惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

美团技术团队
W
WeLiveSecurity
Stack Overflow Blog
Stack Overflow Blog
L
LangChain Blog
S
SegmentFault 最新的问题
Apple Machine Learning Research
Apple Machine Learning Research
Google DeepMind News
Google DeepMind News
F
Full Disclosure
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
The Register - Security
The Register - Security
G
Google Developers Blog
C
Check Point Blog
GbyAI
GbyAI
A
About on SuperTechFans
V
Vulnerabilities – Threatpost
T
The Blog of Author Tim Ferriss
T
Tor Project blog
AWS News Blog
AWS News Blog
Cyberwarzone
Cyberwarzone
C
CERT Recently Published Vulnerability Notes
MongoDB | Blog
MongoDB | Blog
Latest news
Latest news
aimingoo的专栏
aimingoo的专栏
U
Unit 42
Y
Y Combinator Blog
P
Privacy International News Feed
Cisco Talos Blog
Cisco Talos Blog
S
Securelist
S
Schneier on Security
雷峰网
雷峰网
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Attack and Defense Labs
Attack and Defense Labs
P
Proofpoint News Feed
C
Cisco Blogs
Webroot Blog
Webroot Blog
T
Troy Hunt's Blog
Google Online Security Blog
Google Online Security Blog
月光博客
月光博客
P
Privacy & Cybersecurity Law Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
罗磊的独立博客
Cloudbric
Cloudbric
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Hacker News: Ask HN
Hacker News: Ask HN
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园 - 司徒正美
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Microsoft Security Blog
Microsoft Security Blog

