The
president of Check Point Software Technologies spends
his days counseling information-technology executives
on the benefits of firewalls and virtual private networks.
Actually, he does a lot more than offer disinterested
advice. Even amid the dot-com implosion and the general
malaise affecting IT spending, Check Point has had
a better story than most to tell to Wall Street.
The company beat earnings estimates for its June
quarter, with revenue up 57 percent from the same
period the year before. Meanwhile, management told
analysts that it expects profits to be up 50 percent
this year. That good news is primarily due to the
veritable explosion in cybercrimes and hacking, a
trend that has given a needed boost to the Internet
security sector.
Once a mainframe maven, Ungerman has helped Check
Point establish itself over the last three years as
the de facto standard for firewalls, considered the
second-most-popular Internet security technology after
antivirus software, according to a 2001 survey by
the Computer Security Institute.
To be sure, the company finds itself in a business
where all the trend lines are pointing north. Market
researcher IDC recently predicted that the Internet
security market would grow an average of 23 percent
annually for the next five years, hitting $14 billion
in 2005. Business consultancy Gartner expects companies
to spend 10 times more of their IT budgets on security
by 2011.
Ungerman spoke in a recent interview about developments
in the Internet security business and his plans for
Check Point.
Q: How did you get into security? Coming from the mainframe area, where there is
also an interest in security, what do you see as the
big difference between that era and today? Check Point has been a darling of the security
market for quite a while. What do you think you do
that others don't do? The tech slump has hit many security companies
as well, but Check Point is expecting 50 percent profit
growth this year. Why is that? We don't have the same growth rate that we had a
year ago, and we find the market very challenging,
very difficult. And we don't think anything is totally
immune to the macroeconomic environment we are in.
But we do seem to be on a relative basis doing better
than most everyone else.
Do you think companies now saying, "We don't
need new computers, we don't need to expand our information-technology
budget," are instead coming around to saying, "Let's
get our security straightened out"? Do you think it also points to some housecleaning?
A lot of companies saying, "If we are not going to
grow, at least do it right"? Do you think the security situation is getting
worse? As corporations continue to use the Internet--and
I think the growth will continue to explode, especially
as we move into wireless--and you start tying in partners,
customers and suppliers, it's even a bigger issue
to focus on. Fortunately, the technology is in place
to allow them to actually secure the data much more
effectively than they could in a traditional private
network.
You mentioned that a lot of hacking is not reported
because of the stigma. Yet, on the other hand, companies
can't really secure themselves. Do you think that
we will get to a middle ground where people might
say, "Yes, we were hacked, but we were able to mitigate
the damage," and thus remove that stigma? Are we a long way away from being able to deal
well with network attacks? What do you think needs to be done policy-wise
to help large corporations and those forming the backbone
of the economy? A lot of people focus on privacy and privacy policies,
but they don't ask, How are you going to secure that
data that you said you won't give to anybody? It is
up to the individual businesses and consumers. There
is a whole awareness philosophy that the government
could get into, could help foster.
What are the big challenges for security and
for Check Point?
Is there still a lot of room to grow in the firewall
space? In the end, do you think a firewall is going
to be something that anyone on the Internet is going
to need? 
Q&A When it comes to Internet
security, Jerry Ungerman knows perhaps better than most
that it's a rough world out there.
A: I joined Check Point almost three years ago. I
had been in the computer business for many years--primarily
on the mainframe and storage side, high-end services
and solutions--and we just happen to run into each
other.
Then it was very much internal to the IT department...(authorizing)
who could or could not get to the mainframe. And now
it's about the network and the Internet, so it is
much more of an external vs. an internal view. You
are still trying to protect the same assets but at
a different point. It used to be about putting a perimeter
up. But now it's about allowing access but doing it
securely. Because of the Internet and networks, that
has made it a much different and much more important
focus.
There is a broad umbrella that is called Internet
security. It encompasses a lot of different technologies:
content filtering, URL filtering, intrusion detection,
PKI authentication and authorization. We're in what
is considered the core of the most fundamental piece
of the security business, which is firewalls and virtual
private networks. First and foremost, it is the only
one of all the different security technologies, in
a macro sense, that provides true security. It decides
who gets in and out of a network. So it provides all
the access control necessary to provide the security
for an enterprise.
