Skip to Content

Check Point president: Firewalls aren’t enough

FORTUNE — This year’s RSA Conference, an annual gathering of the nation’s top information security executives, has already had its share of controversy. But most of the companies in attendance — both big and small — are there simply to show off their latest and greatest cybercrime-fighting technologies.

Lucky for them, the growing number of high-profile cyber-attacks have led corporations to spend more and more on security tools. According to research firm Gartner, the information security market will grow from an estimated $67 billion last year to $95 billion by 2017. But firewalls — yes, even next-generation firewalls — and anti-virus software are no longer enough. That’s why vendors like Cisco (CSCO), Juniper Networks (JNPR) and newer players like Palo Alto Networks (PANW) are branching out.

To find out more about customers’ changing buying patterns and the rise of new, more open approaches to gather and share threat-intelligence data, Fortune caught up with Amnon Bar-Lev, the president of Israel-based Check Point Software Technologies (CHKP), one of the IT security industry’s leading providers.

Fortune: What are customers asking you for? What are you hearing here at RSA?

Bar-Lev: There are a couple of trends happening in this industry. One is the move from purely firewall [-based protection] to more threat prevention. All of the firewall vendors in the world today have next-generation firewalls; it really became a commodity. But people understand that firewall is not enough. So they are adding more and more technology into that space — anti-bots, different threat prevention activities, threat emulation, and IPS [“intrusion prevention system” –Ed.] for sure.

The second trend is clearly consolidation. I think people used to have a lot of point products because they felt that’s the best-of-breed approach. But this has changed. We have the best IPS in the market and it’s integrated, not a dedicated box. We don’t think it should be a dedicated box. There’s a significant amount of growth that we’re seeing coming from consolidation. People are looking for more protection, they don’t feel secure enough.

Which industries are most freaked out?

I don’t know if they’re freaked out, but clearly the finance industry is probably the most advanced industry regarding security. They’re quite advanced in looking for new solutions and technologies and implementing them. Second is probably telcos. They have two different networks, their operation part and their IT part. The IT part is like any other enterprise, but they’re quite advanced. Operations are much more conservative, but down time is a very big issue.

But there was a major change in the industry when LTE [the fourth-generation wireless technology –Ed.] came out, which is all IP-based. So they have to protect base stations and the connection between base stations and now they started implementing more and more security. But we have over 100,000 customers in any vertical you can think of.

What piece of all of these various products people are buying today do you not have and want to have?

I think we have most of it. There’s something called a web application firewall and we don’t really play in this space. There are a lot of things under development now, like to better secure mobile devices.

Are you hearing a lot of demand for that [mobile device security solutions]?

I don’t know if I’d say “demand,” but definitely “buzz.” Because nobody has a very simple, straightforward solution to solve this. Most of the things are too much of an intrusion now.

Overall, security is not a great thing for a business to invest in because they don’t see a return and they don’t know how to measure a return on security. It’s like armies — how many fighter jets should an army have? You don’t know. You build your own assumption. It’s the same thing here about security. It depends on how much budget they have and then they spend it.

From the other side, people want to do everything that they can. and sometimes security and functionality doesn’t go together. One of the biggest challenges is to make sure security is an enabler and not a disabler.

More on security from