Based on the three core principles of Prevention-first approach, Gold Standard Management and Consolidated Solution, Check Point addresses the most imminent cyber security needs of organizations
“The vulnerabilities exposed throughout the year have allowed attackers, for varying timeframes, to execute arbitrary code, escalate to root privileges, access mass amounts of private content, and even cross between different environments.”
Head of Channels and Growth Technologies – India and Saarc,
Check Point Software Technologies
As the Pandemic has engineered a huge to shift from offline to online operations and a massive adoption of remote working culture and online learning, it has paved the way for digitalization on an unprecedented scale. Along with the shift to online has also come an unacceptable rise in cybersecurity issues.
With rising ransomware cyberattacks on IT infrastructure, businesses have realized the importance of embracing zero tolerance for gaps in their security strategy. They are increasingly investing on strengthening their cybersecurity to secure their crown jewels and their valuable data. This has thrown open a big opportunity for cybersecurity players.
As the India market remains in the eye of a major digital transformation buoyed by a tech-centred Union Budget, SME Channels embarks upon recording the voices of the who’s who of the Cybersecurity landscape.
As part of our effort to make the voices of major security players heard by the channel community, here is the Security Predictions from Security major Check Point.
In a special interaction with SME Channels, Manish Alshi, Head of Channels and Growth Technologies – India and Saarc, Check Point Software Technologies, reveals his organization’s strategy to address growing need for security solutions from customers, his predictions for the cybersecurity industry in 2022 and his vision and plans for the channel community. Edited excerpts…
Please give a brief introduction to your company.
Check Point Software Technologies Ltd. is a leading cyber security solutions provider to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Check Point offers multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network, and mobile device-held information. Check Point provides the most comprehensive and intuitive one point of control security management system, for over 100,000 organizations.
Founded by our CEO Gil Shwed in 1993, who pioneered the network security sector with the launch of the first stateful inspection firewall in 1994, it continues to lead the cyber-security market with its innovations to the present day.
For close to 29 years, enterprises around the world have relied on Check Point’s industry-leading solutions to protect their brand, assets, and data from cyberattacks, enabling them to accelerate their businesses safely and productively.
In 2022, Check Point in its annual event CPX 360 customer conference announced its rebrand in nearly 30 years. As a part of the rebranding, Gil Shwed, founder and CEO of the company introduced the new tagline ‘You Deserve the Best Security’ and the company’s new logo which marked a new strategic drive by Check Point to urge organizations to implement comprehensive ‘prevent-first’ security solutions capable of dealing with the cyber pandemic and attacks of any vector.
With the pandemic still lurking there, what are the major market trends you are forecasting for 2022?
In 2021, as per our cyber security report, organizations experienced 50% more weekly cyber-attacks than in 2020. The Education/Research sector’s 1,605 weekly attacks took the lead (75% increase), followed by Government/Military with 1,136 weekly attacks (47% increase) and Communications with 1,079 weekly attacks (51% increase). Software vendors experienced the largest year-on-year growth (146%) which goes hand-in-hand with the ever-increasing trend of software supply chain attacks observed in 2021. This last year has also seen evolving attacks on mobile devices, an increase in major cloud services vulnerabilities, and the return of the notorious Emotet botnet.
Based on cyber-attacks in 2021, below are some trends for 2022 that will continue to evolve the cybersecurity landscape
Supply chain attacks will continue to grow
Supply chain attackers take advantage of a lack of monitoring within an organization’s environment to perform any type of cyber-attack, such as data breaches and malware infections. The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred such as Codecov in April, and most recently, Kaseya. The group demanded a ransom of $70 million to provide decryption keys for all affected customers.
Supply chain attacks will become more common, and governments will begin to establish regulations to address these attacks and protect networks.
Cyber-attacks will continue to disrupt everyday life
2021 saw a large number of attacks targeting critical infrastructure which led to huge disruption to individuals’ day-to-day lives, and in some cases even threatened their sense of physical security. It is expected that the cyberattacks on critical infrastructure will continue to impact individuals’ daily lives.
Cloud services under attack
Cloud provider vulnerabilities became much more alarming in 2021 than they were previously. The vulnerabilities exposed throughout the year have allowed attackers, for varying timeframes, to execute arbitrary code, escalate to root privileges, access mass amounts of private content, and even cross between different environments. In 2022, cloud services will also continue to witness more sophisticated attacks.
