We recently wrapped up Zero Trust Live, our premier virtual event for IT and security leaders. In this post, I'll help you digest the key news and highlights from the event which featured an incredible line-up of industry visionaries, zero trust experts, and product innovators.
Before I begin, if you missed the event and want more than a recap, you can watch it in full, anytime here.
While so much was covered at Zero Trust Live, here are what I believe are the five key takeaways from the event:
As a product marketer, nothing is more frustrating than seeing zero trust slapped onto everything in the industry (ahem, legacy network security vendors). I think Jim Alcove, Security Advisor & Former Chief Trust Officer, Salesforce, brought so much clarity to the term zero trust with this simple analogy from our keynote session:
“If we think about security as a network example, it's about protecting how you're going to get to the thing that's important. So it's not about protecting the bank or the airport. It's about protecting the roads to the bank or the tunnel to the airport.” – Jim Alcove, Security Advisor & Former Chief Trust Officer, Salesforce
In 2016, Zscaler introduced the first-generation of zero trust network access (ZTNA) in response to the massive problem of remote access, and it quickly became the industry standard for VPN replacement. Nevertheless, there was still a compelling problem at stake: what happens if the tenets of identity have been subverted by a compromised user or insider threat? With our latest release, Zscaler Private Access (ZPA) becomes the only ZTNA platform available that securely CONNECTS, SEGMENTS, and PROTECTS users, applications, and devices in a single cloud platform. To learn more about next-generation ZTNA, watch the session here.
First, we revealed how private app protection stops prevalent attacks. While there are massive efforts in the industry to develop more secure code, we still have a long way to go. 60% of organizations have had production applications exploited by OWASP Top 10 Vulnerabilities, according to ESG. While zero trust access reduces the blast radius of an attack by eliminating lateral movement, compromised users and insider threats could potentially steal sensitive data or bring down services if they can infect apps behind ZTNA services. ZPA AppProtection will automatically detect and block the attack to protect your applications. Watch the demo here.
Secondly, we dove into how new integrated deception disrupts advanced adversaries. Targeted ransomware, supply chain attacks, nation-state threats, and other attacks that make headline news all have something in common: a thinking, human adversary. The threat landscape has fundamentally shifted from malware-driven to a hands-on keyboard focus which makes threat detection difficult and all the more crucial. An industry first, integrated deception evolves lateral movement detection for advanced attacks with private app decoys deployed seamlessly through Zscaler Private Access. Think of it as the “easy button” for deception. Watch the demo here.
Third, we introduced privileged remote access for Industrial IoT and OT systems. Plant operations teams prioritize plant uptime and people safety, which drives the need to allow third-party vendors and service technicians to access production systems which could potentially introduce risk of ransomware, lateral movement, and downtime.. With our newly launched Privileged Remote Access solution for Industrial IoT and OT, we enable fully isolated, clientless access to RDP and SSH systems for employees, vendors, and contractors connecting from untrusted networks and unmanaged devices. As part of this, we’re also proud to be partnering with one of the world’s premier providers of industrial automation solutions, Siemens, who is making Zscaler Private Access available as a native connectivity option for their industrial devices. Watch the demo here.
Nearly every one of our customer speakers stressed that a great user experience was paramount to their success. With zero trust, they removed the friction that a lot of people experience in their daily lives when accessing resources.
“ZPA lets people have literally a bookmark style of access to things that otherwise you'd have to do traditional network merges and IP address deconflicts and change DNS settings. It is months and months and months of work that, literally overnight, I didn't have to worry about.” – Steve Williams, Enterprise CISO, NTT DATA
Most organizations struggle with where to start. During the event, we touched on the importance of figuring out where you can buy down risk, or at a minimum, solve a painful business problem, whether that's performance, cost, or legacy technology incurring technical debt. Once you tackle that, the next step is to expand strategically. Remember, zero trust is not a monolithic effort! To get an actionable playbook for zero trust transformation, watch our best practices session here.
And a heartfelt thank you…
To all of our speakers, partners, and attendees for making this one of our most successful events of the year:
You can look forward to even more at our marquee annual user conference Zenith Live 2022