Check Point Blog

AI Appreciation Day: Let's Be Honest About What We're Appreciating - Check Point Blog AI Security Is Never Finished: Building the Continuous Red Teaming Loop  - Check Point Blog AI Security Threats in 2026: Annual Insights from Check Point Research - Check Point Blog AI Agents are Only As Effective as Their Harness - Check Point Blog Email Agent Hijacking: The Hidden Threat That Breaks Post-Delivery Security - Check Point Blog How Check Point Email Security Stopped a Student Job Scam Before It Reached the Inbox - Check Point Blog Redefining the CISO Contract: From Securing the Business to Securely Doing Business - Check Point Blog A New Ransomware Leader Emerges as June 2026 Attack Volumes Climb Worldwide How Unified Policies Close Security Gaps - Check Point Blog Under Pressure: Insights from the 2026 Exposure Gap Report - Check Point Blog When AI Invents the Attack: Browser-Native Ransomware - Check Point Blog Check Point and the AWS European Sovereign Cloud: Securing Europe’s Digital Future - Check Point Blog Shadow AI Is Not a Tool Problem. It's a Timing Problem. - Check Point Blog AI Is Changing Cyber Careers. NICE 2026 Showed What Students Need Next - Check Point Blog 90% of the World's Businesses are SMEs and MSMEs and AI Is Reshaping Both Their Future and Their Risk - Check Point Blog Prevention Before the Inbox: Reading the Microsoft Defender Benchmark Report in Context - Check Point Blog ClickFix: The Attack That Turns Users Into Their Own Attackers - Check Point Blog From Prompt Testing to AI Red Teaming at Enterprise Scale - Check Point Blog AI Has Moved From Assistance to Action. Is Your Security Model Ready? AI Security Governance: How to Secure AI Agents, Copilots, and Autonomous AI in 2026 - Check Point Blog OpenAI Frontier AI Models Powering Check Point's Leading Cyber Security Solutions The Operational Reality of Zero Trust- And How You Can Change It - Check Point Blog Amazon Prime Day 2026: Bargains Begin June 23 — and So Do the Scams - Check Point Blog Securing AI Agent Behavior with Amazon Bedrock AgentCore and CheckPoint AI Security - Check Point Blog What Successful Exposure Management Deployments Had in Common in 2026 - Check Point Blog From Stars to Upvotes: The Fake Reputation Economy Behind a Crypto Clipboard Hijackers - Check Point Blog AI Red Teaming Makes the Unknowns Known - Check Point Blog Check Point and Illumio Expand Partnership to Secure Hybrid Environments - Check Point Blog The NCSC Patch Wave Is Coming. Do You Know Where Your Risk Lives? - Check Point Blog NCSC Warns of AI-Driven Patch Wave: Is Your Attack Surface Ready? Energy, Healthcare, and Finance: Why Midwest Industries Are Facing Surging Cyber Attacks - Check Point Blog Midwest Cyber Attacks Surge in 2026: Energy, Healthcare, and Finance Under Growing Threat Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here's What Cyber Criminals Are Actually Doing - Check Point Blog Travel Phishing Scams Surge 122%: How Cybercriminals Are Targeting Travelers in 2026 The AI Your Security Team Can’t See Is the One You Should Worry About Check Point Engage Public Sector 2026: AI Is the New Battlefield Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative When Your AI Agent’s Memory Becomes a Security Liability AI Agents Are Becoming Enterprise Workers. Who Secures Them? Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026 The AI Defense Plane: Securing the New Enterprise Execution Layer The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem Check Point Lays the Groundwork for the Future of AI Factory Security with NVIDIA - Check Point Blog Check ... The 2026 U.S. Midterms Have a Cyber Problem, But it’s Not at the Ballot Box The Server Seizure That Affects Also Iran’s Cyber Operations The Autonomous Security Platform Built for Attacker Speed Check Point Frontier AI Models Readiness Program – Security Update 2026 Cloud Security Report: Why Traditional Network, Cloud, and Security Architecture Are Lagging Behind t ... AI Attacks Are No Longer Experimental: Key Findings from the March-April 2026 AI Threat Landscape - Check ... Protect GenAI Chatbots with Check Point WAF The Network Security Problem No One Could Solve – Until Now. Hacktivists, Ransomware, and a 124% Surge Across DACH The Case for a Vulnerability Operations Center Before the First Whistle: How Cyber Criminals Are Targeting World Cup 2026 - Check Point Blog World Cup 20 ... When the Ransomware Gang Gets Hacked: What the Gentlemen Leak Reveals About Modern Ransomware Risk - Check ... Cyber Threats Spike in April 2026 as Ransomware Expands and Attack Volumes Climb After Short-Lived Moderation Q1 2026 Ransomware Report: Fewer Groups, Higher Impact - Check Point Blog World Password Day 2026: Why "Strong Passwords" Can’t Save You from AI, Infostealers, and the Telegram Underground - Check Point Blog AI Threat Readiness: Defending Against Attacks Powered by Frontier AI Models Check Point Cyber Security Now Available Across All Levels of U.S. Government - Check Point Blog Check Poi ... VECT Ransomware: Why Paying Won’t Get Your Files Back Check Point WAF Leads Application Security-Validated by Frost & Sullivan Check Point WAF Leads Application ... From Access Control to Outcome Control: Securing AI Agents with Check Point and Google Cloud Experience AI-Powered Check Point Firewall at Google Cloud Next AI Finds Every Gap: How Many Can Your Network Survive? The Gentlemen RaaS Is Surging in 2026 The Phishing Paradox: The World’s Most Trusted Brands Are Cyber Criminals’ Entry Point of Choice World Quantum Day 2026: The Harvest Has Already Begun, Are You Prepared? Why Manufacturing Cyber Security is Becoming More Complex as Cyber Attacks Accelerate March 2026 Cyber Threat Report: Ransomware & GenAI Risk PS Private Training: Turning Cyber Complexity into Operational Control Tax Season 2026: How Cyber Criminals Are Preparing Their Attacks Months in Advance Claude Mythos Wake-Up Call: What AI Vulnerability Discovery Means for Cyber Defense Iran-nexus Password Spray Campaign Targeting Cloud Environments, with a Focus on the Middle East ROI of Hybrid Mesh Network Security (IDC Study 2026) Operation TrueChaos: TrueConf Zero‑Day Supply‑Chain Attack ChatGPT Data Leak (Fixed Feb 2026): Key Takeaways Spring Cleaning Has Arrived: Meet the New Check Point Portal Experience North America’s Cyber Security Threat Reality in 2026
Resilient by Design: When the Network Itself Becomes the Target
lizwu@checkp · 2026-05-06 · via Check Point Blog

Cyber security and operational resilience go hand-in-hand. Organizations have invested heavily in defending against breaches, ransomware, and service disruptions, building layered defenses designed to keep attackers out and systems running. But recent geopolitical developments are forcing a broader and more uncomfortable realization – the next major disruption may originate in the physical world rather than in code.

As cloud infrastructure becomes more deeply embedded in the fabric of global economies and national systems, it is no longer just a platform for operations, but an extension of the attack surface. And it is this shift that introduces an entirely new category of risk. Instead of services failing while infrastructure remains intact, organizations must now consider scenarios where the infrastructure itself is degraded or destroyed.

Cloud Infrastructure as a Physical Target

We saw this shift on display in March 2026. During a period of heightened geopolitical tension involving Iran, the U.S., Israel, and several Gulf states, hyperscale cloud infrastructure was directly impacted by military action. Iranian drone strikes targeted data centers in the UAE and Bahrain, damaging multiple facilities supporting major cloud providers. The impact was not limited to localized disruption. Structural damage, power outages, and even water damage caused by fire suppression systems led to severe impairment across multiple availability zones within a single region.

