Gil Shwed Keynote: Stepping Up to Gen V of Cyber Security

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
ladies and gentlemen please welcome checkpoints founder and CEO Jim sweat [Music] good morning Las Vegas good morning everyone I'm really excited being here and I see that we're still has some people walking in through the back for is plenty of sitting on the left side this is my nice side so you'll get the best view if you walk all the way down here for everybody in the last row M this year I think we have a very special a checkpoint experience CPX 360 so we are looking at the security challenge from a 360 degree angle we also have here more of our customers more of our partners all of our employees so this is a huge event and for me I've been in checkpoint for a now we're celebrating our 25th year that's a long time and checkpoint has always been my actually my first family even before my second family now that we feel that we all know each other and and we feel I think like one big extended family and I think that we are looking today at the internet we can't imagine how much it touches our life every part of our life something we'll really couldn't imagine when I start a checkpoint in 1993 so let me start by telling you a few short stories about my other family my second family and last year I told you those of you remember about my a new newborn baby was just born last year and they I found on the internet a baby crib and automated baby crib that actually rocks the baby and apparently is also connected to the Internet and due to an internet failure or some probably attack on day on the operator bed bed I couldn't put my baby to sleep I want to repeat the whole story from last year but my baby has grown since and and we are now flying drones together and we don't just use the drones for fun I actually use it to watch my family and to really take good care of him for example my other signs my older sons they go to school they take the school bus and a few months ago during summer camp we had the new school bus that they actually came during the summer time few streets away and my nine-year-old insisted but he wants to go by himself and for me you know waking up at 7 a.m. in the morning in the summer they don't feel like dressing up leaving the house and so on so I actually use the drone to walk him and watch him from the sky and he walks every street I see what is going and suddenly I noticed something is wrong you see the school bus here I see that is boarding the bus and then I realized I don't know if you can see it it's the wrong bus so I'm picking the phone calling me right away and asking him Tom are you on the right school bus and he said sure I said how do you know I asked if it's going for a summer camp and he says yes said ask which summer camp so he asked turned out he was on the wrong bus and I saved him from getting to the wrong part of town and this you see how technology can really help us in our daily life how is that related to our subject your cybersecurity and I will get to vet towards the end of friend presentation and now let's jump to beginning of the more today's part of the presentation so if we look at what's happening today in cybersecurity 2017 was a very special year for all of us even for her office has been for many years we've seen the government hacking toolkits leaked to the Internet we've seen huge devastating cases of data leakage many of them from the cloud we've seen I mean all the us credit record data taking the French election breaking into the German parliament breaking into the UK Parliament and vest without even mentioning what's going on in the US election and everything that surrounds that and then when we felt with every so many attacks and so on we had one big attack one a cry if you remember in May and that actually looks like everything you can imagine in a major attack and use the government developed and developed vulnerabilities and attack toolkits him it all it attacked thousands and hundreds of enterprises in almost a hundred countries within few hours it shut down hospitals shut down manufacturing sites shut down entire companies all within a matter of hours and that's when we talked about where they in our industry we all said that's an attack rate a you see once in a decade and until the next time we'll see that maybe there's ten years and then what's happened two months later similar type of attack using similar tools even a bigger damage almost completely shutting down the country of Ukraine and again same thing hospitals manufacturing sites of some of the world topped 100 companies huge damage that you couldn't even imagine so was 2017 a wake-up call for us what does it tell us let's look at another data point this report a we just got it a few weeks ago from the World Economic Forum admitting divorce they've tried to rate all the global risks that are coming or not something very positive you see all the bad things that can happen to us in the world and let's see what was unique this time if we zoom in to the upper right cubicle here we see that the cyber attacks are right there at the top right actually if we look at the top five global risks in terms of likelihood you see that cyberattacks and data fraud are amongst the top five just after extreme weather events and natural disasters very encouraging for us him but at least we don't have to defend against extreme weather events ovett say and this is some and again if you receive these weren't these purple things weren't there two years ago and so on the cyberattacks makes it for the top five for the first time so if something is happening and this is something we should all care about because this is our job we are at an inflection point and we try to ask ourselves why are we an inflection point what's happened in our world and looking back our history we try to