The Regional Director Africa, CheckPoint Software Technology, Mr. Rick Rogers, spoke with Nosa Alekhuogie on the danger of increasing rate of cyberattacks on organisations and how best to mitigate such attacks. Excerpts:
As a world class cybersecurity company, what are the major global security threats, and what are the possible solutions?
Cyberattack is open ended, but what we are positioning is Generation 5 technology solution. So, we are moving into an era of massive attacks, and you must have seen this massive attacks where it spreads. It was in the United Kingdom, Ukraine, and then to Norway. We believe that most organisations are not investing enough to secure their environment to prevent that. If we look at Generation 1 solution, which was the firewall and now we are sitting at Generation 5 solution attacks but a lot of organisations are still deploying Generation 1 technology. So generation 1 was firewall, you can’t skip firewall and say its not relevant, because you always need those components. So generation 2 was maybe some URL faltering, IPS, intrusion prevention with firewall etc. At the moment, there are massive global attacks where you need the threat prevention, where you need the end to end architecture, you need the analytics. So security threats can be seen from end point, meaning computer, desk top device end point, servers, virtualisation, cloud security and mobile security.
Security is a major issue hindering the growth of mobile money in Nigeria. How is CheckPoint working with telecommunication operators to make sure that their infrastructure is secured?
Well, there are a couple of ways that we work with mobile operators, and I will look at it in three key areas. The one area for mobile operators is that we protect the IT infrastructure, and we do the same for the telecoms. Over and above that, the core infrastructure also needs to be secured and as I mentioned earlier, we have the technology available that the mobile operator can use to solve security issues from mobile devices to their customers.
What are the specific solutions developed by CheckPoint to address cyber insecurity, especially in Nigeria?
We have the Next generation Firewall, UTM, virtualisation, and cloud guide solution which depends on our solution too. We have threat detection solution as well that majorly introduce preventive measures for networks.
Prevention is a checkpoint ethos. We believe prevention is better than cure and we try as much as possible to prevent virus from gaining access into organisation’s network, this is because once a virus gains access into organisation’s networks, it becomes too late to prevent and control. We have a range of appliances but we have a consistent software with a range of hardware and this is the full suite of firewall. We have all the intermediate steps of intrusion prevention, URL faltering, and all the different components to secure data centre.
In terms of percentage growth, how would you see the adoption of mobile security in Africa?
We are starting to make progress in that area and we are starting to get traction, I think a lot of organisations are still deciding on the Bring Your Own Device (BYOD) strategies, so if you look at it from an enterprise perspective, the key strategy on management security is not there yet. We obviously do take the time and effort to ensure that organisations understand that it’s a critical component that they need to secure. So we are making progress, we are getting customers to understand that we are not quite there yet. We also have a separate strategy when it comes to the consumer component and the consumer element of securing mobile devices meaning that for example, a mobile operator can actually take our security application and resell it to the market.
In terms of adoption rate, have you been able to calculate how much progress you have made?
If you look at it from a CheckPoint perspective and strategy, mobile is very important, the whole infinity architecture is very important to us so we have been here for over 10 years. We have over 300 customers in the market and over 30 resellers in the Nigerian market. So we are part of the security landscape. In my opinion, we are the leading security vendor in Nigeria, so the feasibility around mobile is at a global context and that is a very dangerous place not to get secured, because that gives hackers the ability to penetrate at corporate environments. So the idea to to specifically do a business case around mobile in Nigeria is not economical. What we are doing is a business case about the entire environment and mobile is one of those key elements that we need to position with our enterprise customers that’s critical for them to adopt.
The Nigerian government is faced with insider attacks like insurgencies. Does CheckPoint have a solution for these kind of attacks?
We have the Sandblast range and the Sandblast is our trademark for threat prevention. So we have Sandblast agents for endpoints, for computers such that if an insider accidentally puts a USB that is malicious, then we would block that. Technology is a component of security and we have the full suite, from end point to mobile devices to virtualisation to cloud to provide a consistent security approach. But if someone is maliciously hacking, then that becomes a culture with internet organisation that also needs to be addressed.
Aside addressing organisations’ cyber threats, is CheckPoint also talking to government in respect to securing their data?
Yes we are. When we look at a market, we look at it holistically, as we look at technology, we also look at it holistically. We don’t come into a market and say we are only going to focus on enterprises, so we talk to the entire system that needs security. The public sector, Central Bank, revenue services, especially entities that really understand, are all the sectors that our solutions address. You can appreciate that some of the groundwork that we do undertake is to educate certain institutions, organisations or pillars of the society about security, but we do address everything.