Developments in the mobile landscape
Throughout the year, threat actors have increasingly used smishing (SMS phishing) for malware distribution and have invested substantial efforts in hacking social media accounts to obtain access to mobile devices.
Cracks in ransomware ecosystem
Governments and law enforcement agencies changed their stance on organized ransomware groups in 2021, turning from preemptive and reactive measures to proactive offensive operations against the ransomware operators, their funds and supporting infrastructure. The major shift happened following the Colonial Pipeline incident in May which made the Biden administration realize they had to step up efforts to combat this threat.
Return of Emotet
One of the most dangerous and infamous botnets in history, is back. Since Emotet’s November return, CPR found the malware’s activity to be at least 50% of the level seen in January 2021, shortly before its initial takedown. It is expected to continue well into 2022, at least until the next takedown attempt.
The rise in online operations and huge business migrations to the cloud during the pandemic has created humongous security issues, how are you bracing to address the security challenges faced by businesses?
From Check Point’s perspective, we have a robust product portfolio to provide any organization with the ability to conduct their business on the internet with the highest level of security. We address organizations’ most imminent cyber security needs based on three core principles i.e. Prevention-first approach, Gold Standard Management and Consolidated Solution
Our product solution, Check Point CloudGuard provides consolidated security, threat prevention, and posture management across all public, private and hybrid cloud environments, assets, and workloads from foundational cloud network security and continuous compliance, through cloud workload and cloud applications security (WAAP) for containers and serverless functions, as well as cloud intelligence and threat hunting.
Aligned with the agile nature of cloud development and deployment, Check Point CloudGuard solutions provides holistic safety for network security, security posture management, workload protection, application security, and cloud intelligence etc. that enables us to deliver the ultimate solution for both cloud security practitioners and cloud DevOps.
What major trends are you forecasting in the channel market?
For starters, a lot of system integration partners are either establishing or strengthening their cyber security practice, with a growing number of partners coming on board across the spectrum. With the pandemic outbreak, the necessity of robust cyber security solutions has been more pronounced than ever, irrespective of the organization’s size.
Further, we foresee cyber security industry to witness a paradigm shift in their business models backed by a growing demand for services (security as a service). In the longer term, partners with deep technical skills across implementation and day 2 support will thrive and sustain. The servicing capabilities are likely to boost their profitability and hence, is an important cog in the wheel for this stream of business.
Last but not least, in the medium- to long-term, the industry is expected to witness consolidation of solutions across the cyber security domain, as customers increasingly adopt a single pane of cyber security management. OEMs with a broader product portfolio that is seamlessly integrated, are more likely to be preferred by customers for management ease. This will also reflect on the channel ecosystem, as solution providers and system integrators with wide-ranging technical expertise will become a preferable choice for the customers.
How do you leverage Next-Gen Techs like AI and ML to address security issues?
Check Point Software incorporates AI in its unified, multilayered security architecture to provide an ever-improving intelligent system that detects and prevents complex and sophisticated first seen attacks.
For example, ThreatCloud, the brain behind Check Point Software’s threat prevention power, combines big data threat intelligence by Check Point Research, an elite group of world-renowned researchers, with advanced AI technologies, consisting of millions of IoCs and telemetry updated in real-time, to provide accurate prevention to all Check Point Software customers. ThreatCloud can detect and block never seen before threats and creates accurate verdicts that tag every request, email, file, SMS, and activity as either malicious or safe, to detect and block phishing attacks, malware, and vulnerability exploits. These verdicts are then fed to the entire Check Point Software portfolio, each product is able to harness this power.
Here are a few additional solutions that incorporate AI in its unified, multilayered security architecture:
CloudGuard Sandblast Mobile
The software performs an AI-based analysis of the system in various techniques. It analyzes the reputation of the application, its behavior, metadata, and its similarity to malicious applications. The models are trained and tested based on the data of tens of millions of applications, collected by Check Point Software since 2013, resulting in an excellent detection rate that allows damage prevention and quick remediation. Half of the applications blocked by Check Point Sandblast Mobile Agent were detected by the Mobile ML model and unknown to other antivirus vendors.
Check Point Sandblast Agent Behavioral Guard
The software is one of Check Point Software’s prediction engines, leveraging Check Point CloudGuard Sandblast Agent forensics to effectively and uniquely identify unknown malware behavior and accurately classify malware to its respective malware family. The engine combines generic behavioral signatures with an AI model and by that ensures a low false positives rate and a high detection rate. By incorporating the ML validation, Check Point Software has managed to eliminate 98% of suspicious behavior and accurately prevent only the real attacks.
