Cyber security by way of simple definition is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
These types of malicious attacks cripple companies and governments alike across the globe. Around the world numerous investments in cyber security are put in place due to the sensitivity of the matter.
As a result, security firms have sprung up in order to provide the much-needed protection of crucial data that can be detrimental when placed in wrong hands. One such company that has maintained a golden standard when it comes to security needs is Check Point. Pankaj Bhula leads Check Point’s EMEA as Regional Director for Africa. Pankaj has an experience spanning over 25 years in the Digital Technology Industry, both locally and internationally, which includes the likes of working for IBM, Dimension Data, Microsoft and SAP. Capital got hold of Pankaj for an in-depth insight. Excerpts;
Capital: How was Check Point Software founded and what services does it provide at its core?
Pankaj Bhula: Established by CEO Gil Shwed in 1993, Check Point introduced FireWall-1, the IT industry’s first stateful inspection firewall technology. Over a quarter of a century later, Check Point’s ground-breaking technology remains the gold standard for network security, and the company has continued to deliver innovative cybersecurity solutions.
Check Point innovation begins by understanding customers and their evolving security needs. Today, our leading-edge technologies secure networks, enterprise multi-cloud environments, and endpoint and mobile devices.
Check Point is the only vendor to provide a fully consolidated cyber security architecture that provides unprecedented protection against 5th Generation cyber-attacks with an industry leading catch rate of malware, ransomware and advanced targeted threats.
Check Point’s Infinity Gen V security architecture is a unified platform that has three core solution pillars, supported by automatic, real-time threat intelligence uncompromised security. The three pillars comprise Gen V threat prevention across enterprise mobile (Harmony), cloud (CloudGuard), and network and data center environments (Quantum).
Check Point’s history with preventative solutions uniquely combines policy, people, and enforcement for greater protection of information assets and helps organizations implement a blueprint for security that aligns with business needs. Check Point provides comprehensive and cutting-edge cyber security technology to more than 100,000 organizations of all sizes and millions of users around the globe. Our foundation for success is our customer-driven philosophy, our continuous technological innovation, as well as our relentless focus to provide comprehensive, innovative security throughout the world.
Capital: Describe for us the remarkable Check Point Cyber Security Jumpstart Programme with regards to its initiatives, recent accomplishments as well as the in-depth modules offered in the programme.
Pankaj Bhula: Jump Start is a free series of world-class online training and accreditation courses helping cyber security and network professionals develop their skills and close the cyber skills gap. Available on online platforms like edX, Udemy, Cyberary and Coursera, these are aimed at upskilling security and IT administrators on cyber-threats and security management across mid-size and larger enterprise networks.
Check Point’s world-class eLearning training and accreditation courses are compatible with industry programs such as ISC2, ISACA, CompTIA and CPE. Students will earn up to 60 CPE credits to renew their Cyber Security certification, and Check Point Partners will earn “Engage Points”. Upon completing the free training programme, exams and certificates of completion are awarded. The knowledge acquired in these courses can be used by professionals who are looking to advance their skills and knowledge in their current role or professionals who are looking to better position themselves for their next role.
Modules on the course include:
Check Point Jump Start: Network security – this course introduces Check Point’s Network Security solution. The module encompasses learning how to configure, deploy, manage, and monitor Check Point on a chosen network.
Check Point Jump Start: Small/Medium Business – this course teaches students about the Check Point Small/Medium Business Network Security solution, a cost-effective way to implement the full suite of Check Point access control and zero-day threat prevention features to protect a business.
Check Point Jump Start: Maestro Hyperscale Network Security – In this course, students learn about the Check Point Maestro Hyperscale Network Security solution, an innovative way to simplify a network security workflow orchestration and seamlessly scale up existing security gateway infrastructure on demand.
Check Point Jump Start: Cloud Security – This provides training in Check Point CloudGuard, a comprehensive cloud security portfolio, designed to prevent the latest fifth generation (Gen V), multi-vector cyberattacks targeting enterprise cloud services.
Check Point Jump Start: Product Deployment- In this course, students learn the concept of software deployment and the methods and tools used for deployment of Check Point products. And, drills down into each deployment tool, providing an overview of how to use it given a common use case.
To date, Check Point Software has trained over 20000 students and cyber security professionals across Africa in the Check Point Jump Start programme to address the demand for skills in cyber security in the IT industry.
Capital: In this day and age, there are many young people under the age of 18 interested in technology with self-taught coding skills. What is the eligibility of acceptance for the Check Point cyber security jumpstart programme for such brilliant minds? Similarly, do you have such initiatives for the early bird pen testers?
Pankaj Bhula: Thanks to the flexibility of online courses, everyone can take advantage of these web-based platforms to progress their education outside of the traditional classroom. The programme enables maximum flexibility to learn from anywhere at any time.
Check Point Hacking Point is a new Global Education program to help master all types of Pen Testing techniques and Cyber Security practices. This program is relevant to administrators, SOC analysts, entry level/intermediate level penetration testers, and network engineers.
The goal of this program is to provide students with deep knowledge in cutting-edge Cyber Security threats. After completing the program, participants will understand how to better protect the corporate network and resources.
