The world’s largest dedicated security firm, Israel’s Check Point, still refuses to give an inch. Fashions wash over the industry on a never-ending hype cycle and yet the message handed out at the firm’s annual CPX 2016 developer and partner event in Nice this week was reassuringly old school - prevention is always better than cure and might cost you less in the long run.
A decade ago this would have been an inarguable orthodoxy and yet with younger US rivals such as FireEye, Fortinet and Palo Alto snapping at its heels pushing newer ideas angled more towards real-time detection and response, there is more explaining to do.
The “old school” message is still there because, fundamentally, the problems we face today haven’t changed all that much from the last 20 years. They are only on the rise now we are now more connected with more kinds of devices that connect in more places than ever before. The underlying risks are still the same, but with more and more data in more and more devices in more and more places, the impact of a control failure (or lack of controls) is far greater. The attacks and the attackers are more sophisticated, but the class of problems being exploited aren’t fundamentally different.
It’s not now, nor ever has been, an either-or proposition when it comes to detection versus prevention. You must do both and you must do both well if you’re going to stay one step ahead. Even organizations who employ predominately “fast detection and remediation” solutions still, for the most part, have traditional security controls in place. Clearly, a bank in Bangladesh could have used a little more of both.
While I wasn’t lucky enough to go to CPX in Nice, France, I will get a chance to go when it hits Chicago in a couple of weeks and hear for myself what Gil Shwed has to say. Will you be there?