I recently attended the Check Point CPX Denver and came away with a number of thoughts worth sharing.
One of the top 5 risks to global society is cyber threats according to the World Economic Forum 2019. 46% of companies and 36% of consumers have been either affected or lost data from nefarious cyber activity. And it’s only going to get worse with IoT and vast adoption of the cloud by broadening the attack surface area for an organization.
IT security has typically had a “detection” mentality. This doesn’t work for Gen V attacks because it’s too late for an organization or individual to remedy the situation.
This might have worked for Gen I (viruses), or Gen II (network or perimeter break-ins), or Gen III (application exploits), or Gen IV (payload-based attacks), but this approach does not work for Gen V attacks. What distinguishes Gen V attacks are:
- They are global and on a large scale
- They are multi-vector (cloud, mobile, network, endpoint)
- They use warfare grade technology
- They consist of metamorphic malware
In order to combat Gen V attacks, you need global threat intelligence. And this is where Check Point leads the pack of IT security vendors.
Gen V security leaves the patchwork, best-of-breed deployments from over 3,000 security products of the past behind. The problem is all these products don’t communicate with each other. Instead, Gen V is characterized by an architecture that unifies all networks, cloud, and mobile, supported by automatic and immediate threat intelligence.
5th-generation security is marked by key advancements over the prior 4th-generation security:
- Consolidates next-generation-firewall (NGFW), sandbox, bot security, endpoint security, and other security controls into a single unified security system.
- Shares real-time threat information throughout the system.
- Prevents advanced 5th-generation and first occurrence of new attacks; does not allow first-attack “patient-zero” infection.
- Extends prevention of advanced attacks to cloud deployments and mobile devices as part of the single, unified security system.
- Uniformly prevents attacks across a business’s entire IT infrastructure of computer networks, virtual instances, cloud deployments, endpoints, remote offices, and mobile devices.
- Centrally manages, monitors and responds to all security activities and events as a single, unified security system.
Check Point’s new 2020 architecture is addressing Gen V attacks with a security delivery platform (on-prem devices and nano-agents) and security services platform (global cloud-based intelligence).
- APIs are constantly changing
- We have a shared responsibility for providing security in the cloud which is often neglected
- Environments are dynamic and software-defined so it’s easy to have security lapses (10,000 business were affected by widespread Google security group misconfigurations in 2018)
- Extremely easy to misconfigure IAM roles and security groups
- Easy to not properly segment application services