Gil Shwed, CEO of Check Point: ‘The risk of cyberattacks is an all-time high and will stay that way’

Gil Shwed, 50, has led one of the largest cybersecurity companies in the world for three decades. The Israeli engineer founded Check Point with Shlomo Kramer and Marius Nacht, when he was 25 years old after serving in the Israeli military, the largest single source of cyber threat experts. Despite being the longest-serving CEO of a Nasdaq company, he has decided to step aside and leave his top job at a company that is seeing the highest global incidence of cyberattacks in history.

With more than 5,000 employees, Check Point has returned to profitability (it closed the year with €2.3 billion in profit, 4% more than in 2022) and seen the dizzying growth of companies, such as Palo Alto, created by former Check Point engineer, Nir Zuk. Shwed spoke to EL PAÍS during his company’s (CPX) convention in Vienna, Austria, where he wore the yellow ribbon in support of freeing Hamas’ hostages.

Question. Why are you stepping down as CEO?

Answer. I’m not leaving Check Point. I’m transitioning to executive chairman. I will focus on new areas and I will stay available for whatever needed. I’ve been the longest-serving CEO on Nasdaq and it’s an interesting time to think about the next stage and take Check Point forward. We have a very strong team, a very good product portfolio and it’s a good time to think about what the company will be like in the next five to 10 years. Part of my job is having 12 or more half-hour meeting every day, and if I really want to listen to customers, learn new technologies, and address issues, I have to focus and spend more of my time on these tasks.

Q. Are we seeing an increased risk of cyberattacks?

A. The risk is at an all-time high and will probably stay that way. Malicious actors are learning more and more about the vulnerabilities in infrastructure. Not only are they getting better, but the amount of infrastructure at risk is also greater. We are more dependent on technology and more connected than ever before. That’s good, it’s very important for our world, but it also means that every company can be attacked. If you look at the software infrastructure, it’s even more complicated because the more complex it is, the more bugs there are and the more places there are to attack. The amount of software is 1,000 times greater than what it was 30 years ago, and the number of combinations to attack is much more. Additionally, all computers are connected and there are many more services we consume online.

“We are more dependent on technology and more connected than ever. That’s good, it’s very important for our world, but it also means that all companies can be attacked.”

Q. As a company based in Israel, how has the war in Gaza affected you?

A. The main effect was that some of our employees were drafted into the army, approximately 5% of our workforce. From the first day, we’ve insisted that we keep business as usual and deliver on all of our commitments. And we did that, so it didn’t have a significant effect on our deliverables. Nobody is happy with being in a war. It is not a great situation, but, in terms of work, we are complying.

Q. What will this year be like in terms of cybersecurity?

A. Attacks on infrastructure are very sophisticated and there will continue to be states behind criminal groups. Cyberattacks will be fifth generation: very sophisticated and very hard to detect. They remain at a very high risk, and we’re seeing more and more. An attack is never good, but we are seeing people investing more in order to protect themselves and technologies being discovered to protect against them in a better way. The bad part is that there are many more organizations that are attacking and many more organizations that are being attacked.

Q. You are using artificial intelligence (AI), but so do malicious actors. Who is winning the race?

A. We are winning because we keep our world connected and running. The internet produces far more good than bad. AI generative tools give attackers a lot of access, from simple things like writing a phishing message or a fake message.

Q. Can we protect ourselves?

A. Against false messages, it is simpler. Can we protect ourselves from sophisticated deepfake movies? We are looking into it and maybe we can identify that a video clip has been produced by real people or AI.

Q. Check Point is constantly researching how to defend machines, the web and the cloud, but, in the end, the human factor, the person, is the most vulnerable point in the chain. How can you correct this weakness?

A. We have to teach people to be more careful, but I’m not sure that humans are the most vulnerable thing. If you look at some of the most devastating attacks, the human factor was very limited. I’m not saying it doesn’t exist, but there are zero-click attacks that allow someone to get to your computer or mobile or anything without you doing anything. That’s the most sophisticated kind of attack. But even when you click on something, it’s not you that’s causing the damage. Once you click, you just activate the very complicated process that exploits the vulnerability in the application underneath that.

“We win because we keep our world connected and running. The internet produces far more good than bad.”

Q. Is anyone safe?

A. No. But I don’t want to scare people, but rather convey the message that you can be safe, and it is good to use the internet, although we have to remember that, if I give my data on the internet, I’m taking a risk. Although it’s good to take that risk. My life is much better by participating, by communicating with people, by doing e-commerce. Is it safer? I think so. Can the internet be safer? Yes, because you can use different tools to do that.

Q. Have you ever personally suffered a cyberattack?

A. No, but my phone tells me that it has protected me several times in recent weeks from some websites that are not secure, and I go to them while browsing very valid internet sites.

Q. The threats are global, but the solutions are individual. Is it possible for companies to collaborate to reduce this disadvantage?

A. The number one priority for us is collaboration, making our products more collaborative.

Q. There are old weapons that resurface, such as infection with a portable USB memory, and others never seen before.

A. This year we have seen attacks that were very common 15 years ago, such as those delivered through USB devices. They are trying to get computers when they are not connected to the internet or are very well protected. On the internet we are doing a good job with firewalls. But that’s why collaboration is so important. I need it when I see the attacker on the network or on a USB or on my mobile.

Q. There are attacks that don’t seek money, but rather to destroy the operational capacity of critical infrastructures.

A. Motivation varies. In the early days of the internet, most incidents came from people who just wanted to show off their skills. Now, state-sponsored and ideologically motivated attacks only want to cause real damage, not to get money, not even to steal data, but to cause damage.

Q. Russia, Iran and North Korea are some of those states sponsoring attacks. Is there any possibility to prevent them?

A. We are trying to defend everyone from everyone. We see big attacks everywhere, and we don’t always know who to attribute them to because the origin is hidden. Many countries do not do it directly, but they have organizations that work on their behalf. By the way, North Korea is an extreme example because they can be the worst attacker since they have nothing to lose because they are offline. It is a sophisticated nation, they are smart and know how to use the technology, but the risk for them is very limited because they don’t connect to the internet.

Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition