In what he declared “a plan for changing information security now, and for the next ten years”, Shwed called the “collection of technologies” which currently make up the information security landscape, “no longer enough. It really needs to start at a much higher level”, he announced. “It’s time to redefine security”.
Information security, he declared, “needs to become a business process which will enable our business”. In order to do this, he explained, security needs to step away from being all about technology and focus on the business needs through policy implementation, involving the people, and consolidating security for better control and enforcement.
Defining the company information security policy is the first practical step that an organisation needs to take, he said. “It needs to be simple, usable and meaningful – the anchor of security”. This can’t be achieved without the right tools or expertise, he said, both of which Check Point, according to Shwed, can provide. “Of the 2300 people working for Check Point, around 2000 are security experts”, he said.
The people part of 3D security is relatively straight-forward, Shwed told the large audience, gathered at the CCIB Convention Centre in Barcelona. “You need to give people information and transparency so that they can understand security. It’s essential to make them a part of the security process and ensure they are aware of the company security policy”. Security, he offered, should be seamless and simple to the people using it.
Enforcement, the final piece of the puzzle, can be used to gain control, explained Shwed. “There are multiple layers of security control and they need to act together, which is not easy to achieve.” Check Point’s software blade offering, which was launched at the Check Point Experience 2009, is “a very good start”, claimed Shwed, “the blades are the technology core which can be built upon with strategy”.
“It is easy to pile up more and more weapons, but that doesn’t create a more secure defense without strategy or unity”, Check Point’s founder concluded.