In regards to the cloud market, CheckPoint said the cloud market would reach about 190 billion dollars by 2020. Is this a global statistics, and is it restricted to a region and how do you envisage this growth?
Cloud is not going to go down or decrease, it is here to stay because it provides agility and flexibility kind of pay as you grow. It is certainly the adoption of the future and that depends on few things such as in-country resources. This is aimed at making it really effective as Microsoft is now doing in Nigeria, where they are busy building data in Cape Town and Johannesburg in South Africa to make it more accessible to customers.
So definitely, cloud services, cloud adoption, and people moving to the cloud, that’s the way of the future. A lot of businesses are still sceptical about putting information out there, so what we do is to carry out testing and proof of concepts with customers. We run trials with them, we test equipment, security, feasibility because there is a business drive. There is also the concern about security, we offer the security solution and we also talk to customers to ensure that if they have the business desire, that can be protected, but a lot of it to me is resources, infrastructure, bandwidth, among others. All of those components need to be in place for cloud to really become attractive. Cloud security should be a shared responsibility, it should be between the customer and the provider.
What are the solutions to address the after effect of cyber attacks, should organisations suffer from it?
First of all, they should try to prevent it. I think any organisation today should look at prevention, second would be to understand what is infected and isolate that from the rest of the environment. Organisations do have disaster recovery, they also have incidence response. And it’s a service we provide as well, so even if it did occur, we provide that service and some organisations contact CheckPoint proactively to provide that incidence response. We can do the analytics, we can trace it down to the root cause and we can provide them a solution and we can rectify the problem but I must state that prevention is better because once malware is in and you do not have the proper segmentation in your network, it spreads like wild fire.
As the Regional Director of CheckPoint in charge of Africa, what is the risk level in Africa for organisational breeches?
Looking at the risk level, as at last month, Nigeria was number 1 but now it has dropped to 8th. So we do have research, we came up with an index rating, and from this index, we can actually see and rate countries and all the rest. But it is a good measure to understand where a country sits in general and the amount of attacks that has been targeted at specific countries.
What do you think was responsible for Nigeria dropping to 8th Place?
You do have cycles, so there could have been a lot of attacks, I think the security in Nigeria affects the customers that we work with and we have over 300 customers which include the government, banks, multinationals and even the telecommunications sector. We even handle security with Internet Service Providers (ISPs). so instead of ISPs just going out to provide internet access, they provide internet access with security and we do that in Nigeria.
Most organisations in Nigeria are slow in the deployment of cyber security solutions because of high cost. What is your advice for them and do you have any solutions for small organisations?
For small enterprises, we have the 700 series appliances. As I said earlier, if you look at our appliances, including hardware, we have the big appliance; the 64,000 and then the 700 series appliance. It runs the same software and security service. So all our security services are consistent across our entire platforms.
Now the 700 series is positioned competitively against other small enterprise security appliances, and it is not pay as you use. It can be bought straight off or as I mentioned earlier, ISPS can actually take that and do a lease or put it to other commercial use.
What is your advice for technology start-ups in the area of cyber security?
First of all, these technology start-ups would get bigger. If you look at Internet of Things (IoTs), it is almost unlimited, you can get smart cars, you can get smart houses, appliances etc. So we are entering into an era of massive technology explosion. And as technology increases, so does the risks, and there are many angles to this but maybe for some start-ups; I think awareness and education are key factors to consider. I think there is a lot of companies doing the development at the moment. At my last count, I think there was probably like 680 technology companies that play in the cyber security space.
What is your future projection for the Nigerian market?
So we do a lot, we do trainings in Nigeria, we have CheckPoint certified training for technical people, CheckPoint certified administrators, CheckPoint certified experts. We try to do two of those courses every three months in Nigeria. Over the last couple of years, we have trained hundreds of engineers and technical people to become certified in CheckPoint technology. We have a lot of customers and we train our partners, and we have about over fifty partners in West Africa, which is an on-going activity. Technology moves as you know, so we have new versions. Last year we had IRT, this year we have IRT.20 among others. As technology moves, security improves. We constantly train our people. We do monthly trainings, we do roundtables with customers to get the message across for them to understand that we do technical trainings. We try to get the overall strategy across to the market on our Generation 5 solution, which companies should be looking up to for their future business.