Can Check Point Founder Strike Again? by Michal Lev-Ram @FortuneMagazine February 10, 2016, 3:35 PM EST E-mail Tweet Facebook Linkedin Share icons The small country of Israel is home to an estimated 300 cybersecurity companies, and now yet another one has added to the rising count. Earlier this week, cloud-based network security provider Cato Networks officially emerged from stealth mode. While the startup has been kept under wraps for months, its founder and CEO is a known entity in security circles. Shlomo Kramer, co-founder of Check Point Software Technologies chkp and Imperva, is hoping to strike big with his latest company, which he says will eliminate the need for the multiple, costly appliances companies typically plug in to help secure their systems. Many of Kramer’s bets have paid off in the past—not just with the companies that he’s helped found but also with his own investments in the security space (the long list includes WatchDox, Trusteer and Palo Alto Networks). On the eve of Cato’s launch, Fortune caught up with Kramer to ask about Cato’s technology and the current landscape for Israeli security startups. Fortune: There are so many security startups today. What has changed in the cybersecurity landscape in recent years? Shlomo Kramer: I’ve been investing in cyber for 15 years now. It used to be that the venture capital community didn’t see a lot of potential in security, so it wasn’t crowded. But then with some of the [recent] exits and the developments it became a very hot market. Today I would say that it’s almost over-funded. You have good ideas and good categories, but you also have about 10 almost identical companies in each category. While this is not a bubble because there are strong fundamentals that are driving this, the market is definitely overheated. So at what point do you think there will be some kind of shakeout? We are definitely seeing the whole mood of VCs change in the last six months, and cyber is no different. Why are there so many Israeli cybersecurity startups? The obvious reason is the correct one. The core technology and capabilities come from the Israeli Defense Forces, and every year there’s a new wave of very talented people that got a unique experience at an early age with very advanced technologies. It’s the injection of talent from the IDF. Cato is the third company that you are founding and leading. Why did you choose to do this again? This is going back to network security, which was the first thing that I did with Check Point. There’s a pretty big market now, about $50 billion total, but it’s very much an appliance-based market. People are building their network security using appliances, which are very rigid and location-bound. You have a location, you put in an appliance and it protects that location. That was good in the early 90s when the business was simple. All of the people and all of the applications were in a single location and it connected to the Internet, so you put an appliance there and it protected that perimeter. With mobility and with cloud, business today is completely fluid. This fluidity can’t be handled correctly with appliances. Everybody knows that the perimeter is dissolving. That has created, over the last few years, a huge mess both on the networking and the security side. We are rebuilding the perimeter in the cloud and making network security simple again by providing it as a cloud service, available anywhere and anytime. How do you rebuild the perimeter in the cloud, what does that mean? It’s a cloud network. We are building a global network connected by tier one carrier lines. And on that infrastructure we offer the network to an organization. Into that network an organization plugs in all of their elements whether it’s physical locations, cloud data centers, mobile users, and so on. So everybody plugs into the network, and now you have a single network that is connecting everyone. On that simple network we offer enterprise network security services that are elastic. Think of it like Amazon Web Services for network security. These services provide the same security everywhere. How do you plug into this network? I have a small application that I toggle in and toggle out and I tunnel into the cloud. All traffic tunnels into the cloud. The same for what’s on site, there’s a small zero-touch appliance that allows us to connect to the cloud and tunnel traffic there. There are various ways to plug into that cloud network. So how does a next-generation firewall fit into this model? One of the enterprise services that we provide is a next-generation firewall. But this next-generation firewall is available in the cloud. It controls the policy for me when I’m here and for everybody back in the office in Tel Aviv, and controls policy of access to our software-as-a-service applications and the data center. So it’s a single policy that controls all traffic. Right now most companies buy security products from many different vendors. What else do you provide on your new platform? What we are providing is a platform and blades on it. So a next-generation firewall, application control, VPN capabilities, and we are going to continue to provide additional blades of security on a single platform. Everything was built from the ground up in a fully integrated way by us. So what’s next? Will you keep the company in Israel? We need to get to customers and we need to build partnerships with channels that serve these customers. That’s why we just hired a VP of sales. When we start having customers we need to market to them and support them. But the product team will remain in Israel.