Which areas are you focusing on in the channel – skillsets, sales and marketing, vertical and technology practice development, service capability, etc.?
In 2021, we have been focusing on delivering the best growth opportunities and rewards in the industry to help our partners be more successful and profitable, to help them win new business and build even stronger relationships with existing customers.
As a result of our efforts, in 2021, we were able to increase our deal registrations substantially, year on year. We also on-boarded 120+ new partners, who underwent our training and certification program. With consistent support from our partners, we were also able to establish a successful go-to-market strategy around new customer acquisitions through White Space account coverage across the country.
What percentage of budget growth are you expecting for channel development?
It is worth highlighting that Check Point has doubled its investment in India whether it is from a channel coverage or channel development perspective. Our partner team size has doubled and so have our investments in our joint GTM strategy with our partners.
Check Point facilitates COOP funds as well as market development funds to its partners, which can be utilized through various means aimed at demand generation. We also invest substantially in partner enablement & certifications. In addition, we also run SPIFF as well as rebate programs for our partners from time to time, to reward specific go-to-market initiatives and actionable that are in line with our focus areas. We also facilitate partner-led customer events through our security circle campaigns that help our partners apprise their customers of our product portfolio and the joint services we can offer to customers. This year, our rate of investment will also increase, as compared to the last year.
Cybersecurity is highly tech-intensive. How do you educate your partners to deliver in this highly challenging and competitive security landscape?
It is worth highlighting that the Check Point has one of the ‘strongest balance sheets in the industry’ when it comes to operating margin gross margin, cash on hand, and lack of debt, which enables us to train partner salespeople and engineers at a fraction of the cost of competitors. Salespeople can get trained at essentially no cost to the solution provider, while training for engineers is half the cost of rivals.
For instance, our training and certification program offers partners best-in-class training courses to assess, sell, deploy, and support security solutions. We also offer one of the best professional services training and shadowing programs in the industry.
Apart from this, we also have more than two dozen tools to assist our channel partners, some of which are aimed at partners to use with their customers such as assessments and security checkups while others such as dashboards and quarterly business reviews are intended for the solution providers themselves.
Are you planning any new product additions for the channel market?
The most recent product for the channel market is an extension of our Check Point Quantum portfolio with Quantum Lightspeed Firewalls to introduce the biggest network security revolution in the last decade. Quantum Lightspeed sets the standard for firewall performance to enable Hyper-fast datacenter security for every enterprise:
- 5 times better firewall throughput – Up to 3 Tbps per system / 800 Gbps per single gateway
- 10 times faster – Ultra-low latency at 3 microseconds
- 20 times better price-performance than competing solutions
With the emergence of distributed SaaS applications and the need to better support remote workers, the modern data center is rapidly evolving to a hybrid architecture, with both on-premises and cloud operations. With network traffic growing 2X every 3 years, enterprises of all sizes are challenged with delivering hyper-fast datacenter security at the speed of the network.
What’s your geospread? Is there any channel expansion plan in terms of numbers in 2022?
Check Point India serves almost all the major enterprise customers across key segments including BFSI, IT-ITES, government, telcos, manufacturing, services, education & other verticals. Our direct sales coverage and channel coverage have demonstrated robust growth in 2021 backed with the objective of reaching out to a larger number of customers & working closely with more partners across the country.
As the threat landscape for SMBs becomes more complex, the demand for cybersecurity solutions that protect organizations across all horizons has grown substantially. Check Point stands committed to providing uncompromised security to the small and medium-sized business (SMB) market in India as well. As part of this initiative, we have onboarded more than 120 partners last year and in 2022, we intend to acquire 200+ more partners to serve our customers spread across the nation.
We are also establishing liaisons with OEMs, ISV partners & Consultants with the objective of offering seamless 360-degree solutions and advisory services to our customers. In addition, Check Point is also expanding rapidly with its growth technologies portfolio around Cloud and endpoint security, in addition to network security. To serve our customers better in these areas, we are also on-boarding niche partners who specialize in these areas. These include born-in-the-cloud partners as well as mobility-specific partners.
We estimate that by the end of 2022, Check Point India will have one of the largest & most diverse partner ecosystems across the country that will help us serve our customers better across all regions & segments.