Check Point Unveils a New Security Strategy for Enterprises in the AI Age
The ongoing AI arms race has become a central theme in cybersecurity, with both defenders and attackers rapidly adopting the technology and looking to wield it to their advantage.
Roses Are Red, AI Is Wild: A Guide to AI Regulation
The ongoing AI arms race has become a central theme in cybersecurity, with both defenders and attackers rapidly adopting the technology and looking to wield it to their advantage. In many ways, it’s an escalation of the typical cat-and-mouse nature of cybersecurity, though greatly accelerated and with higher stakes.“The AI battleground is here,” CrowdStrike wrote last year. “Adversaries are weaponizing AI to launch attacks with unprecedented scale, speed, and effectiveness. In response, defenders are turning to AI as an analyst force-multiplier, using it to offload repetitive tasks, accelerate decision-making, and scale expertise across the SOC [security operations center].”However, a problem is that AI innovation is outpacing most security teams, according to Roi Karo, chief strategy officer for Check Point. This is going to require a rethinking by businesses in how best to protect themselves.“As AI reshapes how work gets done, and how attacks are carried out, Check Point believes organizations need to rewire security for the AI era: not by adding more tools, but by rethinking how security is designed and operated when both attackers and defenders use AI,” Karo wrote in a blog post this week. “It is a more coherent, prevention-first approach that enables organizations to innovate with AI, while staying firmly in control – and doing so in a way that is operationally practical for real security teams.”The Pillars of AI SecurityThe security vendor is proposing a new approach to security for the AI age and is refocusing its solutions and investments to address four key pillars, a shift that led it to buy two cybersecurity startups – Cyclops Security and Cyata – and acquire the team at Rotate, an AI-powered managed detection and response (MDR) firm whose integrated platform will be used to help grow the solutions in Check Point’s Workspace platform for MSPs.The pillars underpinning Check Point’s new strategy include protecting increasingly distributed enterprises from the data center to the hybrid cloud, branch locations, and the secure access service edge (SASE). This will include an AI-powered control plane and a prevention-first enforcement strategy.Other pillars include protecting digital workspaces where humans and AI interact – which include devices, browsers, email, SaaS applications, and remote access – and giving enterprises visibility into their entire attack surface, prioritizing risk with context, and moving from vulnerability management that now is reactive to continuous and intelligence-based risk reduction, according to the vendor.The final pillar deals with protecting the full AI stack, from employees’ use of the technology to enterprise applications, AI agents, and components – AI models, data, and infrastructure – that drive them. This will make it easier for organizations to adopt AI both safely and at scale, Karo wrote.“These pillars are delivered through what we call an ‘Open Garden’ platform that is designed to work alongside the broader security ecosystem, giving customers flexibility to integrate with other tools rather than being locked into a closed stack,” he wrote. “AI will continue to reshape how businesses operate. Our commitment is to ensure it does so safely.”Expanding the PortfolioNo financial details concerning Check Point’s acquisitions were released, though Israeli tech news site CTech by Calcalist put the total for all of them at about $150 million, with about $85 million used to buy Cyclops.Cyclops, founded in 2022, offers an AI-powered risk prioritization and remediation platform that includes a ChatGPT-like contextual security search engine security teams can use to query their environments using natural language.Check Point is buying Cyclops to close what Karo called a visibility gap security teams struggle with as cloud environments expand in minutes, shadow IT crops up without notice, and AI tools create data flows that often can’t be mapped by traditional security systems.Folding Cyclops and its cyber asset attack surface management (CAASM) capabilities – which deliver a continuously updated view of an enterprise’s digital footprint that includes the cloud, on premises, and the Internet of Things – into Check Point will help security teams reduce blind spots, assess risk in a business context rather than simply evaluate raw vulnerability data, and accelerate remediation decisions, he wrote.Needed VisibilityTwo-year-old Cyata created a control plane to provide visibility into the security risks associated with AI agents and AI models like chatbots and copilots.“AI agents can access sensitive systems, process confidential data, and take automated actions, which makes them incredibly powerful, but also potentially dangerous if left unguided,” Karo wrote. “Cyata brings deep visibility into where AI agents are operating, how they behave, and what risks they may pose – enabling security teams to apply appropriate guardrails without slowing innovation.”The Rotate deal will drive more consistent protection across devices, browsers, email, SaaS, and remote access, he added, noting it also makes it easier for MSPs to deploy and manage Check Point’s solutions at scale.“These acquisitions are not isolated investments; they are part of a broader strategy to secure the AI-powered enterprise end to end,” Karo wrote, noting the need to increase transparency in risk management, protect conventional infrastructure and new AI technologies, and grow security measures for companies and MSPs. “In short, security must be embedded at every stage of the AI transformation: network, workspace, and AI systems alike.”
About Author
