There really is no getting away from AI these days, it is talked about as a tool of the attacker and defender, the biggest threat and opportunity of our time, and even the potential tool of a state actor.

Last week I found myself at Check Point’s CPX Conference in Vienna, and it was no real surprise to find that AI was very much on the agenda. From the findings that AI is now powering cyber warfare in its latest threat report, to claims from former CEO Gil Schwed that AI “is going to touch every single part of our lives which will make things stronger, and will make us as human beings much better.”

New Dimension

Now at this stage, you may be thinking that a company that sells products and services talking about AI may be a reason to immediately close the page, but what interested me was the discussion of AI throughout the presentations from the company’s senior executives.

For example, CEO Nadav Zafrir said AI is not just a new technology, “but a new dimension” and when the world enters a new dimension, humans have limitations on how to understand what is coming and it takes a little bit of stability to understand it. 

Presenting on AI, CTO Dorit Dor said that the “journey that AI is taking and where it's taking us all” is specifically exciting.

She said: “Watching the industry going through the transformation and changes of internet, mobile and the cloud, I think AI is going to be much much bigger than them.” 

Now what makes this ‘new dimension’ considerable for Check Point is that Dor said she had come across AI in 1987, when she saw an article that said ‘programming is going away and the content is AI is taking over’ and after that time, more code would be written by computers than people.

That hasn’t come to be of course, but we are now at a stage where AI is becoming central to discussions around cybersecurity work.

Yesterday’s Decisions

One of the key messages was on how changes have been made, and if you’re still taking time to make a decision, you should have done these already. Summarising considerations from 2024’s conference, Dor said these were on: attackers building out a massive targeted attack using AI; how to secure the AI with a consideration on compliance; and finally operationalising and managing the huge amount of data.

There are also considerations on which provider you use - is it a giant large language model provider “and be dependent on that company,” or choose something open source? “Each of the choices has problems and you want to know about how the data was trained, and you may want the LLM to explain why it reached that conclusion.”

She said another issue is that too many companies claim to have excellent AI, but customers have no way to compare these offerings.

The key point was what is coming in AI this year. Dor said there is a “continuation of what we have” and this should include a better level of scaling, more agents, and better management of costs.

“One thing that is very important, in order to leverage all of the data in your organisation you have to have a data pipeline with semantic understanding of your data,” she said. “You will see more and more technologies outside of this semantic analysis.”

She added an old security knowledge point that everything you do and add at every stage will add more risks, including external untrusted entities.

Business Owner

The concluding points were on how AI will be used in an organisation. Firstly she stressed the importance of a business owner who would oversee the whole shape of the concept, and also be the only one that really understands the data and the quality of the results. “So the business owner becomes a critical part in this decision,” Dor said.

The other key point she cited is that if you only only work with AI at first, the process will be slower, “but if you take multiple engines and teach them and score them into doing a better job over time, you would have amazing, scalable machinery.”

She said: “Think about the future of how you activate your business owner and do AI first. There is also a question of trust, how we prove trust - maybe it's time to improve trust.”

Dor concluded by saying when delegates left Vienna and implement AI, “you have to start today, but really you had to start it yesterday.” This includes working with your vendors, identifying early adopters and working with infrastructure leaders in order to help create AI, inside your organisation.

“I also advise you to take an AI first approach on some project for better, even secure AI,” she said. “Data is being remodelled, and AI is coming, and be there or be square.”

I could talk to a hundred different companies and get a hundred different perspectives on AI, but for my first company conference visit of 2025, the concepts on AI from Check Point stood out well.

This is a company with its stock in network security since the 1990s, and very much keeping up with the movements in cybersecurity. Is the advice that you should have started your AI project yesterday helpful? Not really, ask any breached company what it could have done in hindsight, but the advice on implementing AI should be useful to many as the hype bandwagon rolls on.

Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.