I think that gets back to the same point. It's because
we are bringing out firewalls and VPNs. Firewalls
are must-have, not as discretionary as the other kinds
of technologies. Also, our VPN technology saves companies
a lot of money. So I think those two products combined
together is what helping us, relative to the others.
Yes, they are. This is all about using the Internet--gaining
the efficiencies and effectiveness of communicating
to your employees, your partners, customers and suppliers,
while using the Internet as your communication backbone.
To do that, you need to focus on securing those connections.
So this is about saving money, increasing your overall
corporate productivity, but you can't do it unless
you secure those connections to the Internet, which
is why there still is a focus on security. It is important
to note that although security is among the top few
issues that CIOs or corporate executives are focused
on, even with that, we probably only make up 2 to
3 percent of an IT budget.
I don't know about doing it right, but the more they
open it up, the more they need to secure it. Eight
years ago, after we started in the business, securing
your network meant shutting it down, not letting anyone
into it. Well, today it means opening it up if you
are going to be effective in the e-business world,
but opening it up securely, which is why people are
adding so much more security technology than anybody
thought would happen in as little as four years ago.
Because now they have to protect more and more nodes,
connect more offices, allow more remote access connections,
and protect the network down at lower levels as they
have opened it up.
It's getting a lot worse. Reported hacking attempts
in the year 2000 went up 77 percent over 1999.
That's a pretty sizable increase and, again, most
of the experts will tell you that the vast majority
of hacking is not yet reported. There are too many
negative implications associated with that. The companies
don't acknowledge that they had their network hacked.
So, yeah, it's on the increase.
I don't know if it's a stigma as much as they don't
want the rest of their constituents to know that their
data is vulnerable (because) they might not want to
do business with them. There are always going to be
attempts, and if you have the right security architecture,
you'll see that, you'll know that, but you will have
prevented it.
The technology is in place; it's just a matter of
people spending the money, putting people in place,
and taking it seriously. But there are millions of
businesses out there that could be vulnerable. There
are going to be millions of businesses that are going
to need the Internet, and they will need to be secure.
I don't think they need the help of the government.
I am very impressed with enterprises. They understand
it. They get it. In fact, I think they get it better
than the government. Usually, when the government
gets involved, it's how to catch people, not how to
prevent it. You can't do this through legislation.
IT just needs to be more aware and understanding of
the importance of security.
The biggest challenge is the pervasiveness of the
Internet and the use of it as we are moving into broadband
with cable modems and DSL. What everybody loves about
(broadband) is it's always on and (has) high performance,
but if it's always on in a shared environment, it's
always vulnerable. So that is exposing some new concerns
for both corporations and consumers that they may
not have had before. Wireless is another very big
opportunity that if you are going to connect a wireless
device into a network, it is going to again have to
be a secure connection.
I think we're going to be moving into (a period) where
the Internet is going to play a bigger and bigger
role as a communications backbone for consumers as
well as businesses. If you get a smart home of the
future that has multiple IP devices in it, you are
going to want to protect that home; that's going to
require a firewall at the residential gateway to protect
everything in there, especially when you are gone.
And corporations are the same way. If they are going
to take advantage of these broadband, high-speed connections
for their employees, whether they are in a hotel,
in an airport, or at home...that's going to be the
new perimeter--every individual desktop.
Oh, yeah. We have about 80,000 customers today, and
there's an opportunity to secure 10, 20, 30 million
customers. We can see firewalls and VPNs as a market
opportunity in a good economy of 50 to 60 percent
growth opportunities for many, many years to come.
We are at the very early stage of deploying the type
of technology that we have.
Yes. With every kind of device. So, it's not just
everybody, but every kind of device that is going
to connect to the Internet--so every PC, every PalmPilot,
every cell phone. We are very confident in where we
are today in development, when third generation is
here, which is the bandwidth necessary to make it
a viable data device, that we do have the security
technology that will fit both at the gateway as well
as on the device itself.
Security
Lack of collaboration, disclosure affecting APAC security posture
Join Discussion