Capital: As Check Point Software Technologies LTD what are some of the strategies you have employed to increase security efficiency?
Pankaj Bhula: Our mission is to provide any organization with the ability to conduct their business on the internet with the highest level of security. We address organizations’ most imminent cyber security needs based on three core principles:
Prevention-first approach – deploy pre-emptive user protections to eliminate threats before they reach the users
Gold Standard Management – single pane of glass to manage the entire security estate
Consolidated Solution – realize complete, preemptive protection against the most advanced threats while achieving better operational efficiency
To make our vision a reality, in 2021 we have recalibrated our Infinity portfolio of products to focus on those technologies and capabilities that will provide uncompromised security based on our three core principles. Check Point has taken over 80 products and technologies and organized them into three main pillars: Check Point Harmony (full preventative protection for remote users), Check Point CloudGuard (consolidated security and threat prevention across all cloud environments, assets, and workloads), and Check Point Quantum (the most complete network security solution for every organization, perimeter, and datacenter). These are all managed by Infinity-Vision, the industry’s leading unified security management solution.
Capital: How would you describe the Cyber Security space in Africa? Does Africa have the right governance strategy to minimize cyber risk in comparison to other parts of the world?
Pankaj Bhula: The 2021 Cyber Security Report shows how hackers and criminals exploited COVID-19 pandemic in 2020 to target all business sectors around the world with the key tactics including cloud exploits to phishing and ransomware. Cybercrime is on the rise and Africa is not excluded.
It is predicted Africa’s digital economy is set to grow to almost $180 million by 2025, with this expansion in online technology increasing the risk of cyberattacks. However, many African member countries still lack proper policies and strategies to combat cybercrime. On the continental level, in 2014, the African Union adopted the Convention on Cybersecurity and Personal Data Protection. However, only 14 of the 55 African Union member countries had signed the convention, and only seven ratified it, by January 2020.
While there are signs of cybersecurity legislation and enforcement measures on the continent gradually improving, we are in an era sophisticated type Gen V attacks, and today’s organisations need to maintain a minimum Gen VI security portfolio to transact in this new digital world of cloud and mobility.
Capital: Check Point Cyber Secure Academy recently partnered with Addis Ababa University, what are the benefits of the partnership?
Pankaj Bhula: This partnership shares a common goal, to promote and enhance educational and career opportunities in the IT sector for students not only in Africa but around the world. Addis Ababa University is one of the top universities in Africa and largest university in Ethiopia, and this programme provides a comprehensive cyber security program to students, by integrating world-class cyber security training through the Cyber Secure Academy courses while integrating current university curricula. Completing the course gives students industry-recognised certifications in cyber security skills, helping to equip the next generation of cyber-warriors with the skills they need to succeed in the industry.
Capital: How do you describe Africa’s readiness to cybercrimes?
Pankaj Bhula: Africa is firmly in the crosshairs of cyber criminals. Every day, the continent’s people, countries and companies are targeted by internal and external attackers bent on stealing data and money. The scope of these activities is staggering and deserves closer attention. According to Check Point Research’s Threat Intelligence Report for Africa, at the beginning of this year, the region saw an average of 1 293 weekly cyber-attacks on African companies, compared to just 485 attacks per organisation globally.
The most targeted country was reported as Angola, and the top malware, Emotet, impacting 13% of organisations in Africa. Perhaps more critically is that 87% of malicious files in Africa are delivered via e-mail, which lets us believe that there is still a fair amount of education that organisations need to do to improve their security defenses. A common method used by cyber criminals is sending remote code execution files, with the report showing that over 61% of organisations have fallen prey to this type of attack.
Why is Africa such a favored target? It is tempting to point to the continent’s incredibly high mobile-phone penetration, though experts note that most of these are feature phones and thus not really a cybercrime interest. Instead, attacks on smart devices in Africa are comparable in type and numbers to other regions, despite a much higher user number. This indicates that the average person in the street often does not interact with the staging areas criminals could use, such as compromised app stores or mobile device management environments.
Instead, it is crucial to note that the attacks used on African targets are the same as seen elsewhere. The situation is not unique. Perhaps the higher prevalence of local attacks point to shortcomings in preparedness and technology investments.
The higher attack rates are in part because consumers and businesses do not have the latest technologies with the best security on them, and secondly, because there is a lack of general awareness around security in less developed regions. Thirdly, because of the growing demand for digital and cloud-based services. The reality is that the security solutions do exist, but there is simply a lag in uptake.
Cost is a contributing factor. As an emerging economy, Africa often does not have the disposable income to spend on constant technology refresh cycles. Numerous businesses rely on legacy on-premises environments that, in some instances, have passed their shelf-life.
When you are sitting on a large vault of legacy solutions that are difficult to upgrade and maintain – your security also suffers.
Africa, of course, is not a country. Cyber-attacks don’t happen equally across its landscape. Countries like South Africa, Kenya, Nigeria and Angola receive much more attention from criminals, attracted to digital maturity, diverse industries and large corporate landscapes. In particular, South Africa is a big fish – according to Accenture, it has the third most cybercrime victims worldwide, losing 2.2 billion South African Rand a year. But such economies are also more likely to invest in better security.