identify where we are we are today at the fifth generation of cyberattacks and let me maybe before I explain all around that maybe give a little bit of introduction water this generation of cyber attacks and and how are we in some of it how are we dealing with them so let's look at the generation of attacks it all started that the late 80s or the beginning of the 90s I don't know who here remembers the first viruses that came by with with the disgust if you remember who anybody remembers the floppy drive disgust yeah see a lot of people here but and the viruses move that the speed of of us walking with the diskette and proliferated from one computer to another and some of the first one were fine by some of actually my my friends friends that are a little bit older than me in the Hebrew University of Jerusalem they became later the investors in checkpoint and and against that we had the antivirus and this actually started the security industry the computer security industry for all of us here it looks like forever it looks like our entire lifetime in the world it's actually 30 years it's actually a very short period of time in the beginning of the 90s and they came them the internet and hackers became more sophisticated and I found that the way to get into our system doesn't have to be by walking from one computer to another but we can get directly from the Internet and that's where we started checkpoint and invented the first commercial firewall fiber one I'm very proud to be one of the people who's been there behind that product and that created the industry we are the network security and everything that we are all in this room doing and a little bit more than that of course the attackers didn't still didn't sit still and didn't stop by that and saying okay that's where we got very got a little bit more calm more sophisticated and we started exploiting vulnerabilities in the applications which are allowed access to the Internet can be our main server our webserver our database servers in some cases our browser which is the main application that we use on the web so they started finding vulnerabilities that we can get through what's called legal or allowed communication and finding more and more vulnerabilities like that there's many techniques to try to stop them maybe the most important one today is the intrusion prevention and I think again in checkpoint we were in them earlier or in mid-2000s we were one of the first company I think to include full intrusion prevention included embedded in every gateway that we shift not just detection but full prevention to stop this kind of attacks and again this core game continues the attacker didn't stop and they solve it is hard to penetrate with attacks for all these tools so they made the malware more polymorphic or the payload that is now embedded in Word document files which otherwise look innocent they made this content polymorphic so that means that it changes its form every time so it's very very hard to detect it through the static means that we have for all the previous generation and started a bunch of new technologies to deal with technologies like antibiotic knowledge ease like sandboxing most of them by the way are used today in detection mode most vendors don't know how to activate them in food prevention but we are still important technologies to find which we are being hacked now we asked ourselves when we look at all these generation how well we are protected against them so let's do a quick survey here to warm us up in the morning how many of the organization's here are using antivirus on your systems raise your hands nice so close to a hundred percent of businesses actually use antivirus on their systems how many people here are using a firewall to protect your network good excellent yeah we see again about a hundred percent of businesses definitely everybody in this room is using a firewall to protect web systems intrusion prevention on all your gateways protecting all your traffic how many people here use that actively see here the percentage go down in this room I think it still looks like about what we see in the general population only about 50% of businesses use that and remember this is a technology that's more than ten years old which is 10 years old technology nothing new and yet half of us are not using that now let's go to Jenn for how many people apply sandboxing auntie bought to over traffic see much lower we know we got all the checkpoint people that say raises the room but beyond that we when we look at the general population it's very very low it's less than 10% I think again any number depending what you look like what you apply but 7% can be actually an optimistic number in many cases so when we try to see based on all of it where we are the attacks are well beyond Gen 4 they are Gen 5 and where is our protections we are applying more and more action knowing the cybersecurity is important and yet the grade of security that we've implemented in our system is somewhere between level 2 and 11 3 what we did the calculation on the average I think we are around level 2.8 so first no wonder that we feel that we are vulnerable no wonder with major attack and hit us because we are two generations behind and yet if we look at 2018 where are we now and we are in the fifth generation these attacks are much more sophisticated we are a large scale like we've seen last year across countries across industries and so on if they are multi-vector attack these are not attacks that are attacking us just from one point we can have something getting onto our mobile phone stealing our credentials logging into the cloud that's wide open and from there getting inside the enterprise that's actually quite typical and there's many many other vectors like that and in many cases they use technology that was leaked or found itself out from