Check Point Experience (CPX) is truly a unique experience, dedicated to addressing today’s most pressing cybersecurity challenges, and helping customers develop strategies to stay one step ahead of increasingly sophisticated hackers and malware.
Over 4,000 Check Point customers, partners, and resellers met at the 2016 CPX events in Nice, France, and Chicago, Illinois, United States. Several smaller CPX events are taking place across the globe to offer customers worldwide the opportunity to get up close and personal with the products and the team who is building them.
The CPX USA event was hosted at McCormick Place, a venue with a fascinating history, deeply entrenched in the economy of the city of Chicago. Did you know that the McCormick Place is now the largest conference center in North America? It has undergone a full renovation and transformation, much like the cybersecurity industry of present day.
The McCormick Place Fire
Opening in 1960, McCormick Place was once the centerpiece of the city’s dominant trade show business, a business worth an estimated $300 million annually with McCormick Place accounting for nearly one-third and employing nearly 10,000 people. The conference center was a spectacle, and it became a spectacular event when it burned to the ground in 1967. How could this have happened? The evidence is inconclusive, but it does tell us that the critical infrastructure of the building was indeed the weakest link. At the time of the fire, the building contained highly combustible exhibits, several hydrants were shut off fire hydrants, and there were no sprinklers on the main floor where the fire started. The fire spread quickly and destructively. Firefighters didn’t stand a chance.
Today stands a state-of-the-art conference center surrounded by demolition and new construction, symbolizing the preservation of existing foundation, destruction of old methods, and building with a new approach to safety measures. If the fire of 1967 taught Chicagoans a lesson, then perhaps it was to ensure design was flawless and construction teams should regularly test all preventive measures against disaster. This lesson is representative of what cybersecurity professionals are experiencing today: the existing infrastructure has gaping holes and the only way to protection is a new approach - isolation.
State of The Cybersecurity Industry
Now more than ever, business leaders across the globe are becoming aware of how cybersecurity has strategic, cross-functional, legal and financial implications. Yet, the second annual State of Cybersecurity study by ISACA and RSA Conference shows that enterprises continue to view cybersecurity as a technology issue, not a business imperative. I am curious what percentage of enterprises that have suffered a data breach will tell you cybersecurity is not a business imperative after the company ends up on the front page?
While cybersecurity professionals are seeing increased budgets and better alignment with strategic goals in 2016, few CISOs report directly to the CEO. The cybersecurity skills gap identified in previous years is actually widening, creating waning confidence that most teams can handle anything beyond the most basic attacks. These factors point to a critical need to educate CEOs and boards of directors on the strategic, cross-enterprise value of cyber defense and the importance of moving to a skills-based training approach to develop their cyber workforce.
Check Point Is Evolving The Cybersecurity Industry
Check Point offers skills-based training by hosting customers and partners at the annual CPX events to experience the technology in action; participate in in-depth training sessions; and network with peers in the industry. The attendees, who are at the bleeding edge of technology, gather to discuss industry key trends and learn about strategies and technologies required to secure infrastructures – across all environments and devices.
The Check Point approach -- educating and reinforcing the cyber workforce (their customers) -- is infectious. If you are a Check Point customer or partner, then CPX is prime time to take a deep dive into individual use cases, meet with the product teams and technology partners, and converse with fellow professionals who may be experiencing similar security issues. Attendees can then dispatch newly acquired skills to their teams and inform strategic business initiatives elevating to the C-suite.
The Menlo Security Isolation Platform Effect
The Menlo Security team also engaged in many informative conversations with Check Point customers who received demos at our booth. Menlo Security offers the Menlo Security Isolation Platform (MSIP), which completely contains and executes all active content in cloud-based disposable virtual containers away from the endpoint. Attendees were particularly intrigued by how easily the MSIP integrates with Check Point next generation fire walls and vSEC Virtual Gateways. With this approach, administrators can steer some portion of web traffic to the MSIP’s public cloud solution, providing 100% safety via isolation; a seamless end-user experience; and cloud simplicity and scale. Integration is as simple as creating a rule on the Check Point firewall.
Simplicity as a topic was not only important for administrators, but also for end users. A conversation that stood out to me is one that took place in the buffet line with an attendee who will remain unnamed. He confessed how shocked he was time and time again by the blatant disregard for security protocols he witnessed within his organization. I pointed out that many solutions are difficult for end users to use, and most users will bypass security that gets in their way. Upon my successful delivery of the Menlo Security Isolation Platform pitch, which highlights the seamless end user experience, he was ready to connect his users to the MSIP.
How Isolation is Helping Today
The McCormick Place fire of 1967 offers a valuable lesson learned for architects, engineers, and construction managers alike. Clearly, there was a significant aspect of oversight in infrastructure planning. Similarly, network security is reliant upon methods that are not 100% effective all of the time, waiting for an alarm or signal to tell us if something is “good” or “bad.” The approach is ineffective and can be costly. Attackers continually find ways to avoid detection.
Therefore, cyber-attack defense ecosystems are shifting from the implementation of detection-based technologies to prevention-based technologies, and the only sure way to prevent web-based malware is through isolation.