Check Point Software: ‘Technology is one of the Few Markets that is Truly Global'

We talked to Gil Shwed, founder and CEO of Check Point Software, who looks back on his life at the company since founding it in 1993, as well as the challenges facing the cybersecurity market.

Since its founding more than 30 years ago, Check Point Software‘s mission has been to secure the digital world for everyone, everywhere. From its firewall technology, to driving next-generation intelligent security with AI, to integrating and collaborating solutions through its Infinity platform, the software maker has been developing the tools needed to respond to increasingly sophisticated cyberattacks and threats in greater numbers, something that Gil Shwed, Check Point Software’s founder and CEO, has experienced firsthand during that time.

At the end of 2024, he decided to step away from his day-to-day role as CEO of Check Point, although he keeps a close eye on what is happening at the company he founded three decades ago because he maintains his daily office routine.

During the recent CPX 2025 congress organised by the software manufacturer in Vienna, we had the pleasure of chatting with him in an interesting interview to review his professional career and analyse a market where artificial intelligence is taking centre stage.

Here is our interview with Shwed:

-What led you to found Check Point Software in 1993?

I was inspired by the idea of creating a technology to share networks from different environments. Then the internet came along and, as a 24-year-old from Israel, I saw its potential to change the world. Thirty years ago, we were disconnected and suddenly we had the ability to send messages and emails, getting replies in minutes instead of months. We could also identify people and get information quickly.

When I was developing software, I could send it to someone and get it back in minutes instead of weeks. Before the internet, we were sending records in the mail that took three weeks to get from Tel Aviv to New York. And it seemed like something that would change the world.

Before the internet, we used to ask ourselves the question: how can I manage student phone calls at the university? After its arrival, the question changed dramatically: how do I manage all the students and universities outside my own network? That’s where my idea to develop a technology to maintain that connection and security to make the world a better place came from.

Time has proven us right, we were on the right track. The Internet became huge, probably a thousand times bigger than I could have anticipated, and it changed many things in our lives. Security also became essential from day one.

-The Internet inaugurated a world of possibilities, but also unknown to most people….

In the first two or three years at Check Point, I had to convince people of the potential of the internet rather than the need to secure the big network. Everyone wanted to be on the internet and asked about security, but many still didn’t understand the concept of a global network. We developed a product that customers liked and we started to expand globally from Israel.

Over the years, the company has grown both technologically and in size, while maintaining its focus on secure internet connectivity and communications. I feel like a proud father watching his ‘baby’ grow up and become more independent. Despite the changes, I remain passionate about Check Point and its evolution.

– There are probably quite a few, but what have been the milestones over the last three decades that you are most proud of?

Yes, we have achieved several in all this time, but I think there is one first milestone that I never stopped to talk about before. It was the introduction of our first product in 1994, a great revolution, a breakthrough for us and I think also for the world, because it became a new category: the firewall.

With this product we won the ‘Best of Show’ award at the CES show in Las Vegas in 1994, which for us was something we didn’t even know existed.

Suddenly, we were on stage with the biggest companies in the world. We became a major company even though we were still only three or four people at Check Point.

After that we started building the business, creating partnerships and starting distribution. Two years later, in 1996, we went public, which was a record because companies usually take seven to ten years to become successful. We did it in that time, although it wasn’t what I wanted, by the way.

It was something I didn’t want as going public completely changes your day-to-day work: you have to deliver quarterly results, you have to track your share price and everything you do is amplified. You have to assume that every day you are under a certain amount of scrutiny from investors.

But it was from that point on that we really started to build the company with 45 people. And the most interesting thing for me was to build a global culture.

That’s because, on the one hand, we founded Check Point in Israel, a small country. On the other hand, our market was not in Israel, but all over the world. From the first year we were a global company. We sold all over the world, about half in the United States and half in other countries.

Today it is more or less the same: about 40% in the United States, 40% in Europe and about 20% in the rest of the world.

Screenshot of Check Point Software's firewall interface, back in 1996. — Screenshot of Check Point Software’s firewall interface, back in 1996.

Building a company with a global culture was a fascinating experience for me. One of the things I attribute to Check Point’s success is that we really built a global company with a global team, not American, not Israeli, not European, not Asian.

And that’s, by the way, the beauty of being in technology. Technology is one of the few markets that is truly global.

For me, coming from a small country but being part of the world was always a big thing. And it still is, by the way. But it is also still a big challenge.

Coming back to your question, we further developed different solutions, such as virtual private networks, which make the internet the backbone of communication for companies.

We built a new architecture through Software Blades, where the firewall can handle additional layers of security. We entered new markets, some more successful than others.

