Enterprise AI Transformation, Check Point Builds Security Defense Line for "AI+" Era with Three Major Acquisitions

Enterprise AI Transformation: Check Point Builds “AI+” Security Defense with Three Major Acquisitions

By 2026, it will be a pivotal year for global industries. If the past two years were the “hundred-model battle” of general large models, 2026 is widely seen as the inaugural year of AI evolving from “chat (Chat)” to “agent (Agent).” With the implementation of the national policy on “Deepening the ‘AI+’ Action,” AI is accelerating from a novelty auxiliary tool to a new engine driving core business operations.

Supporting data illustrates this dramatic change: According to statistics, by December 2025, the call volume of tokens for a major domestic large model exceeded 50 trillion, more than tenfold year-over-year, with over 100 enterprise clients having used over one trillion tokens. Industry experts predict that in the future, about 80% of token consumption will come from enterprises, and 20% from individual users. This means the main battlefield of AI has shifted entirely from consumer daily interactions to enterprise production processes. Companies are no longer satisfied with using AI to generate a few lines of copy but are deploying AI agents to call APIs, process financial data, and automatically execute operational commands.

However, as AI begins to “get things done,” the challenges for enterprise CISOs (Chief Information Security Officers) are just beginning.

Security Anxiety in the Deep Water of “AI+”: The Race Between Speed and Loss of Control

The deep implementation of the “AI+” initiative has boosted confidence in digital transformation among Chinese enterprises but also introduced unprecedented security challenges.

From a traditional cybersecurity perspective, defense boundaries are clear. But today, with AI agents widespread, shadow IT is no longer just software downloaded by employees but invisible data calls lurking within business flows; attackers no longer rely solely on exploiting vulnerabilities but use AI to generate more convincing phishing emails or even induce hallucinations in models to leak sensitive data.

As Check Point notes in its latest strategic insights: “The development speed of AI has surpassed the ability of most security teams to keep up.” Faced with this “out-of-control” risk, many companies instinctively respond by “stacking security tools.” But from Check Point’s perspective, patchwork solutions are ineffective in the AI era. With rapidly increasing token consumption and omnipresent AI agents, enterprises need to reconstruct their security logic: not just adding more defense tools but rethinking security design and operations in a new normal where both attackers and defenders use AI.

Therefore, Check Point emphasizes a “Prevention-First” core philosophy and is actively pursuing a series of strategic acquisitions to build a comprehensive security foundation for this AI-First world.

Four Pillars and the “Open Garden”: Rebuilding Security Architecture

To address the complexities of the AI era, Check Point has chosen not to adopt a closed approach but instead proposes an “Open Garden” platform strategy, emphasizing collaboration within a broad security ecosystem to avoid locking customers into a single technology stack. Based on this, Check Point has established four strategic pillars aimed at covering all aspects of modern enterprise operations:

1. Hybrid Mesh Network Security: Using a unified, AI-driven control plane and consistent “Prevention-First” policy enforcement across data centers, hybrid clouds, the internet, branch offices, and SASE environments to protect distributed enterprises.

2. Workspace Security: Securing modern digital workspaces—including devices, browsers, email, SaaS applications, and remote access—ensuring productivity without compromising security in environments where users interact with AI.

3. Exposure Management: Helping users identify potential attack surfaces comprehensively, prioritize real risks while ensuring business applications, and shift from passive vulnerability management to continuous, intelligence-driven risk management.

4. AI Security: Protecting the entire AI technology stack, including employee AI usage, enterprise applications, autonomous agents, and the supporting models, data, and infrastructure, enabling safe and scalable AI adoption.

To realize this vision rapidly by 2026, Check Point plans to complete three key acquisitions:

1. Acquiring Cyclops to Make Risks Visible

During cloud migration and AI deployment, a major pain point is often “asset invisibility.” The dynamic, minute-by-minute changes in cloud environments and the covert data flows generated by AI tools render traditional asset management tools ineffective.

Check Point’s acquisition of Cyclops, a leader in Cloud Asset Attack Surface Management (CAASM), aims to solve this problem. Cyclops doesn’t just list assets; it maps the connections between assets and informs security teams: Who owns this asset? What is it connected to? Where are the real exposures? This shifts the focus from blindly patching thousands of vulnerabilities to precisely addressing the few risks that truly impact business.

2. Acquiring Cyata to Enhance AI Agent Transparency

When companies deploy Copilot or autonomous agents, these AI systems may have access to sensitive systems and perform automated operations. Without proper oversight, they become powerful internal threats.

By acquiring Cyata, which specializes in AI agent governance, Check Point gains the ability to improve AI behavior visibility. Cyata can deeply analyze where AI agents are operating, whether their actions cross boundaries, and if there’s a risk of data leakage. This allows companies to implement “guardrails” on AI agents, enabling them to handle tasks securely and compliantly without stifling innovation.

3. Acquiring Rotate to Empower MSP Ecosystems

For many small and medium-sized enterprises (SMEs), AI transformation is urgent but they often lack dedicated security teams. Managed Service Providers (MSPs) play a crucial role here. Check Point’s acquisition of Rotate aims to create an integrated platform tailored for MSPs, enabling more efficient and large-scale deployment of workspace security solutions. This means even companies relying on MSPs can enjoy enterprise-grade AI security protections.

At this critical juncture of the 2026 “AI+” initiative, security is no longer a business obstacle but a foundation for transformation. Chinese enterprises’ AI transformation has moved from proof of concept (POC) to large-scale production. The surge in token consumption signifies productivity release and increased risk exposure.

By building four pillars and integrating Cyclops, Cyata, and Rotate’s technologies, Check Point sends a clear message: in an AI-First world, only through a “Prevention-First” architecture and deep governance of AI-native risks can enterprises truly master technology rather than be overwhelmed by it.