AI marks a significant shift in how enterprises defend against evolving cyber threats: Check Point India & SAARC MD

The transformative influence of artificial intelligence (AI) on cybersecurity strategies is redefining how enterprises approach digital defense, presenting both challenges and innovative solutions.  

In a discussion with TechCircle, Sundar Balasubramanian, Managing Director, Check Point Software Technologies India & SAARC, provided insights into this evolving landscape. He highlighted the changing role of AI in cybersecurity, its impact on enterprise security strategies, and effective ways for businesses to leverage AI in safeguarding their digital assets. Edited Excerpts:

How is cybersecurity among Indian enterprises right now? Are there specific industries facing higher risks or threats? 

The bad news is that Indian enterprises face more than twice as many attacks as the global average. This trend has been consistent for the past few years. In Q1 this year, there were nearly 3,000 weekly attacks on Indian enterprises compared to 1,400 globally. This marks a staggering increase, with attacks rising 28-30% year-on-year and 28% quarter-on-quarter. Check Point Research attributes much of this surge to the growing use of artificial intelligence in security. 

Previously, sectors like healthcare, education, and manufacturing were targeted. Recently, healthcare has seen a significant increase in attacks, likely making it the most attacked sector now.

How is Check Point adapting to changes in cybersecurity trends?

We've been in the business for 30 years, led by our founder CEO who pioneered the stateful firewall. Since then, innovation has been at our core, particularly in AI. Despite AI becoming a recent hot topic, we've been investing in it since 2014. AI forms the backbone of our threat-hunting engines, ensuring advanced cybersecurity measures.

Our approach involves every device running our software connecting to Threat Cloud AI. Originally branded as Threat Cloud, it now incorporates over 40 AI engines and processes nearly two billion security decisions daily. As the landscape shifts towards a battle between good and bad AI, we remain confident in our ability to pre-emptively thwart threats.

Our cybersecurity offerings are segmented into three primary categories: the core firewall Maestro Quantum, a comprehensive cloud security portfolio, and simplified access management through Harmony. Each product category integrates with Threat Cloud AI, which plays a crucial role in identifying and preventing attacks, thus safeguarding our customers.

In essence, our decades of experience and continuous innovation empower us to proactively defend against emerging threats, ensuring robust protection across our cybersecurity solutions.

How is AI changing cybersecurity by addressing new threats, as you mentioned?

New technologies and innovations, like AI, bring both positives and negatives. Recently, we've seen an increase in harmful uses, such as deepfakes and voice cloning. These technologies can impersonate people convincingly, making them tools for deception. AI also fuels automated phishing attacks, which are harder to detect and more widespread than before. 

On the positive side, AI is used for protecting against these threats. Our threat detection systems integrate over 40 AI engines, enhancing our ability to predict and prevent attacks. We've also introduced Microsoft Copilot, automating tasks that were previously prone to human error. Our products like Quantum Maestro, Harmony, and CloudGuard incorporate AI to boost efficiency and security.

AI presents both challenges and solutions in cybersecurity, marking a significant shift in how we defend against evolving threats.

How can businesses effectively use AI in their cybersecurity strategies?

Currently, we're observing two significant trends driven by AI in enterprise operations. Firstly, AI is increasingly used to automate manual tasks, especially in security operations. Enterprises are leveraging AI to enhance data quality and privacy, guided by Chief Digital Officers who are spearheading robust data strategies. Secondly, there's a noticeable shift towards unified security architectures, moving away from multiple point products towards integrated solutions that offer real-time intelligence and automation. This proactive approach aims to bolster effectiveness amidst rising cyber threats, positioning enterprises well for the future.

How does Check Point ensure responsible and ethical use of AI in cybersecurity?

We focus on three key aspects when positioning our products: first, their technological superiority and platform capabilities. Second, we consider the customer's deployment process. Third, we engage with partners to plan, design, deploy, maintain, and support the infrastructure.

Regarding ethical AI usage, we believe the market is already aware of its importance, especially among large enterprises like banks, stock exchanges, and manufacturing giants. Our role as cybersecurity expert is to assist these enterprises in deploying AI securely. We work closely with strategic customers to understand their networks and deployments, offering architecture recommendations to enhance security using AI.

In summary, ethical AI usage is a top priority for enterprises today. We focus on ensuring that AI deployments are not only effective but also secure and protected.

Could you briefly explain the threat of deep fakes in phishing attacks today, and how AI can detect and prevent them?

The topic of deepfakes is significant. Over the past four or five years, we've seen a notable increase from around 25,000-30,000 known cases of deepfake fraud to nearly 250,000 today. Deepfakes involve simulating a person's face or gestures, and even cloning their voice.

Recently, a company lost over $25 million in a deepfake video scam where attackers impersonated the CEO, CFO, and COO to fraudulently release funds. Creating deepfakes requires substantial expertise and resources, making it more complex than typical phishing scams.

Artificial intelligence plays a crucial role in combating these threats. AI can analyse visual and vocal cues that distinguish real from fake — details like facial movements, hair style, and lip synchronisation. By leveraging AI, we can detect and prevent such attacks.

It's a sophisticated form of cyber-attack, but with vigilance and the right security measures, we can stay ahead. Both companies and customers need to deploy robust security platforms to protect against these evolving threats.

Besides AI, are there other technologies that Check Point is investing in to enhance its services?

We're expanding our platform to offer comprehensive end-to-end solutions, driven by conversations with CXOs who want to streamline cybersecurity tools and vendors. Recently, we strengthened our Secure Access Service Edge (SASE) platform with the acquisition of Perimeter 81. India, being large and densely populated, presents a burgeoning market for SASE, where we anticipate launching a leading product by year-end.

Email is increasingly a prime target for cyber threats. Our advanced email security product boasts industry-leading catch rates — essential as 70-80% of current threats are email and collaboration focused. The rise of platforms like Zoom adds to these risks, highlighting the need for robust security measures.

In addition, we're enhancing our product lineup with cutting-edge firewall technology like Maestro Quantum, renowned for its speed and efficiency. We're also focusing on cloud security, responding to the growing trend of DevSecOps. India's developer community is crucial here, demanding innovative security solutions like SPECTRAL.

Cybersecurity evolves daily, and our commitment is to outpace emerging threats. These are the areas where we're intensifying our investments and go-to-market strategies.

What cybersecurity trends do you foresee shaping the next five years?

AI is becoming increasingly integral to our lives. The excitement and concerns surrounding AI today are reminiscent of the impact cloud technology had five to ten years ago. This trend is here to stay. However, the types of cyber threats we face are evolving.

Deepfakes and voice cloning are emerging threats that will continue to grow over the next five years. Another significant concern is mobile security, particularly in countries like India with a large population and nearly 700 to 800 million smartphones in use, many of which run banking or telecommunications apps. It's crucial to educate users about securing their phones, as a single malicious app could lead to financial loss and privacy breaches.

While there haven't been major incidents yet, mobile security remains a potential threat that needs proactive management. We advise banks and telecom companies to prioritise app security on mobile devices. Alongside these new threats, traditional cyber attacks are also advancing in sophistication, indicating a rising threat landscape for Indian enterprises.

The key lies in how well-prepared enterprises are in terms of their security posture. Our role is to assist and support them in enhancing their security measures. This proactive approach is essential as we navigate the evolving cybersecurity landscape.