Check Point looks to 'consolidation'

newsmaker CEO Gil Shwed, dubbed "Bill Gates of Israel", explains why being "complicated" is good for security industry and how Check Point tools are going broad.

Gil Shwed

newsmaker Observant and alert, and decked out in his usual all-black ensemble, Check Point Software Technologies Chairman and CEO Gil Shwed looks every bit the iconic billionaire some call the "Bill Gates of Israel".

In Singapore this week for a whistle-stop visit, Shwed earned recognition for introducing the patented stateful detection software. The firewall infrastructure eventually led to the development of the company's flagship software offering, FireWall-1, which was created in the early '90s.

When Shwed and his fellow co-founders, Marius Nacht and Shlomo Kramer, first entered the market, they had betted that the Internet--then in its fledgling state--was here to stay and that users would need to secure their computers from threats both within and out of the network. They founded Check Point in 1993 and have not looked back since.

Speaking in an interview with ZDNet Asia, Shwed discussed the biggest threats enterprises face today, the success Check Point has enjoyed in diversifying its business operations, and why complication is good for the security industry.

Q: You've been running Check Point since 1993. What's the main challenge you face as CEO of a security company today?
Shwed: The challenge is always the same: to innovate, to find what new technologies we can come up with, and to better serve our customers.

Where do you see the industry headed toward?
One of the challenges in security today is that it has become a little bit too complicated, but this is not necessarily a bad thing. The complications come because there are lots of innovations, lots of companies, lots of technologies and lots of security challenges in the market. All these also mean that there are many security solutions for customers to look at and implement.

Recognizing this, we are looking at consolidation. This is not just from a financial standpoint of acquiring companies, but also by providing products that solve broader problems, are integrated and easier to use. Recently, we just launched our software blades technology, which is an integrated product with which our customers can choose what service they want and customize it according to their needs. This is a pretty big revolution in security.

So where do you think the weak link is in enterprise IT infrastructure?
There are lots of challenges in security. In the long term, one of the challenges is to deal with targets and attacks--not attacks that are widely known or have big viruses, but attacks targeting specific companies or individuals in the company.

Mid-term, we're not looking at external attacks, but rather preventing data leakages from within the organization. Our challenge is how to prevent employees from intentionally or unintentionally sending data to people outside the company, which might cause significant damage.

Today, the immediate threat we're looking to address is within the company, such as intrusion prevention. People often don't deploy the technologies for network detection on active mode, relying on them for just reports of such occurrences. That's not enough. We're aiming to change this by switching on the active mode in every security gateway.

Wouldn't addressing these threats also require educating the workforce?
I think security is about process, education and technology--they all come together. Our job is to provide technology, and sometimes when the technology is very good, it helps the process become better.

In many areas, it's also about technologies that enable. For example, solutions for data leakages are not used widely--not because people don't want them, but because there aren't any good solutions. With big solutions, these will help improve education, usage and elevate the level of [global] security.

Why not shift your base from Israel to the U.S., which is widely regarded as one of the most important markets for IT and technology?
I don't think the U.S. is the heart of everything.

Yes, the U.S. is clearly one of the largest IT markets and where we have been very successful, with 30 to 40 percent of our business from there. However, American companies sometimes tend to see the whole world through America-tinted lenses, but the U.S. is not the whole world.

There is a lot of innovation, technology and businesses outside of the U.S., which accounts for 60 to 62 percent of our sales. Europe is also not a smaller area than the U.S., and Asia has a lot more potential to offer.

Zooming in on Asia, what's your take on doing business here?
As I said, the region has a lot more to offer, with half of the world's population here and a sizable market to tap.

We're currently doing well in places such as Singapore, Hong Kong and Australia, but we can do much more. In Japan, where we are the leaders there, we can also do much better. It's interesting to observe that Japan is unique and has its own rules of doing business that are different from the rest of the world.

I think China is an important market, and it requires lots of investments. It's one of the more challenging areas to succeed in, and we would need to be patient. However, I would not bet the future of Check Point on any country, even the U.S. To this end, we have been successful in diversifying our business around the world.

In an open letter addressed to you in 2006, Richard Stiennon made some wide-ranging criticisms about the direction your company was heading and how you allowed other companies to eat away at your market share. How would you respond to his letter today?
I think the letter was written three years ago, so it isn't that relevant now. But, there was some good advice in what Stiennon wrote. In one example, he mentioned that Check Point should offer more integrated solutions with appliances. Today, integrated solutions are a very big part of our business, and it's doing very well.

As far as we know, we have also gained share over our competitors quite nicely over the past two to three years.