Having invented the modern firewall that enterprises still use today to keep threat actors at bay, Check Point Software’s founder and CEO Gil Shwed cuts an influential figure in the cyber security industry.
He wrote the first version of FireWall-1, the company’s flagship offering that became the world’s first commercially available firewall product in 1994, and patented stateful inspection, now a de facto standard security technology.
Under his leadership, Check Point has broadened its portfolio, offering a wide range of security capabilities from cloud and network security to a unified security management tool called Infinity that consolidates security capabilities into a single platform.
In a wide-ranging interview with Computer Weekly, Shwed spoke about how Check Point is keeping pace with the cyber security landscape, the company’s key growth areas and approach to cloud security, as well as how generative AI (artificial intelligence) will impact cyber security.
Could you give me a sense of the growth areas for the company, particularly in the Asia-Pacific region?
Shwed: I think the growth areas are almost unlimited because our business is multi-dimensional, especially in Asia, where not all the countries are in the same stage of development. So clearly, there is more potential everywhere.
For those in less developed countries, there’s plenty of potential to catch up and get to a reasonable level of security and those in developed countries will keep investing because they know how important it is.
In terms of technology, I think the real challenge today is from a product perspective. While we can sell more products to secure the cloud, networks and users, it’s important to create a collaborative platform for security architectures to work together.
Now, if you look at traditional defence, when a fire alarm goes off, we’re not going to sit around and say we don’t care. The doors will close, and we will all take care of it to make sure the fire doesn’t spread to the entire building.
The average cloud application has about 15 connections to other applications, and not all of them are owned by your company, so the risk level on the cloud is very high
…
https://spinsafe.com/wp-content/uploads/2021/05/data-security-padlock-adobe.jpg4001200SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2023-02-09 06:00:042023-02-09 06:00:04How Check Point is keeping pace with the cyber security landscape
This blog highlights trends in notable observed advertisements on illicit forums for breached data, including databases or claims of network access; hacking services; and various strains and types of malware from January 1, 2022 through November 30, 2022.
The most frequently reported-on targeted sectors in 2022 were the government, financial, and retail industries.
The United States was the most-targeted geographic region in breach reporting this year.
Threat actors most commonly advertised and discussed hacking services, malware, and exploits on the popularly used forums Breach Forums, Exploit, and XSS.
Phishing pages were some of the most popular offerings within hacking service and malware advertisements.
Data breach landscape
Mostly motivated by greed, threat actors will target any organization regardless of sector. Therefore, data breaches provide key insights into the methods and tactics of hackers—since they will do whatever it takes to gain illegal access into their target’s network—using the plethora of advertised malware and hacking services available on illicit marketplaces.
As such, studying data breaches can help organizations and their security teams improve their security controls and incident response plans. Understanding who breaches affect, as well as where they take place, helps you gain visibility into your risk profile.
Here’s how the data breach landscape played out in 2022.
Most impacted sectors
According to our research team, there were a total of 4,146 reported global data breach events that occurred this year. Of those events, the top three sectors that experienced the most breaches were government, financial, and retail:
Figure 1: Top targeted sectors in breaches reporting this year
However, although sectors such as Healthcare and Technology also had been impacted by breach events, there was a fourth category that experienced the next most activity—”Unknown.” The unknown category represents datasets (whether advertised or leaked) where the victim’s identity was unavailable—either because that information was not disclosed, or because the data itself or the shared sample lacked any kind of identifiable information.
https://spinsafe.com/wp-content/uploads/2022/10/author-image-150x150.png150150SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2022-12-13 21:00:072022-12-13 21:00:07Flashpoint Year In Review: 2022 Breaches and Malware Threat Landscape
Over the past twelve months, we’ve seen threat actors become smarter, faster, and more sophisticated with their attacks on business-critical applications. Business-critical applications, like enterprise resource planning (ERP) applications, run the global economy. If organizations cannot ensure these applications are strictly secure, they not only place their own business at risk, but also data from their partners, customers, and employees. SAP and Onapsis recently found evidence of more than 300 successful exploitation attempts against unsecured SAP applications, pointing to cybercriminals’ clear understanding of ERP applications.