What made this moment significant was not just the scale of the damage, but what it revealed about resilience. Cloud architectures have long relied on redundancy models built around the assumption that failures would be isolated and contained. Availability zones were designed to operate independently so that if one failed, others could seamlessly take over. In this case, multiple zones were affected simultaneously, and, fortunately, the redundancy model held.

While alarming, this incident is not an outlier. It fits into a broader and accelerating pattern. In 2025, disruptions to undersea cables in the Red Sea affected roughly 17% of global internet traffic, demonstrating how fragile global connectivity can be when physical infrastructure is compromised. In the same year, major web infrastructure failures associated with large-scale providers caused widespread outages, underscoring how much of the internet depends on a relatively small number of centralized systems.

The Failure of Traditional Resilience Assumptions

Taken together, these events point to a fundamental shift. Points of presence, backbone connectivity, and cloud infrastructure are no longer just enablers of digital operations – they’ve now become targets. And regardless of how the disruption occurs, the result is the same. Traditional cloud resilience models are being tested in ways they were never designed to handle.

For decades, cloud architecture has been built on a set of implicit principles. Failures were expected to be contained and localized. Infrastructure itself was assumed to remain intact, even when services running on top of it failed. Carefully engineered redundancy across zones and regions was expected to absorb disruption and maintain continuity. These assumptions enabled the scalability and reliability that define modern cloud computing.

But the assumptions of the past are now increasingly misaligned with reality. Today’s failure scenarios are broader and more complex. Entire regions can become unreachable. Network paths can disappear without warning. Multiple availability zones can fail at the same time, not because of software bugs or misconfigurations, but because the underlying infrastructure is physically compromised.

In this environment, high availability is no longer enough. Resilience must account for the possibility of losing entire segments of infrastructure. When this happens, architecture becomes the defining factor between continuity and collapse.

Rethinking Resilience in Light of Modern Risk Scenarios

What resilience requires now is a shift in thinking. Instead of optimizing for efficiency within stable conditions, organizations must design for survivability under unstable ones.

A globally distributed architecture becomes critical. Resilience is no longer about density within a single region, but about the ability to operate across regions when one or more become unavailable. This demands true global distribution of points of presence, combined with the ability to reroute traffic instantly and intelligently based on real-time capacity and availability. In such scenarios, proximity becomes secondary. What matters is whether the infrastructure you depend on is still reachable at all.

Equally important is the concept of unified and portable policy. During a disruption, users may be rerouted across different regions, traffic paths may shift dynamically, and enforcement points may change in real time. Security cannot depend on location-specific configurations. Policies must follow the user and the data, applying consistently regardless of where traffic enters the network. Any gap between policy definition and enforcement introduces risk precisely when stability is most fragile.

Distributed enforcement is another essential component. Architectures that rely on centralized inspection points create inherent vulnerabilities. If those points become unavailable, enforcement collapses with them. A resilient model distributes enforcement across the network fabric, ensuring that inspection and protection continue regardless of where traffic flows. This removes single points of failure and allows the system to adapt dynamically under stress.

At the same time, organizations must confront the limitations of purely cloud-based models. SASE architectures that depend entirely on consistent, high-quality cloud connectivity assume ideal conditions that do not always exist. In reality, connectivity can degrade. Latency can spike. Entire regions can become unreachable. Under these conditions, resilience depends on the ability to continue operating even when the cloud is not fully accessible.

This is where hybrid approaches become essential. By extending enforcement to endpoints and branch locations, organizations can maintain policy continuity even during partial outages. Instead of failing outright, the system degrades gracefully, preserving core security functions until full connectivity is restored.

Designing for Disruption, Not Stability

This evolving reality is precisely what has shaped the design philosophy behind Check Point’s SASE architecture. Rather than assuming perfect infrastructure conditions, it is built with the expectation that disruption will occur. Our globally distributed points of presence provide geographic resilience, while a unified policy plane ensures consistent enforcement across all environments. Distributed enforcement eliminates reliance on any single control point, and hybrid capabilities allow protection to continue even when cloud connectivity is impaired.

The result is an architecture designed not just for performance under normal conditions, but for continuity under adverse ones. It reflects a broader shift in how resilience must be understood – not as the ability to prevent failure entirely, but as the ability to operate through it.

The cloud was originally designed to handle failure within controlled parameters. Those parameters are now expanding. Infrastructure itself can become unavailable. Regions can lose connectivity. Network paths can fragment in unpredictable ways. These are no longer edge cases but emerging realities.

Resilience must be defined by the ability to maintain operations despite partial infrastructure loss. Organizations that continue to rely on assumptions of stable, always-available infrastructure face increasing risk. Those that embrace distribution, adaptability, and architectural consistency are better positioned to navigate disruption.

The question is no longer whether infrastructure will fail. It is whether the systems built on top of it are prepared when it does.