Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a pioneer and global leader in cybersecurity solutions, today announced the release of its "Under Pressure: The 2026 Exposure Gap Report." The report reveals that while the proportion of critical vulnerability exposures has more than doubled in the past year, fewer than 1 in 12 (8.3%) were urgent enough to require immediate attention.
Attack tools leveraging automation and AI are transforming the speed and scale at which exposures can be exploited. Threat actors are now able to test exposed systems, credentials, phishing infrastructure, and known vulnerabilities at a scale and speed that manual triage simply cannot match, targeting more organizations than ever before. This is widening the "exposure gap" between visibility, prioritization, and secure remediation, shrinking the time defenders have to act before exposures can turn into actual breaches.
Key findings from the 2026 Exposure Gap Report include:
Vulnerabilities Double: Vulnerabilities accounted for 42.6% of all critical exposures, more than doubling from 18.7% a year ago, making them the largest category of critical exposures in 2026.
Prioritization Gap: Only 7.8% of all vulnerability alerts were prioritized as "critical" or "high" after validation of exploitability, with over 90% of alerts found not to require immediate remediation.
Risk Concentration: 76% of all critical exposures were concentrated in two categories: "vulnerabilities" and "data leakage," with risks consolidating around exploitable vulnerabilities and exposed data assets.
Phishing Increases: Phishing sites accounted for 10.5% of critical exposures, a significant increase from 1.0% the previous year, making it one of the fastest-growing exposure types this year.
Large-Scale Exposure Mitigation: Across all industries surveyed, organizations implemented 85.9% of recommended fixes, demonstrating that exposures can be resolved at scale with proper prioritization and response workflows.
Yochai Corem, VP & GM of Exposure Management at Check Point, stated:
"Attackers are testing more exposures, against more organizations, at a speed that security teams cannot manually keep up with. The organizations that stay ahead are those that can quickly identify the few risks that are actually exploitable from a sea of alerts and safely remediate them without disrupting operations. That is what exposure management provides, and it is rapidly being recognized as a critical metric for measuring operational readiness."
The report also shows that rapid and secure remediation is possible. A number of organizations resolved critical exposures in under an hour, with the utility industry leading at 30%. The median time to remediate exposures across the fastest responding industries was 12.6 hours, demonstrating that exposures can be resolved quickly, even in highly sensitive and high-risk environments.
Exposure trends vary significantly by industry. Utilities and government organizations saw vulnerabilities account for 78.2% and 56.2% of their critical exposures, respectively. Meanwhile, data leakage was also a critical exposure, accounting for the largest proportion in healthcare (63.6%) and finance (42.7%). The healthcare industry emerged as the most challenging environment to remediate, with the longest median time to fix exposures at 158.8 hours, despite a high rate of remediation implementation, reflecting constraints from legacy systems, clinical uptime requirements, and change management.
Check Point's Exposure Management integrates exposure visibility, evidence-based prioritization, exploitability validation, security control assessment, and secure remediation into a single workflow, helping organizations close their exposure gaps before attackers can exploit them and impact the business.
The "Under Pressure: The 2026 Exposure Gap Report" was announced at Check Point Engage in Paris, France, on July 2, 2026 (local time). The full report can be downloaded here.
This press release is based on a blog post published on July 2, 2026, US time.
About Check Point Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cybersecurity solutions to global enterprises and governments. For over 30 years, Check Point has protected organizations from the fifth generation of cyberattacks. Check Point Infinity’s portfolio of products and services covers all key areas of enterprise security: network, cloud, endpoint, data, and mobile. Check Point protects over 100,000 organizations of all sizes. Check Point Software Technologies, Ltd. was founded in 1993 and is headquartered in Tel Aviv, Israel. The Japanese subsidiary, Check Point Software Technologies Co., Ltd., was established in October 1997 and is based in Minato-ku, Tokyo.
Social Media Accounts ・Check Point Blog: https://blog.checkpoint.com ・Check Point Research Blog: https://research.checkpoint.com/ ・YouTube: https://youtube.com/user/CPGlobal ・LinkedIn: https://www.linkedin.com/company/check-point-software-technologies/ ・X: https://x.com/checkpointjapan ・Facebook: https://www.facebook.com/checkpointjapan
Legal Notice Regarding Forward-Looking Statements This press release contains forward-looking statements. These statements are based on the current expectations of Check Point Software Technologies Ltd. (the "Company") and are subject to risks and uncertainties that could cause the actual results to differ materially from those described in the forward-looking statements. Such risks and uncertainties include, but are not limited to, those detailed in the Company's filings with the Securities and Exchange Commission, including the Company's annual report on Form 20-F filed on March 31, 2026. The Company does not undertake any obligation to update forward-looking statements, except as required by law.
Media Contact Check Point Public Relations Office (c/o NEXT PR LLC) Tel: 03-4405-9537 Fax: 03-6739-3934 E-mail: checkpointPR@next-pr.co.jp
FACT BOX
- Source: PR TIMES
- Category: レポート発表
- Organizations: Check Point Engage