Check Point Software: New Approaches Needed for Cybersecurity
… the rest of its executive team.
“The chief information security officer (CISO) needs to report to the company’s general counsel because the general counsel understands risk,” he said. “That’s not happening now, because security was birthed out of IT, so instead most of those people report to the CIO. This is a crucial piece. The CISO carries the weight for security.”
The general counsel, who is part of a company’s board, can then have the needed high-level discussions around issues such as IT security budgets when additional funding is required, said Doyle.
“They need to articulate that while they have a $10 million security budget, they actually have a $12 million security problem, and that the extra $2 million buys this much risk — and what do you want to do about it?”
Information like that coming from the general counsel carries more authority and offers a better reporting structure than going to the CIO, who gets a Christmas bonus based on how much money was saved, said Doyle.
“All the CISOs I’ve spoken to say this is what we need to do. It’s the general counsel who truly understands risk. That’s the business they are in.”
Paula Musich, a security and risk management analyst with Enterprise Management Associates, said Check Point’s approach to providing a full range of unified products to help secure business data and systems can be helpful.
“From a strategic standpoint, CISOs or other IT security executives who are struggling with the complexity of managing 80-plus security products and vendor relationships for different functionality might find Check Point’s consolidation and integration of functions compelling,” said Musich. “Check Point is one of the leading independent IT security providers in the market, although it is not recognized in North America quite as much for that distinction. It is well-known as one of the leading network-security technology providers in North America, but that belies the breadth of its product line.”
Last month, Check Point introduced Maestro, a new architecture designed to secure networks both large and small by orchestrating multiple security gateways, which prevent unsecured traffic from entering an organization’s internal network, into one unified security system.