state-sponsored technology so technologies that are much more sophisticated than what we've historically seen and technologies that are developed by large professional organizations not just amateur hackers and again I'm not by the way implying here that whizzer state-sponsored attacks necessarily but in many cases these are technologies with leaked from projects which originated in in government's by the way it can happen in two ways one is simple leakage of the technology which we don't like to see another one when some government does attack a target and attack is found somebody reverse-engineer that malware and now they publish the attack method and that happens a lot we've seen it throughout the year so just will I'm not there of course blaming any government for a for hurting us m and when we look at with Gen 5 attacks we understand that the Gen 4 protections are not enough anymore yes these attacks are also polymorphic but we can't just let them in and detect them later we need prevention we need to do it in real time waiting up for a few hours the damage is already done it's too late and we also need to cover our weakest points and that's the cloud the mobile these are the vectors where people are using to penetrate our system on top of everything with you and that means for us the message that I have we must step forward we must take a step forward to move not just to the fifth generation of attacks that the world is rare but to a fifth generation of protections so let me speak a little bit about what is the Gen 5 protection and what can we do to get there and what ingredients do we need so first and foremost I think what we need is real time threat prevention technologies we need to prevent the frets and we need to do it in real time second thing we need is to apply everywhere to our data center to our cloud to our endpoints to the network perimeter to the mobile they all need to be protected we need shared intelligence amongst them so when we get an information or we get a new attack we know how to stop it on all the different places and we need to do it with the best security technologies that's very important and let me show you what I mean by that when we look at the sort of the DNA or the ingredients of all the security technologies we need this is a very long list don't try to read where the more than 60 technologies just on this slide in all the different domains of security and this is not all the technologies that we have in our products you and we really need to have pretty much all these technologies almost in every environment so we need to take all these complicated technical sophisticated technologies apply them to our enterprise and you know putting this dome of control around that and even managing them together that's the challenge that we are facing so this looks quite complicated how do we move to this jan 5 what can we do around that we stopped a little bit and asked many of our customers what do they think about that can you implement all these technologies can you do that and we got I'm going to show few representative answers things that you've said and let's look about that so for example the first one was it will never happen to me some people think that way not a great answer we all know it will happen to us we'll all know we'll be under attack another example of an answer says that's really complicated and that's correct it is complicated it is complex with part of our job how to enable that how to make it simple next answer is say you know there's really no way to stop attacks and many companies in our industry say that say you'll be attacked now figure out what to do next I disagree with it I think it is our job to block this attack and I think we're proving every day that it can be done last time sir which may be a little bit more complicated answer and I got it from some very sophisticated customers say you see it takes me about six months to implement each technology even if I group these technologies to major projects and major product I still got about 20 of those I already started of course we haven't started today but still six months per technology implementing all 20 will get me all the way to 2025 and remembering 2025 the market landscape will be completely different so what do we do so basically it is right you need what we call here a small army of security technologies to fight with so here I try to group the technologies into product groups or key technologies but I believe we all need in securing enterprise when we look at the market landscape the vendors you can see this map close to a thousand vendors with implement with technology so it's obvious first for every customer to go through to at least evaluate the best technology find the right mix it's very very difficult and that's where we ask ourselves does that looks impossible and then we quoted the front I have this sticker four years in my room so when I see this is the one I need to use it's the French philosopher from the French Revolution that says the impossible we do immediately miracle takes a little bit longer and I think that's what we've tried to do last year make it all work we can make it you can make it possible so we take all these technology components we integrate them we combine them into the best of breed solution with the best technology in each field and that's what's in checkpoint infinity the cyber security architecture in the future and it can be managed from one console that can manage all this complexity and always shrank in terms of security and I think this is what we all need to aspire to a need to get to and of course it's it's never done we always make progress and we always make new things invest so what's coming up in 2018 in checkpoint infinity and water we are basically announcing today in this conference so first and foremost managing that sophistication