As a young boy growing up in Israel in the late ‘70s, Gil Shwed clearly had a different childhood. Instead of toys, he played and tinkered with computers. When he became a teenager, he began programming and studied computer science. By the time the Internet started to emerge in the ‘90s, he already knew what he wanted – to go into cybersecurity.
And so in 1993, Shwed, along with two friends, put up a network security venture they called Check Point Software Technologies. Now, the company is one of Israel’s largest technology companies and the world’s largest pure-play cybersecurity firm.
The road to the top, as is always the case, was not an easy one for Check Point. As Shwed told Newsbytes.PH in a recent interview in Thailand during the company’s annual CPX 360 conference, it took a lot of skills, guts, luck, and dogged entrepreneurial spirit for the company to reach this far.
Newsbytes.PH: What led you to start Check Point?
I was working on computers since I was 12. Like every Israeli person, you had to go to the Army for three to four years. When I was about 22 to 23 years old, I already knew that I wanted to build my own products and be an entrepreneur in some way.
And then just before I was 25, I saw this opportunity and a great challenge which was the Internet. I knew it was going to revolutionize the world by allowing us to connect to get information. Remember that in 1993, we didn’t have connectivity. All the information we got was from the single-channel TV which we had or the local newspaper.
I already had this idea about security technology for three to four years in my head. Suddenly, I saw this huge opportunity to bring this idea to the Internet. So that’s where I got started in 1993.
The idea of a firewall was already in my head for years before I started Check Point. I knew that security technology would be crucial in connecting local area networks. It was an interesting idea but we couldn’t find a big market for it. We approached the Israeli Army but it was hard convincing them that they needed to compartmentalize their network.
When did you realize you want to pursue this business?
It was an exciting time because dozens of companies were connecting to the Internet and all of them were saying that wanted to keep the Internet as an academic network.
That was basically my Eureka moment. We had developed a “stateful inspection” engine that can analyze network traffic and streaming in a very fast manner. It was exciting because the Internet was growing fast and about to change the world.
The first few years were difficult but we were able to convince some distributors and resellers.
Our first clients were mainly US companies in the East Coast. It was not in Israel because we were always looking for the global market and the US market was perfect for that.
When did the company take off?
Our biggest moment came in a trade show in Las Vegas in 1994. Nobody has heard about us but we presented in our booth. From out of nowhere, we won the Best of Show award for best productivity.
We then signed a deal with Sun Microsystems, which provided most of the Internet servers then. They started distributing our software so we also got the best distribution channel available. In parallel, we developed our own distribution channel with many local partners around the world from 1994 to 1997.
Your company’s first commercial product – the Firewall-1 – was launched in 1994. What was the impact of this product?
The Firewall-1 was the foundation of our company. It was very important and is still very important. We have evolved it into a much more sophisticated end-to-end security system which we now call Infinity, which is a platform for delivering security for everything – for the mobile, cloud, network, and IoT (Internet-of-Things). Basically, for all the elements that exist on our infrastructure.
Is IoT a curse or an opportunity?
We don’t ask ourselves this question. It’s like saying that doctors can’t save someone due to certain diseases. For us, IoT could be a disease and our job is to cure or prevent it from happening.
So from our perspective, IoT is a very interesting challenge because it is unlike a computer system where you have a well-defined environment and you have some software that you can install to protect it. IoT devices are usually not very secure because they use outdated software, so they’re relatively easy to penetrate. For us, it’s another challenge but we also treat is an opportunity to showcase our capabilities.
Almost everything in our infrastructure is becoming IoT-enabled. From printers to air conditioning systems to elevators to multimedia systems, everything is becoming IoT.
The surface attacks, however, are now becoming multi-vector and it’s also possible that devices which are secure can now be penetrated through the cloud. Because many IoT devices are now connected to the cloud, we’ve also seen the increased sophistication or the complexity of today’s environment for attacks.
The vulnerable surface is just becoming larger and larger. Twenty years ago, you could say that your computer is not going to hurt your daily life. Today, that’s no longer the case as we are connected 24/7 to these mobile devices which are connected to the cloud.
Do you have clients on the consumer side?
Most of our customers are enterprises, but we have a few consumer products. We actually have this solution which protects endpoints and mobile devices. It’s pretty a cool product which we use ourselves. It’s a good way to complement what we have in the enterprise and also in many cases, the test-bed for new technologies. Some of these products are in fact really advanced technologically.
Consumer clients are just a tiny part of our business but we definitely should have a bigger focus on small and medium businesses. We actually have a solution for small businesses that allows them to control the security of their mobile devices in a large-scale manner. Midsized businesses need all the things that big companies have but they don’t have the people to manage their devices. Our Infinity platform is a perfect fit because it can be managed remotely and can handle thousands of customers with a simple template.
What is the weakest link in cybersecurity?
I don’t think that there’s one single weakest link, but some of the weak links we have today are the mobile devices and the cloud. They are the least protected and very vulnerable. Very few people actually use anti-malware or security software to protect their mobile devices.
Attackers can actually take over your phone with deep fake technology that allows them to steal your identity. Your bank wouldn’t know it’s fake because they can hack your voice from your phone. This is not science fiction anymore because it actually happened in Europe where $2 million was stolen through a deep fake attack which used the voice of a manager to speak to another manager.
What’s next for Check Point?
We are now over 5,300 people and are now active in many security sub-domains. We used to be in network security only but now we have the Infinity end-to-end security platform.
It’s amazing to see the growth for so many good people in Check Point. And we have many partners around the world that are doing a terrific job.
A big number of our employees are not in Israel because they deal with sales and marketing but almost all of our development team is in Tel Aviv.
Israelis are known for security and I’m very proud of being an Israeli but growing the company wasn’t that easy. The domestic market was great, but it’s just 1% or 2% of our total sales. Most of our target market is far away.
What we did was to turn this weakness into strength by focusing on our local customers. When all your customers are remote, you have to make sure the products will work. It also meant that the product could be much easier to use the product and easier to distribute. And we did it very well in the early days of Check Point. Today, we’re already established.