Gil Shwed, CEO of Check Point: “The risk of cyberattacks is the highest of all time and will remain that way” | Technology

Gil Shwed, born in Jerusalem 55 years ago, has led one of the largest cybersecurity companies in the world for three decades. He founded Check Point at just 25 years old with Shlomo Kramer and Marius Nacht following serving in the Israeli military, the largest single source of cyber threat experts. Despite being the longest-serving CEO of a Nasdaq company (the second largest stock market in the US), he has decided to step aside and leave his position of maximum responsibility in a company that sees the greatest impact world cyberattacks in history. It has more than 5,000 employees, has returned to its profit path (it closed the year with 2,265 million euros, 4% more than in 2022) and has seen the dizzying growth of companies, such as Palo Alto, created by the former engineer of Check Point Nir Zuk. He gives this interview during the convention of his company (CPX) in Vienna (Austria), where he displayed the yellow ribbon that symbolizes the request for freedom for all Hamas hostages.

Ask. Why are you leaving the CEO position?

Answer. I’m not leaving Check Point. I’m transitioning to CEO. I want to focus on new areas and I will be available for anything. I have been the longest-serving CEO of Nasdaq and it is an interesting time to think regarding the next stage and take Check Point forward. We have a very strong team, a very good product portfolio and it is a good time to think regarding what the company will be in the next five or 10 years. Part of my job has been to have up to 12 half-hour meetings each day, and if I really want to listen to customers, learn new technologies, and address problems, I have to focus and spend more time on these tasks.

P. Are we living in a time of greatest risk of cyberattacks?

R. The risk is the highest of all time and will probably remain that way. Malicious actors are learning more and more regarding vulnerabilities in infrastructure. Not only are they improving, but the amount of infrastructure at risk is also greater. We are more dependent on technology and more connected than ever. That’s good, it’s very important for our world, but it also means that all companies can be victims of attacks. If we look at the infrastructure of software [programación], is even more challenging because the more sophisticated it is, the more errors there are and the more places to attack. The size of the programs is 1,000 times greater than 30 years ago and the possibilities of attacking are many more. Additionally, all computers are connected and there are many more services we consume online.

We are more dependent on technology and more connected than ever. That’s good, it’s very important for our world, but it also means that all companies can be victims of attacks

P. As a company with headquarters in Israel, how has the war in Gaza affected you?

R. The main effect has been that some of our employees have been drafted into the Army, approximately 5% of our workforce. From day one we have insisted that we stay in business and honor all of our commitments. And we do, so it hasn’t had a significant effect on our results. Nobody is happy with being at war. It is not the best situation, but, in terms of work, we are complying.

P. What will this year be like in terms of cybersecurity?

R. Attacks on infrastructure are very sophisticated and there will continue to be States behind criminal groups. Cyber ​​attacks will be fifth generation: very sophisticated and very difficult to detect. We continue to have a very high risk and it will be higher. An attack is never good, but we are seeing that there is more and more protection and technologies are being discovered to be able to defend ourselves in the best way. The bad part is that there are many more organizations attacking and many more that are being attacked.

P. They use artificial intelligence (AI), but so do malicious actors. Who is winning the race?

R. We win because we keep our world connected and running. The Internet produces much more good than harm. Generative AI tools give attackers a lot of access, from simple things like writing a phishing [suplantación de identidad fraudulenta] or a bull.

We win because we keep our world connected and running. The Internet produces much more good than harm

P. Can we protect ourselves?

R. Against the false message it is simpler. Now, can we protect ourselves from sophisticated films deepfake [vídeos ultrafalsos con apariencia real]? We are looking into it and perhaps we can identify that a video clip has been produced by real people or AI.

P. They constantly research how to defend the machine, the web and the cloud, but, finally, the human factor, the person, is the most vulnerable point in the chain. How is this weakness corrected?

R. We have to learn to be more careful, but I’m not sure people are the most vulnerable. If you look at some of the most devastating attacks, the human factor was very limited. I’m not saying it doesn’t exist, but there are zero-click attacks that allow someone to get to your computer or mobile or anything without you doing anything. That is the most sophisticated type of attacks. But even when you click on something, it’s not you that’s causing the damage, it’s the activation of a very complicated process that exploits the vulnerability in the application underneath it.

P. Is anyone safe?

R. No. But I don’t want to scare, but rather convey the message that you can be safe and it is good to use the Internet, although we have to remember that, if I give my data on the Internet, they are at risk. Although it’s good to take that risk. My life is much better by being involved in communicating with people or doing e-commerce. Is it safer? I think so. Can the Internet be safer? Yes, because you can use different tools to do it.

We have to remember that, if I give my data on the network, they are at risk. But it’s good to take that risk. My life is much better by participating in communicating with people or doing e-commerce.

P. Have you ever personally experienced an attack?

R. No, but my phone tells me that it has protected me several times in recent weeks from some websites that are not secure and I reached them by browsing very valid Internet sites.

P. The threats are global, but the solutions are individual. Is collaboration between companies possible to reduce this disadvantage?

R. The number one priority for us is collaboration, making our products more collaborative.

P. There are old weapons that resurface, such as infection with a USB-type portable memory, and others that have never been seen before.

R. This year we have seen attacks that were very common 15 years ago, such as those generated with USB devices. They are trying to reach computers when they are not connected to the Internet or are very well protected. On the internet we are doing a good job with firewalls. But that’s why collaboration is so important. I need it when I see the attacker on the network or on a USB or on my mobile.

North Korea is an extreme example because they can be the worst attacker since they have nothing to lose because they are offline. It is a sophisticated nation, they are intelligent and know how to use technology, but the risk there is very limited

P. There are attacks that no longer seek money, but only to destroy the operational capacity of critical infrastructures.

R. Motivation varies. In the early days of the Internet, most incidents came from people who just wanted to show off their skills. Now, state-sponsored and ideologically motivated attacks only want to cause real harm, not to get money, not even to steal data, but to cause harm.

P. Russia, Iran, North Korea are some of those sponsoring states. Is there any possibility to avoid them?

R. We’re trying to defend everyone from everyone. We see major attacks everywhere and we don’t always know who to attribute them to because the origin is hidden. Many countries do not do them directly, but through organizations that work for them. By the way, North Korea is an extreme example because they can be the worst attacker since they have nothing to lose because they are offline. It is a sophisticated nation, they are intelligent and know how to use technology, but the risk there is very limited because they do not connect to the Internet.

_