of security is complex requires a lot of sophistication we are launching our a new generation of security management appliances the ones that can manage the fifth generation of cyber security collect hundreds of thousands of log records process them and do event correlation and on the same time manage the policy monitor the systems dozens hundreds of system across the enterprise so we are launching a new generation of cyber security appliance management this is the first announcement I'm not going by the way down to any of his announcement we have an another presentation today that's going to speak about vet and we have many presentation today and tomorrow about each one of them so I'm just going to give you here the highlights and what I think is very very important next is addressing a very important area in our vulnerability and that's the cloud so today we announce formally the checkpoint cloud guard and you family for protecting all our client environment yes the infrastructure cloud and I think the revolutionary thing or what looks to me you know impossible a year ago and now I think it's very very doable he's protecting and giving full threat prevention to the SAS environment to software-as-a-service environments like office 365 G suite ServiceNow salesforce.com all these environments we can apply the most sophisticated threat prevention technologies and even new technology that prevents them identity theft and prevent unauthorized use which i think is the number one issue with cloud application so this is I think a very revolutionary and a breakthrough technology and the cloud guard family and last and not least still when you look at all these technologies when you're trying to implement them even when they come as part of infinity even if they work together it's still quite complicated every month you need to spec the exact security requirements that you need every month you need to buy a new product with many models you need to budget it you need to seek approvals it is even the logistics behind that can be quite complicated for every enterprise so we've made it very very revolutionary consumption model for security and in my more than 30 years in the IT industry that's the first model like that that I've seen a model which is very simple paper user per year fixed amount a hundred percent predictable and includes everything includes the software it includes the hardware it includes all the security subscriptions that gives you the update it includes 24/7 support and it can even include three additional services to implement that and get education and things like that so in my history in the IT industry not just in security this is the first fully inclusive model like that what I've seen and when I've talked to customers which started implementing that this is again announced now so I think this can be a true revolution in how do we make the jump we get to infinity total protection and then we just need to implement these these technologies it still takes time it's still an effort but instead of taking us 10 years it can take us six to twelve months and I think this is very doable so what we've got here so far we've seen the generations we're launching the gent 5 cybersecurity solution against the fifth-generation cyberattacks against the mega attacks and I think this is so far very good but we're still two parts that I owe you one one is to see how it's all related to the drones which I started my presentation and second that I got last year a lot of questions from CIA souls and other casters says ok Gil you've told us about where we should be now you've told us about where you are now but where will we be five years from now ten years from now how does the future looks like so I'll talk about in my next part of the presentation about our view of the future so what should we expect next so once again my son or you see is already running around in the house trying to remote control the drone don't be afraid I don't really let him fly the drone by himself he's only one year old so but he's trying so let's look at this drone that's my gadget we have here all the ingredients we need to secure we have something in the sky we have a communication channel we have a communication system and if we even have a mobile phone in the middle where that controls that so you can say okay I need to secure that communication I need to make sure that my mobile device width varies also not infected by anything and actually that's not the problem that's the small problem we still need to do that but that's the small problem that's the local problem of controlling the communication between my drone and its remote controller the real problem the real challenge in terms of cybersecurity lie behind that when I'm activating my drone there's a huge computing system in the back the drone is connected to a cloud every time it takes off it sends telemetric information it sends GPS information it's gets instruction can I take off and by the way it can get an instruction to land immediately if I'm trying to get to a no-fly zone all the data that I'm flying is being recorded on that cloud and that cloud has multiple applications from multiple vendors the company that makes the drone actually doesn't make the application that controls the no-fly zones for example these are two separate applications all of that is connected to some data center that records tons of data that we accumulate and all of that is connected to multiple enterprise networks for the companies that maintain that now when you think about that any vulnerability in any one of that even the application which doing the the analytics and the statistics about the web usage within that any vulnerability within that can impact my drone was flying in the sky and these drones by the way are not just flown for fun by me they are flown by big commercial