. 42 of them are already AI-based. We just launched 5 new ones and 12 last year.
ChatGPT had only existed for two months when we realized it was being used to create attacks in at least five major cases. These are attacks that we have blocked on our customer sites. A typical organization in the US is attacked 1,200 times a week.
The typical cloud application is connected to 15 other applications. From a security perspective, it’s a nightmare. This means that 15 other applications can compromise the security of the application you are using. It creates many challenges and it is a huge investment on our part to defend the cloud.
Every new technology excites people and there are people who are too afraid of it. Generative AI can democratize many things: people who don’t have great writing skills can now write professionally; they can present their ideas in a way that they can compete with people with perfect English skills. You can use these tools to enhance learning. We should focus on how to use the potential.
We all need more cybersecurity. It’s not just about spending more money. How do we deploy a prevention architecture instead of just detecting and combating threats? When it comes to solutions, I think of the three Cs: comprehensive, consolidated and collaborative. If you have a fire alarm on the sixth floor, we all know what to do. In the cyber realm, a tool can stop an attack, but the threat may have spread to another floor or is now coming from a different realm. We need tools that work together all the time. It is not an easy task to accomplish, but it is necessary.
I am now celebrating 30 years since Check Point was founded. The Internet has made our world more interconnected and open and maybe even more democratic. The challenge now is to make it safer.
