IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia
Check Point: Be the best, or get out the way

Check Point: Be the best, or get out the way

Thu, 16th Jul 2026 (Today)
Donovan Jackson
DONOVAN JACKSON Interview Editor

Changing security landscapes where AI agents automate attacks for round-the-clock efficiency in the hands of hackers means the stakes have never been higher, and the time between vulnerability discovery and exploitation has never been shorter. This necessitates a combination of the best technology and processes, coupled of course with appropriate focus on people, and it's driving a spate of consolidations as industry players push towards a platform approach that replaces multivendor setups.

Check Point's Chief Strategy Officer Roi Karo heartily endorses consolidation, pointing out that regardless of whether arising as the result of M&A activity, the introduction of point solutions to contemporary issues, or anything else, vendor sprawl becomes risk in its own right. "This is a 'forever' dilemma," he set out. "Should we have vendor concentration risk on one side, or 80 different vendors not integrated, leaving the customer to do the integration?

Applying the reductio ad absurdum technique, he assessed the extremes. "Let's take 80 vendors. That's bad. On the other side, let's take one vendor. That's also bad. So, what is the sweet spot? There isn't one answer, but I think consolidation is very important."

There is nuance here. Many top infosec vendors are indeed pressing for consolidation. It makes sense on a basic level, as managing multiple vendors is administratively challenging, while securing an enterprise with disparate tools adds an additional layer of becoming risky through task overload and skill dilution.

Maturity and responsibility

All eggs in one basket isn't a good idea either, though. "You want experts, and this is the balancing act you need to do because if you buy everything from one vendor but you get mediocre security, well, that's not a good idea. In security, and this maybe different to other industries, there is good security, and okay security, and even bad security. But with AI attacks, you need the best security, and you want to deal with experts."

The answer lies in maturity, as Karo went on to explain. "Our approach is finding the sweet spot of consolidating many things, but not everything. And our approach is that everything we do, we must be the best at, and if we don't have the best solution, we prefer saying to our customers we don't own it [and instead defer to] a preferred partner."

It's an eminently sensible approach, and often the proof of the pudding isn't found in what's been included the vendor portfolio itself, but in what's been left out or eliminated.

"Let's take an example. Check Point does not play in the SOC [Security Operations Centre]. We don't have a SIEM, and that's okay. This is an expert area and you want a SOC expert. So buy Microsoft, SentinelOne, use their product, and we will make sure that we're deeply integrated."

Karo described the approach as 'being responsible'. "A year and a half ago, we announced that we're out of CNAPP [Cloud Native Application Protection Protocol]. We felt our product is not as good as [those of] our competitors, so we decided to do the responsible thing; security is a lot about responsibility."

That's not only a refreshing take, but one which builds the essential foundation on which the cybersecurity industry is built. Trust.

Check Point's approach is also reflective of an enduring fact of cybersecurity, that it is a team sport at the company, vendor and industry level. To borrow from the language of worker solidarity, an injury to one can very quickly become an injury to all.

Guarding against over-consolidation

But there's always a level of absurdum in the technology industry. Said Karo: "Companies are [consolidating] and I think it's a good thing…until it becomes too big and you get concentration risk. The solution? I don't know, but our answer is focusing where we can do great things."

And the way Check Point does that, Karo went on to explain, is delivering solutions into four defined pillars while sticking closely to its knitting. Those areas are Hybrid Mesh Network Security protecting distributed, hybrid cloud environments, on-premises data centers, branch locations, and internet-facing services using a unified, AI-powered framework.

Then, its Workspace Security defends modern digital workspaces, SaaS applications, and employee endpoints against AI-driven phishing and social engineering.

Exposure Management provides visibility into attack surfaces, enabling security teams to see risks, map permissions, and prioritise actions.

Finally, AI Security is built to protect the AI stacks which are becoming part of the enterprise whether by design or stealth. This includes protecting AI apps, generative AI models, and autonomous AI agents from data leakage and prompt injection.

All in on AI security

Karo confirmed that Check Point has a clear vision of where cybersecurity is headed, and it's doing a little consolidation in its goal of being the best to secure a changing threat environment. "We're all in on AI security. We acquired a great company from Switzerland. We acquired another company from Israel. We're combining and adding more capabilities. And we feel confident enough, responsible enough to tell our customers we know how to secure AI.

"And if we weren't, we would say buy it from someone else, because this [AI threat] is real. You need to be responsible because when bad things are happening, you want the right vendor on your side."