Check Point’s New CEO Talks AI Threats, SASE And Brutal Honesty

Newly appointed CEO Nadav Zafrir outlined his vision and roadmap for the company in an AI-driven world.

(Check Point CEO Nadav Zafrir on stage at the CPX 2025 conference.)

Gil Shwed co-founded Check Point Software Technologies 32 years ago and served as the company’s CEO for three decades.

In July 2024, Shwed handed the reins over to his newly appointed, handpicked CEO, Nadav Zafrir, the co-founder of venture capital firm Team8, a former IDF intelligence officer, and a security tech leader bursting with ideas and a strategy to lead Check Point into the AI-driven future.

[RELATED: Check Point CEO On The Midmarket's Unique Cybersecurity Needs, AI And The Newest Threats]

During his keynote at Check Point’s CPX 2025 event in Las Vegas this week, Zafrir outlined his vision and roadmap for Check Point.

Here are 7 quotes from the new CEO that define his vision and goals for the company:

7 Quotes From Check Point’s New CEO Nadav Zafrir

• The importance of “brutal honesty” in cybersecurity

“Brutal honesty, [in] my opinion, is the first guided principle to stay secure in this [security] race, and then innovation.”

• Security is security, no bells and whistles

“Security is about security. It’s not about celebrities jumping out of the matrix. It's not about a huge banner on the fastest car in NASCAR or Formula One. Now don't get me wrong, I love all of that, but that's not what security is about. Security is about real work, real technology, real research, really understanding where the attackers come from.

• AI is not just a revolution

“AI is not just a revolution It's literally a new dimension. It's a double-edged sword, like any other great technology that comes out. But this is a new dimension, and I think we need to be humble when we think about where AI is going to take us and what the impact is going to be ... we really cannot imagine as humans, we're just stuck in our own world. It's really hard to delve into the future and imagine what is, what it looks like, but we got to be ready for this future.

• What AI will not change

“Let's start with what at least we believe will not change ... we are going to have hyper-connected, ultra-complex networks. That's not going away because of AI. In fact, in the foreseeable future, I think it's just going to be exacerbated by AI. This mesh that's just becoming bigger and more complicated and more complex ... we're protecting organizations that have a target and an objective, and people are using it, and so we need to think about these hyper-connected networks and how we can secure them.”

• The new AI threat landscape

“The attack surface is just blown up again [with AI]. Deepfakes [are] one example that is already ubiquitous and out there, and it's happening all the time. But we're also seeing data poisoning ... We did see modeling version attacks, at least in theory ... And you always have to remember that this is a learning competition between offense and defense. When you think about this from the attacker's perspective, [they] can now get their hands on amazing technology that, until a couple of years ago, didn't even exist. And so they can go after us with more precision. They can be more personalized, more precise, and with much less effort.

How many of you ... in this room were not affected by SolarWinds? Raise your hand ... well, it's hard to see, but I don't see any hands going up. I can tell you that you shouldn't feel bad ... we were affected [at] Check Point as well. It [was] a very sophisticated supply chain attack. And now let's imagine what it would look like in the future ... let's go back in time 2020, SolarWinds ... a malicious update was unleashed, the payload espionage,18,000 private and government entities were affected. The attack shook the world.

[RELATED: TacitRed: A New Weapon In War On Software Supply Chain Attacks]

Now let's go to the future, 2025 -- imagine the same attack, this time powered by AI. Well, we're not in Kansas anymore. AI is beyond any human capabilities. It never sleeps or makes accidental mistakes. It's relentless. When sent on a mission, it will use all of its powers, day and night to penetrate any network. Using AI is like buying a weapon of mass destruction over the counter.

The AI could write and test the code itself, creating variants to avoid detection in the blink of an eye, faster than your analysts can read the alerts, identifying high-priority targets ... AI scans the network, identifies weak points and maps out a plan of attack, all autonomously.

[AI] knows exactly where the critical assets are, sensitive data, financial records and intellectual property, all taken over by a shape-shifting AI that acts like an army of the best hackers in the world. No traces, no patterns, no way to track it with AI evolving every day. The possibilities are endless. The future of cyberattacks isn't coming. It's already here.”

• On Check Point’s SASE offerings

“SASE is an important part of securing the future of your hyper-connected network ... SASE for us is front and center ... we did not invent SASE, and we weren't the first in the game [with] SASE, but sometimes it's important to come at the right time with the right solution and already learn all the mistakes that the pioneers have made.

And that's what we're doing with our SASE. Because if you look at SASE as an architecture, this is a traditional limiting architecture. If you want to have connectivity between a branch somewhere to the internet, the only way you can do it is through your SASE because you don't have this mesh connectivity, and it's a limiting architecture.”

• On cloud costs

“Finally, let's face it, cloud cost is killing us. For most organizations in the world right now, it's the second budget line item right after HR, so we need to be able to control that.

And so ... here is what we are focused on to provide a real security platform for your hybrid mesh, and that's the [Check Point] Infinity platform. The Infinity platform, at the end of the day, is designed to secure on-premise environments, cloud environments, but bring all that into unified management that allows you to streamline policies across branches, multi clouds, security controls across all of your products, and imports its data and intelligence through the threat cloud AI, which gets this information from all of our solutions, from several different dozens of engines on the cloud that are constantly forming.

We're going to collaborate with all of the other vendors, whether we like it or not, whether we are happy that you have dual vendor firewall ... if we know about a vulnerability, if we know an attack vector from our Infinity platform, we're going to inform other security measures ... even if they are fierce competitors to make sure that you're better protected. And a couple of weeks ago, we announced, as an example, the partnership with Wiz ... we think Check Point and Wiz together can offer you better cloud networks, better cloud security. With our cloud network security and with Wiz, state-of-the-art posture management system ... we think we can seamlessly deliver better cloud security.”