From Elephant Beetle to the ICMAD vulnerabilities, let’s take a look back at some of the ERP vulnerabilities and threat intelligence of 2022, and what we can learn from it.
Log4j Vulnerability: Threat Intelligence and Mitigation Strategies to Protect Your SAP Applications
Log4j (CVE-2021-44228) is a remote code execution (RCE) vulnerability that enables threat actors to execute arbitrary code and take full control of vulnerable devices.The Onapsis Research Labs’ network of sensors, the Onapsis Threat Intelligence Cloud, captured 3,000+ attack attempts and observed over 50 variants within 10 days of the initial Log4j attack. With more than 30 SAP applications affected by this vulnerability, it’s important to understand the implications of the Log4j vulnerability on SAP applications and build a comprehensive vulnerability management program to protect the crown jewels of the business, SAP systems.
ICMAD SAP Cybersecurity Vulnerabilities
At the beginning of the year, Onapsis Research Labs worked with SAP Product Security Response Team to discover and patch three critical memory corruption vulnerabilities affecting SAP Internet Communication Manager (ICM). These ICMAD vulnerabilities could allow attackers to execute malicious activities on SAP users, business information, and processes — and ultimately compromise unpatched SAP applications. In this threat briefing session, SAP CISO Richard Puckett and Onapsis CEO Mariano Nunez share details on the ICMAD vulnerabilities discovered and recommendations to keep your SAP systems safe.
https://spinsafe.com/wp-content/uploads/2022/12/Onapsis_AppsMas_2022_Blog_2-1.png2981024SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2022-12-02 22:00:072022-12-02 22:00:07A Look Back at the 2022 ERP Security Landscape (Video)
From the news headlines, we know that data breaches are on the rise – both in frequency and scale. While this reality is unsettling, it’s not surprising. That is because the volume of data being collected and stored by organizations continues to grow exponentially each year. Every day, the global population creates 2.5 quintillion bytes of data, and some estimates state that by the end of 2022, 97 zettabytes (one zettabyte is one trillion gigabytes) of data will be created, captured, copied, and consumed worldwide.
This data is valuable and, therefore, attractive to cybercriminals to steal or manipulate to conduct fraud, sell on, or hold for ransom. Organizations are well aware of the threats to data and invest heavily in cybersecurity measures. However, despite this, data breaches continue to occur. To understand why we need to look at how the data landscape has changed in the last decade and how that has made traditional cybersecurity frameworks and playbooks obsolete.
The data landscape pre-2010
Before 2010 and the mass internet adoption spurred on by the invention of the smartphone, organizations had a relatively well-defined and controlled footprint of people, processes, and technology that were used to capture, process, and store data.
At that time, data was still largely collected using paper. This data was generally provided to a handful of employees (i.e. Data Entry Operators) who had been strongly verified by the organization. They entered this data into monolithic and green screen applications, which stored the data in a handful of enterprise databases that were available at the time. All this was largely run within the organization’s own data centers, under the control of their IT and security teams.
The data landscape post-2010
Mass adoption of the internet and the digitization of the economy since 2010 have seen a significant shift in our data practices and processes.
Today we have hundreds or even thousands of people (ie. customers), entering data via web and mobile apps. These users are poorly verified, often requiring as little as an email address to get access. Gone are the centralized monolithic and green screen applications, replaced by web and…
https://spinsafe.com/wp-content/uploads/2022/12/How-the-Modern-Data-Landscape-Made-the-Traditional-Cybersecurity-Approach.jpeg81512SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2022-12-01 19:30:052022-12-01 19:30:05How the Modern Data Landscape Made the Traditional Cybersecurity Approach Obsolete
