Story image

CheckPoint’s security evangelism

01 Oct 11

A major part of Check Point’s ‘3D Security’ strategy is a focus on people. In a nutshell, all the security software in the world won’t protect customers if their employees aren’t sufficiently educated in basic practices like keeping their passwords secure.
Check Point’s security evangelist, Tomer Teller, told delegates how hackers, appreciating this fact, have in the last few years started using social engineering to access the computers of low-level employees and thus bypass business security software.
Hacking isn’t all about snazzy computer skills any more, Teller says. Understanding the structure of a business is as simple as finding employees’ names, phone numbers and email addresses from discarded, unshredded documents, then researching social media sites to see who communicates with whom.
You also don’t have to break into a network to find out what systems a company uses – just check the experience recommendations in their job ads, or even wander into the lobby, distract the receptionist and take a sneaky peek at his or her display.
How to take over a nuclear plant
Indeed, Teller says one of the most potentially catastrophic hacks of the last year, the Stuxnet attack on the Bushehr nuclear facility in Iran, was most likely set in motion through simple social engineering.
The virus would have been transferable via USB, Teller says, and although the hackers may have paid an employee to introduce it to the facility’s system, it would have been far cheaper and probably just as effective to simply throw a bunch of devices over the fence and count on people plugging them into computers nearby to identify their owners.
Thoughts from the CEO
On the second day of the conference, we were lucky enough to attend a lunch with Check Point founder, chairman and cheif executive, Gil Shwed.
Shwed started the company in 1993, developing one of the first examples of firewall technology soon afterwards. Now, the company boasts a full set of security products, known as ‘blades’, and is, Shwed says, the largest pure security company in the world.
Although plenty of discussion at the conference centred on online security’s sudden media prevalence thanks to groups like Anonymous and LulzSec and sites like Wikileaks, Shwed says Check Point’s plans are as steady as ever.
"We’ve never felt the need to use scare tactics,” Shwed says. "People in IT already knew about the risks. Just because it is in the public eye does not mean they are more likely to come to us.”
Looking to the future
Of course, there was plenty of opportunity to look at initiatives Check Point will be implementing in the next few months.
The most significant area of development is certainly the mobile space, with more and more companies wanting to secure their employees’ mobile devices, such as tablets and smartphones.
Check Point is introducing tools such as two-tier authentication, whereby when employees attempt to login they are sent a text message with a code they must input before they are granted access; user-device pairing, which prevents users from logging in on other employees’ devices; and remote wiping, for removing data when devices are lost or stolen.
Check Point is also working on a new document security tool, cloud security, and a new operating system, known as Gaia. 

InternetNZ welcomes Govt's 99.8% broadband coverage plan
The additional coverage will roll out over the next four years as part of the Rural Broadband Initiative phase two/Mobile Black Spots Fund (RBI2/MBSF) programme expansion.
Dr Ryan Ko steps down as head of Cybersecurity Researchers of Waikato
Dr Ko is off to Australia to become the University of Queensland’s UQ Cyber Security chair and director.
Radware joins Chillisoft’s expanding portfolio
The cloud DDoS prevention, app delivery controller, and web app firewall expert is another step toward a total enterprise security portfolio.
Commerce Commission report shows fibre is hot on the heels of copper
The report shows that as of 30 September 2018 there were 668,850 households and businesses connected to fibre, an increase of 45% from 2017.
Wearables market flourishing - fuelled by smartwatches
A market that has stuttered in the past now has a bright forecast as adoption of wearable technology continues to thrive.
The tech that helped the first woman to sail around Australia
Lisa Blair used devices from supplied by Pivotel to aid her in becoming the first woman to circumnavigate Australia non-stop.
Why there will be a battle for the cloud in 2019
Cloud providers such as AWS, Azure, and Google will likely find themselves in a mad scramble to gain additional enterprise customers.
WLAN market picks up thanks to high-end products
Dell’Oro Group have released a report showing that the WLAN market picked up in 2Q18 as 802.11ax saw its first shipments.