organizations where flows we are flown by a military organization I don't know if you've seen but the US Army actually last year issue they were banned for always drawn and you said that you must take them down take out the batteries and store them because we are so afraid that some organization may hack into this cloud and be able to collect information control that and think about the damages so that's the security challenge of a drone but it's not just about the drone when we actually think about that kind of system that system controls every part of our life the airplanes that we fly same thing they are all connected to these systems and any shutdown on this system any weakness in that means that people can shut down air traffic or medical data the most vulnerable place by the way in our life is our is the hospitals and the medical information this is devastating how much we're vulnerable there think about a hospital it has hundreds of devices all coming from different vendors most of them are quite old so we are not running patch software we don't control the software that's running on them and by the way the vendors are even refused to update the software there because that means going through an average cycle of FDA approval and that's very expensive so we don't want to touch them and the environment is open each one of us can walk in the hospital attached to a network give the doctor some CD that we got from another doctor and have them install that or open that on the computer it's connected so hospitals by the way is one of the weakest sectors in terms of cybersecurity and our banking system the same and pretty much everything that we do is all connected to a similar architecture that makes us very vulnerable or if we look into that in a slightly different cut we are living and we are getting into this age of things everything is connected the telecom the smart cities the cloud the healthcare the manufacturing the energy our cars the transportation infrastructure the roads and their traffic lights everything is connected we're not just dealing with computer networks we're dealing with networks that have on them every type of device and everything is interconnected and everything is a target and any vulnerability in any one of the elements here can impact all the others and this is what we call or the sixth generation or Gen 6 of cyber security and we are working on the solution for that and we call it nano security how would that work and I'll give you a very glimpse preview of course not an in depth to the technologies that will come in the future network we're going to have these nano agents everywhere and these nano agents are going to be very different than what we have today so if we look in-depth into a typical system you can see security cameras multiple devices connections to the cloud typical gateway that protects the enterprise that's a like an in-depth view of a small part of the network we can install these nano agents we will be open source software possibly software plugins that are very very lightweight and can control every attribute that goes into the network so unlike what we have today which is heavy agents with plug into very specific system we will be able to develop in the matter of days or hours a plug in to every system here to the security camera to the IOT device to micro services in the cloud remember we are going into environment which is kind of hardware less because we're getting these computing services from the cloud without even owning a virtual instance this is like a function which goes up and down whenever we call it it can be on a mobile operating system it can be on a web service on all the cloud services and all of these nano agents can collect and send just the relevant information to them into one central intelligence and control brain that will be able to make predictive security guidance based on artificial intelligence this is how we see the future and if we try to apply this diagram into the previous one you will see all these nano agents connected together to one global smart with artificial intelligence security system that can drive our security it can make the right decisions in real time this is what we see the future so if we need to summarize them and move to the next presentation that I think would be even more interesting we are at an inflection point today we are the fifth generation of cyberattacks and we are only at the second or third generation of protection and that means the message for all of us here in this room we are all security professionals our job our life is dedicated to making this cyber world secure win we to make that step up to Gen 5 security we must step up we must bring to our organizations to our customers internal and external the best security real-time protection with real-time threat prevention this is my goal in life I hope that you all take the same message and apply it to all your organization and to everywhere and to all your customers so I really want to wish us a great conference in the next two days and thank you all for being with us today and setting a record for CPX thank you very much [Applause]
Info
Channel: Check Point Software Technologies, Ltd.
Views: 47,864
Rating: 4.7094283 out of 5
Keywords: gil shwed, gil shewd checkpoint, cpx 2018, cyber, security, cyber security, cybersecurity, types of cyber attack, cyber crime, computer security, network security, security technology, information security, check point, internet security, technology, computer science, cloud security, cpx, mobile security, check point software, cloud computing, checkpoint software technologies, it security, best internet security, infosec, check point infinity
Id: VTHFXHlFU5A
Channel Id: undefined
Length: 34min 55sec (2095 seconds)
Published: Wed Mar 21 2018
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.