We went from being a software company to building security appliances. In some ways we remain so even though customers buy our technology in software and hardware-based appliances.

We built a complete architecture that can provide end-to-end security for an enterprise and we entered the email market in the last few years. And I think we are now in a very interesting position because our technology is in the cloud, in the hybrid mesh network, in the data centre, in internet connectivity, in remote access… In short, in all these different places that are now encompassed in SASE, which is kind of an evolution of what we used to call the virtual private network market 25 years ago.

-What motivated you at the end of 2024 to step aside from being CEO and become executive chairman, and what issues will you focus on from now on?

I think there are two things that motivated me to do so. First, after 30 years, I felt that maybe I needed to downshift. As a CEO, my schedule was about 12 meetings a day and every evening something new came up.

You solve a lot of problems and it’s fascinating, but you never relax, you are always under pressure and at a certain point you also stop thinking about the future and the important things. You just think almost automatically about how to move forward, what to do and how to solve problems.

After such a long time, I felt I needed a change. Since 1996, when we went public, I’ve been asked why I don’t retire: ‘you’ve achieved success, you’ve made a lot of money, why don’t you retire?’ And I always said that what I like to do is work and I like Check Point, it’s the dream I’m living, but after 31 or 32 years in that dream, I thought maybe a change would be good, maybe I could start to see things differently, and it’s happened.

On the other hand, I also think Check Point can benefit from a new energy, someone who comes with new ideas, someone who doesn’t have the mentality of ‘I’ve already done it’ and things like that, but with new energy.

Gil Shwed, founder and CEO of Check Point Software

I had both motivations in mind. It was a long process, it took me about a year and a half from the day I started thinking about it as a possibility until Nadav [Nadav Zafrir, Check Point’s current CEO] took over and started running the company. It wasn’t an easy process to take on and maybe it’s too early to say, but the last two months I’ve really enjoyed it.

It’s great to go from 50 meetings a week to eight and to be relaxed, to be able to wake up at whatever time I want. I still come into the office every day, but suddenly it’s no longer my direct responsibility, it’s someone else’s problem, and that’s a big change.

But what will happen in six months’ time? I don’t know. I don’t know if I will continue to go to the office every day and consult on small things or if I will only focus on the big issues within Check Point as part of its future. It’s a good question. I will need to learn and take on my new role, but I am very excited because so far the first two months have been really great.

As I said before, I feel like a proud father to his son. Check Point continues to function and things are going well. Nadav makes good decisions, sometimes the same ones I would make, sometimes different, but I like them.

I think everyone at Check Point is excited, there is a good level of energy and I am very clear that Check Point in the end is a very sophisticated machine, with seven thousand people around the world, dealing with different markets, different countries, different relationships with customers and partners. There is a team I can trust, starting with Nadav, which makes me feel very satisfied.

-How do you see the current cyber security market including the competition?

First of all, I think we have the only technology in the industry that is completely preventative and really works as a single architecture. Many companies are competing with us directly or indirectly, but we have to worry about what we are doing. We have unlimited potential to prove our capabilities to ourselves. Customers may use more or less of our solutions or those of other vendors, but they always deserve to have the best security, and we want to provide that.

At the same time, we will see more consolidation in IT. I don’t think the number of vendors will increase but there will be more consolidation for one simple reason: customers can only absorb so many ideas. If you are a buyer and you have 300 people knocking on your door every year saying they have the best for you, you can’t digest that many ideas.

If you look at cyberspace today, because of the success of companies like Check Point there has been a lot of money flowing in and a lot of startups because everyone wants to have the next big product. But the market cannot absorb so many technologies.

Some will not be able to create a new category or make their category important enough. Others will compete because in each sub-category there are five or ten small competitors. But most will simply become part of a larger platform.

We have bought more than 20 companies in the last few years, we buy about two companies every year. It has allowed us to expand our platform and so far it is something that has worked well. I think that will happen a lot around us. Maybe in five or ten years we will see one or two big categories that we don’t anticipate now. I don’t know what they will be because then we would already be in them, or at least we would be trying.

-Yes, it is true that in the last five to ten years there has been more collaboration and cooperation between cybersecurity companies. What is the state of this collaboration in your view?

It is happening to some extent. We collaborate with organisations that are even direct competitors. To build a solid foundation, you need to work on the end-point, the cloud, the data, the application and the network. I think what we do at the network level is the most important thing, it is the core piece of technology, but we are not building authentication systems and directories, so we need to collaborate with third party companies and integrate their solutions. There will be more of that in the future. We need to build better partnerships, some more open and some more proprietary, but we will also build more open standards where security products can collaborate and transfer information with each other.

