Brian McHenry, the Global Head of Cloud Security Engineering at Check Point Software Technologies, has been at the leading edge of cloud security. In this role, he leads all pre-sales engineering and post-sales customer success for the CloudGuard suite of products and services. Catch the complete Q&A for more:
Hi Brian, please walk us through your current role at Check Point and share your career journey with us.
I joined Check Point in May of this year as the Global Head of Cloud Security Engineering after almost 16 years at F5. At Check Point, I am leading all pre-sales engineering and post-sales customer success for the CloudGuard suite of products and services. I began my career in network and security operations, later joining F5 as a sales engineer. At F5, I held roles leading the application security practice for the Americas and later the global security sales strategy. I finished my time at F5 as the VP of Product Management for all WAF and API Security solutions.
Check Point has been a leader in integrating AI into its cybersecurity solutions. Can you share some of the latest innovations within the CloudGuard portfolio that highlight the impact on enhancing business security?
The over-arching theme of enhancements that have come to the CloudGuard portfolio recently and in the near future relate to one concept: Prevention. Most CNAPP (Cloud Native Application Protection Platforms) focus on inventorying workloads, vulnerabilities, configurations, and entitlements. However, they do not provide much in the way of mitigation or prevention of those assets being exploited. By integrating common CNAPP functions with CloudGuard Network Security and the CloudGuard WAF, any vulnerability or exposure discovered via CNAPP can be much more easily remediated via a compensating control at the edge of the network traffic flow.CloudGuard is an integral component of the Check Point Infinity Platform, harnessing the power of ThreatCloud AI. This advanced system incorporates over 50 AI engines, each loaded with sophisticated AI-driven features and capabilities.
Also Read: AI in Cybersecurity a Threat or Not?
In your opinion, what are the biggest challenges organizations face when implementing robust cloud security measures, and what solutions do Check Point leverage to address or overcome?
The public cloud providers all offer some form of network, application, and workload security tools. However, most organizations are in multiple clouds, both public & private, which leads to tool sprawl. This tool sprawl means security operations teams must learn multiple tools, both their administrative workflows as well as detection and enforcement behaviors. These teams are already spread thin, and this additional overhead maintaining cloud security can be devastating. Check Point Software’s CloudGuard suite offers a range of cloud-agnostic network security, WAF, API security, and CNAPP tools which can be deployed anywhere and managed centrally.
Yahoo Finance reports that the global cloud computing market will reach USD 2,495.2 billion by 2032. What key trends do you see shaping the future of cloud security in the next five years?
Cloud will increasingly be multi-cloud for most organizations, necessitating more cloud-agnostic and AI-driven tools to manage the sprawl of applications and services across these multiple clouds.
In your view, what are the critical components of an effective product strategy in the cybersecurity space, especially for cloud-based solutions?
1) Ensure your products are cloud-agnostic and work virtually anywhere, including the private clouds.
2) Deploy AI, both generative and machine-learning, to simplify workflows, prioritize critical risks, and automate vulnerability remediation.
3) Develop a great user experience which invites the security operator back to the dashboard to investigate and manage their cloud security posture daily, and which also clearly demonstrates the value to the business via risk reduction metrics.
What emerging technologies or trends do you believe will have the most significant impact on cybersecurity plans, processes and strategies in the near future?
The use of AI by attackers to move faster than ever before will drive innovation in both defensive technology as well as processes. Attackers have always held the advantage by virtue of having no availability or reliability requirements. In addition, it has become easier than ever for a novice cybercriminal to gain access to and deploy sophisticated attack tools by virtue of generative AI.
Increasing regulations on data privacy and sovereignty will demand that organizations design and deliver systems with extremely careful data-handling. GDPR and other regulations were only the beginning of this trend.
Improving standards by cyber insurance providers will drive organizations toward more rigorous security practices to ensure that claims can be paid out in the event of a data breach incident.
Check Point is known for its proactive approach to threat anticipation. How do you see AI and machine learning evolving to further enhance this capability and improve response times?
Most implementations of AI in security solutions today involve overlaying AI on existing tools such as network firewalls or endpoint security solutions. Fresh approaches to traditional security controls with foundations in AI rather than AI overlays will yield better security outcomes with greater ease-of-use. For example, the Check Point CloudGuard WAF is unique by not requiring the use or management of any signatures, which are known for accuracy issues which generate both false positives and false negatives. The CloudGuard WAF employs Check Point’s massive data set of threat intelligence coupled with learning a web application or API’s unique baseline behavior to more accurately detect and stop attacks without blocking any legitimate traffic.
As we close, reflecting on the quote by Peter Drucker, “The best way to predict the future is to create it,” how do you see the role of innovation at Check Point shaping the future of cloud security, and what initiatives are you most excited about?
Expect Check Point to lead the way in use of AI to not only improve detection rates but ease the security operations experience. The vital component of any effective security practice is well-informed security operators. When the tools we offer enable more efficient security operations, we all win.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
Brian McHenry is the Global Head of Cloud Security Engineering at Check Point Software Technologies, leading all pre-sales and customer success functions for Check Point’s CloudGuard portfolio. Formerly the VP of Product Management for WAF & API Security at F5, Brian is passionate about aligning product strategies and solutions to more secure business outcomes. Additionally, he is a co-founder of the New York City chapter of Security B-Sides (BSidesNYC.org), an organization dedicated to making cybersecurity careers and conferences more equitable and accessible.
Check Point Software Technologies is a leading AI-powered, cloud-delivered cybersecurity platform provider protecting organizations worldwide. The company leverages the power of AI everywhere to enhance cybersecurity efficiency and accuracy through its Infinity Platform, with industry-leading catch rates that enable proactive threat anticipation and smarter, faster response times.
