Check Point CTO Jonathan Zanger sees AI increasing the value of cyber

Check Point Software CTO Jonathan Zanger met with CSO Spain during the Engage 2026 software user conference last week in Paris.
At the event, Check Point executives and representatives discussed how the company is dealing with different types of threats, how to adopt AI safely, and how Check Point and others can use AI to their advantage.
“That’s why I believe that 2026 is an interesting year to work in this sector. All technological changes have a significant impact on Internet security,” Zanger told CSO Spain. “I think right now we’re seeing the biggest change since the Internet. So, without a doubt, we’re going through big changes.”
What follows is CSO Spain’s interview with Zanger, edited for length and clarity.
How are AI agents changing the way we detect and stop cyber threats? What new risks are they taking?
I will try to answer on several levels. The first is how we work differently as a cybersecurity company to protect our clients.
We’ve always had teams of experts monitor threats, identify malicious actors, and create new defenses for our products. As a result, whenever we found an APT group, we scanned it and created signatures to protect ourselves from it. Or when we saw a suspicious network used by malicious actors, we identified its location and blocked it. While it’s true that, in many ways, we’ve always been limited by the number of skilled people who can gather that intelligence and turn it into effective defenses, what has AI allowed us to do? Amazingly measure this work.
Can you give an example?
We have always had red teams testing our products to ensure their safety. And we have always valued those groups very much because they make our products more secure. Now, those teams are incredibly powerful thanks to AI, working 20 times more efficiently. What do we have now? A combination of humans and AI agents, with around 300 instances constantly monitoring and testing our systems. This is what allows us to deliver better internet security and increase our capabilities.
But it’s clear that malicious actors are using AI to do their jobs…
That’s right. As it helped us measure our activities, it also helped them. We are now seeing the rise of small, agile threat groups and malicious actors, who are able to conduct phishing campaigns with less expertise than ever before. As a result, we are seeing more and more people entering the field of offensive cyber security. So, perhaps the final piece of the puzzle is that organizations are adopting AI systems, and now we have a new challenge: How are we going to protect ourselves?
In this context, what security challenges arise when AI agents are able to access and use business systems? In your opinion, which organizations should be prepared?
Systems used to be deterministic: Given the same input, they produced a predictable output, which made them easy to defend. With AI agents, this changes, as they understand natural language, handle ambiguity, and their behavior is not always predictable, requiring a new approach to cyber security. In addition, something very important must be considered: AI depends on the systems it is connected to. There is tension between security groups, who want to limit this communication to reduce risks, and those who promote AI, who want to integrate it throughout the organization to collect information from any location.
In other words, the more connected the AI is, the greater the attack surface and security risk.
How does artificial intelligence make it easier for attackers to create cyber attacks? In your opinion, what are the most important defenses today?
AI has revolutionized software development, making it faster and more accessible. But what happened? Cybercriminals use this same capability, which allows them to amplify attacks such as phishing, ransomware, malware, and vulnerability exploitation, increasing both the speed and volume of threats.
What do you recommend to do in this situation?
Defenders must also embrace AI. Detecting and reacting is no longer enough when an attack can cause damage in seconds, so prevention plays an important role. Although the attackers maintain a certain advantage because they need to strike only once and are not subject to regulations, the defenders have a distinguishing feature: cooperation between groups, organizations, and security companies, which helps level the playing field.
But you can’t deny that many AI platforms are still risky…
Of course, because innovation often advances faster than security. This is why I recommend that a security layer be installed from the beginning of any AI project and not assume that the platform is secure because it comes from a trusted vendor.
How can AI platforms be used safely given the growing attack landscape? Which risk do you consider the most dangerous?
In all the evolution of systems, innovations, and organizations, security has never been a priority since the beginning of product development. We see this because we investigate different platforms, especially AI platforms, to test their security. This has allowed us to uncover major vulnerabilities in every AI platform we’ve analyzed over the past year, as well as in every major AI development tool.
Now, I’m not criticizing anyone here, because their job is to launch new products quickly. But I believe there are security gaps. That’s why I think that, in many cases, this is the role of organizations like ours: to work with companies to ensure that when they use these new technologies, they do so in a way that protects their data, protects their employees, and does not increase their risk.
Can you share any lessons you’ve learned in embracing AI?
Definitely. The lesson I’m taking away is that if you’re using AI, no matter what the application, you have to do it with a layer of security. And don’t assume that the platform is secure because it comes from a fictional AI company.
In your opinion, what are the most important innovations in security today? And how do they help customers and organizations stay secure?
I would like to point out three major areas where AI is revolutionizing cyber security. The first is the use of AI to strengthen security operations. Just as it revolutionized software development, AI is changing the way security teams work, allowing them to identify vulnerabilities, assess the security posture, make changes, and respond to threats faster, more effectively, and at scale.
The second area is the protection of AI applications and agents themselves. As these technologies are integrated into corporate networks, the challenge arises to ensure that they do not create a new attack vector or expose sensitive information. This is a very recent field, driven by the rapid adoption of generative AI, where there is still ample room for innovation.
Finally, I want to emphasize the need to protect against the increasingly fast and sophisticated AI-driven attacks. To this end, I advocate combining advanced models capable of detecting zero-day vulnerabilities and anomalous behavior with AI systems that mimic the behavior of an ethical attacker. In this way, organizations can anticipate cybercriminals, identify their attack surface, and strengthen their defenses before an incident occurs.
The last question concerns the needs of small and medium-sized organizations, which want AI systems to be more transparent and easier to audit if they help detect or respond to threats. What are your thoughts on this?
I believe that explaining is an important part of what we have to offer our clients as cyber security lawyers. There is always a tension between blocking something immediately and, at the same time, being able to explain why it was blocked. People like to understand what happened, and this provides a critical balance. Therefore, my opinion is that we should automatically prevent as many threats as possible, without requiring human intervention, but we should also enable people to understand what happened and change the future behavior of the protection methods.
Víctor Manuel Fernández attending Engage 2026 as a guest of Check Point Software.