-Can you name some of the most critical cyber attacks you have seen in the last 30 years?

We have seen sophisticated attacks such as SolarWinds and the attack on Ukraine in 2017.

However, the real achievement is that we block millions of these attacks every week. Most attacks are not very sophisticated, but blocking them is crucial to keep our customers safe.

-How is AI changing product development at Check Point?

AI is changing everything, from the way we develop products to how we operate internally. Developers can write less code because machines can generate it. AI can also automate many tasks, making our systems more autonomous and efficient.

At the end of the day, my vision is that systems will be much more autonomous than they are today. Systems that can analyse everything that happens to us and say to a customer: ‘You are not protected here, you are not protected there. Do you want me to protect you?’ We will probably be able to ask the AI: ‘What you detect, fix it. That’s your job, do all these things so that the system is secured’.

I’m not sure what percentage of our work the AI will be able to do, whether it will be 20% or 99%, but the fact is that it will automate a lot of processes that we did manually before it was implemented.

-And how do you think AI will impact industry and the world in general?

AI is as big as any of the industrial revolutions humanity has experienced, maybe even bigger, although it is difficult to predict whether it will be integrated into everything we do.

Going back to the development area, AI tools are great for building simple interfaces. AI is amazing. You ask a programmer to do that and it becomes a relatively long process with a lot of bugs to work out over time. However, you ask the AI to create an interface, to read all the manuals, all the APIs… and within minutes you have a code that you can test. When you ask it to test it and create a test environment, it does. It’s an area where AI shines and can automate a lot of things. We need to educate our people to use it because it will make their lives easier and because they can reach new heights. We need to remember that we will not become lazier or work less, but we will become more productive.

If you look at every revolution that has happened in thousands of years, it has made people work a little bit harder, but also make them much more productive and live better.

In the specific case of cybersecurity, attackers are becoming more sophisticated. They can use these AI tools with bots in an incredible way.

‘Security is very much about analysing large amounts of information, and AI is great for that.’

They can do simple things like write phishing emails that are no longer distinguishable. Two years ago, when you saw a phishing email, it was enough to see the language to understand that it was suspicious. Today, you can’t do that.

Today, all phishing emails look super professional because they are practically all written by AI, and that is the simplest use of AI.

Think about building a sophisticated attack, analysing customer or network information and finding vulnerabilities. AI can do that, and in more sophisticated attacks, AI can do it even better. That is very, very scary from the point of view of the attacker.

On the other hand, we as defenders get incredible tools from artificial intelligence. Security is very much about analysing large amounts of information, and AI is great at that.

Shwed, speaking at the CPX 2025 annual conference, organised by Check Point in Vienna.

Security is about creating, verifying things, analysing them and making sense of them. Generative AI is doing all that, and humans are sorely lacking in people to do these jobs. People can only digest very limited amounts of information. And AI can do it 24/7 without getting tired, although AI can also make mistakes, just like humans. That is something we have to remember. But we can learn and AI can learn faster.

I think we have a great opportunity to change both the way we advocate and the way we operate internally as companies.

We don’t know everything that the future holds, but I know that AI will have a big effect on our lives and definitely on people developing security solutions it can have a very positive effect.

-What are the most promising areas of innovation for Check Point?

There are many, considering that Check Point Software is an organisation of 7,000 people, of which 2,000 are engineers and developers.

Every day we come up with new ideas for innovation, but we can’t always dedicate time to them. The most promising ones are left on the list for the following months.

At the moment I could highlight what we call the hybrid mesh network, which basically tries to connect all the elements in a unified way: the cloud, data, branches, applications, data centres, AI… all from a cybersecurity point of view.

There’s a lot of innovation at Check Point. Some of it will come to fruition, some of it won’t, and I think it will be fascinating to watch.

-Let’s move on to talk about Check Point Software’s Infinity platform. I’d like to know about the integration between the different products and its importance in providing effective cybersecurity.

I think it’s very important to have one platform and one architecture when you’re connecting things for your customers using dozens of cybersecurity products. It’s very common for a medium to large enterprise. And the main thing is that it’s difficult, expensive and, above all, it’s not effective. You can find a vulnerability in a file with a tool, but then this file can come into the organisation via a download and not be detected because it is a different process.

To be effective in cyber security, we need all the tools to work together and collaborate with each other. And that is not happening today. I think with the Infinity architecture this can become a reality. AI tools will also help improve this, as they are very good at creating these interfaces and moving all that information around.

As part of this process of integration and collaboration, I think there will be consolidation and working with fewer vendors, as I said earlier. Those that facilitate this integration and that can work as one team will remain. That is the only way to achieve full and efficient security.