Nadav Zafrir, Check Point: ‘Now you can be an amateur, but with the power of AI, you can have the capabilities of a very sophisticated attacker’

Nadav Zafrir was born in Kiryat Anavim, the first kibbutz established in the historic Israeli region of the Judean Hills. He prefers to speak in English, though he is fluent in Spanish thanks to his diplomat father, who was sent to Dominican Republic and Ecuador at the end of the last century. Zafrir lived in those countries until he turned 18 (this year, he’ll be 54), at which point he returned to Israel to carry out his obligatory military service. He had a dazzling career, rising to the rank of brigadier general of the Cyber Command 8200, an elite unit of the Israeli intelligence corps and one of the world’s great breeding grounds for computer security experts. He has founded more than 40 companies in the field and just took over as CEO at Check Point, one of the world’s largest cybersecurity companies, which claims to have closed out the last financial year with $2.6 billion in calculated billings (up 9% from the previous year). This month, he took part in the company’s annual meeting in Vienna, CPX 2025.

Question. Is your military experience useful in the world of cybersecurity?

Answer. I think it’s very, very relevant because you have to be passionate about what you do, and you have to see it as a mission. In the military, I had the opportunity to see what it’s like to be defending large, critical networks. I understand what it’s like to be in the trenches, but also what it’s like to be on the offense. I think I have an appreciation of the different perspectives that are necessary in this industry. At the end of the day, it’s a learning competition. You have to be very pragmatic and think of the “bad guys” as smart people, and it’s about constantly being vigilant and agile. When you come from a military background, that is something that is very day-to-day.

Q. And what is your goal?

A. It’s a mission oriented towards digital trust. It’s about making the world continue to function in this digital environment, where things are changing extremely fast and there are always going to be people that are going to try to disrupt.

Q. Do the current conflicts affect cybersecurity? Are there more intense, sophisticated attacks going on?

A. It’s definitely getting worse. If you look at ransomware as an example, it was up 40% in 2024 versus 2023 with the sophistication of artificial intelligence. Now you can be an amateur, but with the power of AI, you can have the capabilities of a very sophisticated attacker. The attacks are more frequent, more sophisticated and more intense. On the other hand, we’re also getting better on the defense side. We have to keep up and innovate, because otherwise, we’re going to stay behind and we won’t live up to what our clients are expecting from us.

Creating some kind of a United Nations of cyber security and having a global framework of rules and regulations is really naïve. That’s probably not going to happen

Q. Will the new policies of the United States affect global firms like Check Point?

A. We have employees in over 180 countries and so of course, when there are global tensions it affects everything. It affects how people choose to buy software, it affects the incentives of attackers from different places. Creating some kind of a United Nations of cyber security and having a global framework of rules and regulations is really naïve. That’s probably not going to happen and it means that we need to be more precise, collect more information. This year, we added 20 more AI engines to our cloud and we are going to be investing dramatically in researching security for AI, because we need to constantly stay ahead of the game. There are different conflicts around the world, and different governments involved. We have to make sure that we are compliant with different regulations and we need to be more careful, but at the end of the day on the business side, I think it’s a very minimal effect.

Q. Will Check Point turn to alliances and aquiring other companies in order to grow?

A. We are going to grow some things organically, but we’re also constantly on the lookout for other companies we can either work with or acquire. We’ve had many successful acquisitions over the last few years, and we intend to continue doing this as long as it’s consistent with our strategy and culture and makes financial sense. [Soon after our interview, Check Point announced its partnership with cloud security specialists Wiz.]

Q. After the emergence of DeepSeek, the Chinese AI, some companies went ahead and banned its download. Do you recommend that?

A. I think that we need to strike the right balance, and I don’t think that it’s a binary decision. Each company, based on its policy, should strike the right balance between adopting new technologies and being vigilant against taking unnecessary risks. My recommendation to our partners and clients is that of course we need to use AI because it’s an incredible tool and we’re going to stay behind if we don’t use it. But we have to use it responsibly, right? That’s why we just launched our own AI. There’s no one-size-fits-all for everyone within the same company, so it depends on what kind of intent, what kind of location, what kind of identity, what kind of data — there are many, many questions. For example, if you are going to go out and use ChatGPT to ask about a restaurant, we want to have the smart granular ability to say, no problem, but if you are going to incorporate sensitive financial information, stop right there. When it comes to DeepSeek — when something new comes out, it’s not imperative to try it out today. Wait a second, patience, give us a second to check this out. That is the prudent thing to do. Maybe it’s a great new model, maybe it can cut costs, maybe it can prove that it could bring capabilities that weren’t out there before. If that’s the case, kudos to them. At the end of the day, we need this diverse ecosystem and competition across the globe.

We need to use AI because it’s an incredible tool and we’re going to stay behind if we don’t use it. But we have to use it responsibly, right?

Q. Is open-source a risk when it makes the tool available to people who may have harmful intentions?

A. On one hand, yes, it’s a risk. On the other hand, having many, many eyes and many, many users perfecting it makes it more resilient. It’s a matter of making the right fit for the right task for the right person at the right time. We believe in the hybrid mesh, because it means that we have a flexible, resilient network. When a new ability, a new capability comes out, you can immediately decide who can, from where and what instead of saying this yes, this no. A hybrid approach makes you more resilient, more secure, but also more effective.

Q. What will cyberthreats be like this year?

A. To be honest, I wouldn’t dare predict. We are going to see more sophisticated ransomware, but we’re also going to have better tools to tackle it.

Q. Last year was particularly significant in terms of disinformation and interference in democratic processes. Is that also part of cybersecurity?

A. It also has to do with the idea of trust. If there are elections and you don’t trust that they have been fair, then you don’t accept the results, right? That’s a big problem. When you have elections, attackers can do many things, they can infiltrate, they can manipulate, they can influence. It’s a fine line between what is legit and what’s not right, and so we need to have the guardrails of regulatory frameworks. Then there is the actual security of elections and today, of course, that’s based on our digital infrastructure, so we also need to make sure that the integrity of the elections is there.

Q. The European Artificial Intelligence Act just came into effect. Is regulation necessary?

A. Yes, we need rules, but the rules need to be descriptive: describe the wanted outcome and the unwanted outcome instead of saying you need to do the software like this. In my opinion, that’s not necessarily helpful, because this is changing very, very fast and by the time we learn the impact of this technology and we make the regulation, the technology has already evolved and we need to comply with something that was relevant two years ago. It’s necessary to have some kind of collaborative interaction between government, lawmakers, government agencies and innovators.

Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition