https://www.zscaler.com/ Zscaler Blog — News and views from the leading voice in cloud security. en https://www.zscaler.com/blogs/company-news/ams-executive-partner-summit-recap After hosting more than 100 partner executives at our Zscaler Executive Partner Summit, we are going into this week feeling both immensely grateful and highly energized. Time is our most valuable asset, and having the opportunity to engage with so many of our partner leaders from across the Americas was a humbling and inspiring experience. During the two-day summit, we showcased to our partner executives the ongoing strategic investments that Zscaler is making in our Partner Ecosystem and how we can help them continue to grow and accelerate their business with us. Our internal teams have certainly experienced the momentum and vision that we have for our Partner Ecosystem. Being able to host senior executives from our most strategic partners to share that vision with them, experience the excitement together for the opportunity that lies ahead, and discuss the momentous milestones that we’ll soon conquer together truly ignites our teams as we propel towards our joint-mission and goals. As Zscaler continues to grow and evolve on our journey to $5 billion ARR, we’ve welcomed many new leaders across our global organization. With their experience, talent, and fresh perspectives, we’re accelerating like never before. At the same time, our focus on partners has never been stronger—we’re implementing new, elevated strategies that will unlock growth opportunities for our partners, forging both greater partner alignment, innovation, and unprecedented business momentum. From global partner engineering and M&A to customer success, business development, sales, and beyond, every corner of Zscaler is investing in and aligning on partner success in new, dedicated ways. Our goal is to ensure that as Zscaler grows and succeeds, our partners excel alongside us. Beyond the executive presentations, technical breakout sessions, and impactful 1:1 meetings throughout the summit, we couldn't miss an opportunity to properly celebrate everything our partners have accomplished this year. We celebrated their achievements and successes in a night of Yacht Rock sailing the night away with live music, dinner, and discussions as we looked towards our exciting journey together in our next phase of monumental growth. Reflecting on the event, we are filled with gratitude and confidence in what lies ahead for our partner organization. We are fortunate to work with some of the greatest leaders and partner organizations in the world. It’s exciting to welcome amazing new leaders as we continue to make smart investments in partner success; delivering predictability and more opportunities than ever before for our Zscaler partners to win alongside us. Want to experience the excitement and energy at this year’s Partner Summit? Check out the complete recap video above! Thu, 25 Apr 2024 10:35:51 -0700 Karl Soderlund https://www.zscaler.com/blogs/company-news/ams-executive-partner-summit-recap https://www.zscaler.com/blogs/company-news/zscaler-digital-experience-just-got-smarter-and-wiser-introducing-new-ai Businesses rely on technology to keep employees productive - organizations with 250+ employees use more than 100 SaaS apps, and todays’ end users expect flawless digital experiences when interacting with customer support, placing orders, or using online services. IT teams are the bedrock of these businesses, keeping their technology running smoothly. They must ensure that all networks, applications, and services - even those that they don't control - are always on and reliable. To this end, Zscaler is excited to introduce three new advancements that will significantly help IT teams improve efficiency, visibility, and collaboration across IT operations, service desk, and security teams. Copilot is an AI Assistant that leverages cutting-edge generative AI to answer all your app, network, and device performance questions, and offer domain-specific expertise. Hosted Monitoring enables you to continuously monitor applications and services from Zscaler-hosted, globally distributed locations to help you ensure that no customer or employee suffers from poor digital experiences. Data Explorer enables you to easily build and share customized reports that visually correlate data drawn from diverse datasets for uses ranging from troubleshooting to demonstrating IT’s impact on business performance. To learn more about these innovations, read on and watch the launch webinar where we dive deeper into these capabilities, why they are important for IT and security teams, and how you can use them. Introducing ZDX Copilot: Your AI-powered Assistant Unlike endpoint and network monitoring tools, Zscaler Digital Experience (ZDX) gathers performance metrics from 500T daily signals, and 390B daily transactions, across end user devices, networks, and applications. This simplifies your monitoring stack with a consolidated view and makes it easier to detect and fix performance issues. IT teams have to grapple with vast amounts of performance data across devices, networks, and applications. So, in May 2023, we introduced AI-powered problem detection and root cause analysis to help them accurately detect performance anomalies that can impact digital experience and make it significantly easier to isolate root cause of issues, fix them quickly, and put employees back to work faster. Today, ZDX Copilot takes us a step farther. ZDX Copilot, your AI assistant, unlocks productivity for IT teams by empowering them to get the information they need using a simple sequence of questions. Teams across IT and security benefit from using Copilot: Service desk teams Networking teams Security teams IT leaders can isolate root cause of user complaints to efficiently triage tickets and collaborate with other teams; they can also easily look up technical information can conversationally perform deep analysis across networks, applications, and regions to identify trends or find opportunities for optimization can ensure that their services are performing at all times as well as instantly expose root cause of issues and affected parties when performance lags can conveniently extract and present digital experience trends and performance insights to show progress or identify new opportunities ZDX Copilot is versatile and can be used in many ways: IT employees across functions can upskill themselves, automate tasks, draw digital experience insights, and perform deep analysis. Continuously Monitor Customer-Facing and Business-Critical Web Applications with the All-New Hosted MonitoringEarlier this year, Microsoft had connectivity issues impacting Azure, Teams, Outlook, and SharePoint for 90 minutes. Square had a DNS configuration issue, and its customers were unable to process transactions for more than 18 hours. You have likely heard about these outages, but these are only two of many more that happened. ISP, cloud service, and SaaS issues can have an enormous impact on employee productivity, customer experiences, and business performance. This is why it’s important to extend our monitoring strategy to all ISPs, applications, and services that our employees and customers across all locations rely on to connect to our business and customer-facing applications. With Zscaler Digital Experience Hosted Monitoring, you can monitor applications, such as an eCommerce website, from every region your customers are in. The Zscaler Zero Trust Exchange is distributed across more than 150 data centers on six continents, which enables users to access services securely from any device, any location, over any network. You can now continuously monitor performance of your business-critical and customer-facing applications and services from several of these locations. With continuous monitoring, you can: Ensure that your external websites perform at their best, no matter where you customers are located Monitor SLA compliance for applications and services you purchase from SaaS, cloud, datacenter, or network providers Confidently roll out new applications or expand into new regions as your business grows, whether organically or through M&A To learn more about how you can maximize your impact using hosted monitoring, review this eBook. Analyze Your Data Your Way with Data ExplorerFinally, ZDX has made it incredibly easy to gather trends and insights that are relevant to you, your team, and your business. With the new Data Explorer you simply select your applications, pick the metrics that you’d like to analyze, choose how to organize and manipulate your data, and pick the widgets using which you can visualize the results. Data Explorer provides value for engineers and managers in the following ways: Engineers can troubleshoot problems by comparing similar services or applications to expose differences and anomalies across time Managers and leaders can analyze trends that show how their team achieves their KPIs or to uncover areas for optimization How to Unlock These CapabilitiesZDX Copilot and Hosted Monitoring are available with ZDX Advanced Plus, while Data Explorer is available with ZDX Advanced and ZDX Advanced Plus. For a closer look at the various versions of ZDX, please review this comparison. Your Next StepsWith these new advancements, ZDX provides richer network and app telemetry, helping everyone in IT perform their tasks with maximum efficiency. Copilot, Hosted Monitoring, and Data Explorer give IT teams instant access to massive knowledge repositories using GenAI, so team members can upskill themselves and work collaboratively with speed and accuracy. To learn more about these innovations, watch our webinar, or request a demo. Thu, 25 Apr 2024 03:00:01 -0700 Krishnan Badrinarayanan https://www.zscaler.com/blogs/company-news/zscaler-digital-experience-just-got-smarter-and-wiser-introducing-new-ai https://www.zscaler.com/blogs/company-news/2024-zscaler-partners-of-the-year Last week at the Zscaler Americas Executive Partner Summit we announced our 2024 Americas Partners of the Year. The Zscaler Partner Ecosystem is a key differentiator and force multiplier for us in the market; from deep technology integrations, key consultancy partnerships, solutions and services partners. We have the best partners in the business. Our thriving partner ecosystem continues to grow and excel as we secure and serve the world’s largest and most renowned organizations. And our partners continue to select and invest in Zscaler as the leading Zero Trust and AI vendor in their portfolio. While each partner is unique, this year’s cohort of winners have all demonstrated significant business growth, innovation, and investments with Zscaler. We are winning together. To each of our award winners, THANK YOU for your hard work and dedication, and for consistently investing in our partnership. The co-development, innovation, and customer obsession we share enables us to better serve and secure organizations all over the world. We are stronger together; delivering superior business outcomes in the ever evolving digital transformation landscape. Congratulations to our esteemed 2024 Americas Partner of the Year Award Winners: Partner of the Year: World Wide Technology GSI Partner of the Year: Accenture Go-to-Market Alliance Partner of the Year: CrowdStrike Cloud Alliance Partner of the Year: AWS Zero Trust Solution Partners of the Year: CrowdStrike & Okta Emerging Tech Partner of the Year: Rubrik GSI Managed Zero Trust Security Partner of the Year: Wipro GSI Growth Partner of the Year: Infosys Services Partner of the Year: Optiv Growth Partner of the Year: SHI PubSec Partner of the Year: Red River New Logo Partner of the Year: CDW These awards recognize our partners who have gone above and beyond, and excelled in our ecosystem. We are proud and grateful for these partnerships as we jointly deliver unparalleled customer experiences and innovation. Thank you to each of our award winners for your partnership. We cannot wait to see all of the great achievements in the years to come. Fri, 19 Apr 2024 10:49:53 -0700 Karl Soderlund https://www.zscaler.com/blogs/company-news/2024-zscaler-partners-of-the-year https://www.zscaler.com/blogs/company-news/zscaler-acquires-airgap-networks-extends-zero-trust-sase OverviewToday, Zscaler has announced the next major step in its Zero Trust SASE leadership by signing an agreement to acquire Airgap Networks, which provides agentless segmentation for enterprise IT and OT environments. With this acquisition, Zscaler will combine its Zero Trust SD-WAN with Airgap to extend the Zero Trust Exchange to protect east-west traffic in branch offices, campuses, factories and plants with critical OT infrastructure. This next step in our SASE leadership will eliminate the need for east-west firewalls, NACs and microsegmentation and deliver greater operational simplicity. Controlling lateral movement is the cornerstone of Zero TrustTo understand why today’s news is important, let’s reflect on challenges that organizations face in combating attackers. Adversaries are becoming faster and ever more effective at evading even the most sophisticated security controls with AI-enhanced social engineering and identity-based attacks. Once they compromise an organization, they then move laterally to get to sensitive data or critical resources. Once the targets or crown jewels (typically high value data) have been identified and reached, the goal is to exfiltrate the data as quickly and quietly as possible. While Zero Trust cannot be achieved without a holistic strategy that addresses every stage of this typical cyber attack chain - also known as a defense-in-depth approach - restricting lateral movement, and proper containment of the adversary once your organization has been compromised, is where real Zero Trust technologies must prove their worth. To date, the primary vehicle for addressing lateral movement on local area networks has been network-based segmentation and microsegmentation. How traditional segmentation and firewalls have fallen shortSegmentation has been carried out with aging, IP-centric networking technologies like NAC and east-west firewalls, managed through complex constructs like ACLs based on MAC, IP addresses and VLANs. This complexity places considerable strain on network operations teams forced to write, maintain and update countless ACLs or internal firewall rules while addressing the inevitable misconfigurations that break business critical applications or leave gaps in segmentation coverage. The complexity that east-west firewalls bring means most segmentation projects are never fully implemented and, even those with partial completion quickly experience segmentation policy drift as workloads and applications move and organizations’ environments change. The significance of a ‘network of one’Why is Airgap’s technology so compelling? Their agentless, identity-based approach to segmentation is a total re-think of the complexity of legacy segmentation approaches, for stronger, more predictable segmentation outcomes and greater operational simplicity. This highly secure but simplified approach includes Dynamic Host Configuration Protocol (DHCP) proxy, which creates a "network of one" for all connected endpoints, including those enabled with static IP. For example, the DHCP proxy intercepts all DHCP requests from devices trying to join the LAN. This enables Airgap to assign a /32 IP address and default gateway, effectively creating a segment of one. Airgap can then dynamically control access through continuous assessment of identity and context. Now, Airgap can provide visibility and policy enforcement at every connected endpoint without adding any software to those sensitive endpoints. This approach eliminates the risk of east-west lateral movement on local networks as well as the complexity of traditional segmentation approaches like east-west firewalls, without hardware upgrades or operational disruption. Agentless SegmentationIt is critical to understand that an agentless approach is essential for effective east-west segmentation on LANs, given that in many scenarios, be it unmanaged devices, aging legacy servers, or headless IoT/OT infrastructure, deploying agents is an impossibility. However, with Airgap, Zero Trust segmentation is possible in campus LAN and OT environments, no matter the device. Comprehensive Zero Trust Segmentation If you have been a customer or followed Zscaler, you’ll know we take segmentation very seriously, as a measure to counter lateral movement of threats. In the Zero Trust Exchange, we currently protect thousands of organizations with Zero Trust Segmentation which comprises multiple methods of segmentation depending on the environment and scenario. This includes Zero Trust SD-WAN to securely connect locations and segment them without site-to-site VPNs. Zero Trust Segmentation is made up of: User-to-app segmentation: Users access private applications directly, without being put on a network. Location Segmentation: Zero Trust SD-WAN ensures connections are made directly to applications from an office, rather than connecting to a routable network. No more site-to-site VPNs Workload segmentation: Least-privilege access segments cloud workload-to-workload communications across hybrid and multi-cloud environments. Now with Airgap, we further extend Zero Trust Segmentation to deliver visibility and segmentation for east-west traffic on LANs, including critical OT environments. Some of the use cases that can be addressed on day one are: East-West Firewall Replacement We will extend Zero Trust to the LAN by enforcing segmentation on east-west traffic. This shrinks the internal attack surfaces and eliminates the threat of lateral movement on campus, data center, and OT networks. There is no need for NAC or firewall-based segmentation. To enforce zero trust segmentation on campus, branch, and data center networks, Airgap will: Automatically provision every device into a segment of one (/32) Auto group devices, users and apps by analyzing the traffic patterns. This prevents rogue devices using MAC spoofing to get on to the network. Dynamically enforce policies for east-west traffic based on identity and context of users and devices. IT/OT SegmentationAirgap’s technology acts as a ransomware kill switch, disabling non-essential device communication to halt lateral threat movement without interrupting business operations. Airgap’s solution neutralizes advanced threats, such as ransomware on IoT devices, OT systems, and agent-incapable devices. To secure IoT and OT, Airgap will: Autonomously group and enforce policy for known MAC addresses on any device; eg. RDP access to cameras denied except for Admins Automatically isolate unknown MAC addresses to limit blast radius in case of a compromised device. Integrate with asset management systems for secure access control policies. Automatic Device Discovery & ClassificationA significant portion of IT/OT traffic stays within the factory or campus, hence it is important to have continuous visibility into east-west traffic. With automatic device discovery and classification, network admins can better manage performance, uptime and security for IoT/OT systems without complex inventory management. For network and device visibility, Airgap will: Discover, classify and inventory IoT/OT devices without the need for endpoint agents Get a baseline of traffic patterns and device behaviors in order to determine authorized and unauthorized access. Gain AI-driven network insights for performance management and threat mapping. Modern segmentation for the enterprise, without the complexity Eliminate lateral threat movement across the LANs. Reduce operational complexity and cost associated with legacy segmentation tools. Gain enhanced visibility into east-west traffic with discovery, classification and device inventory without the need for endpoint agents. We invite you to learn more about Airgap’s technology in an upcoming briefing on April 16th. Thu, 11 Apr 2024 05:00:00 -0700 Naresh Kumar https://www.zscaler.com/blogs/company-news/zscaler-acquires-airgap-networks-extends-zero-trust-sase https://www.zscaler.com/blogs/company-news/zscaler-is-showcasing-zero-trust-and-ai-at-the-2024-aws-summit-events-across-europe In today’s dynamic digital landscape, organizations are rapidly adopting artificial intelligence (AI) and Generative AI (GenAI) tools to increase productivity, gain new insights, and obtain a competitive advantage. The newly released Zscaler ThreatLabz 2024 AI Security Report sheds light on key trends, risks, and best practices in enterprise AI adoption, along with insights into AI-driven threats and key strategies to defend against them. Analyzing over 18 billion transactions from April 2023 to January 2024 across the Zscaler Zero Trust Exchange cloud security platform, some of the key findings are: Enterprise use of AI/ML tools has skyrocketed by nearly 600% 569 terabytes of enterprise data exchanged with AI tools ChatGPT usage has increased by 634%, even though it is also the most-blocked AI application by enterprise organizations AI is empowering threat actors in unprecedented ways This is not just a numerical phenomenon but represents a profound shift in the way organizations across industries and geographies are embracing AI technologies. However, with terabytes of data sent to various AI tools, the need for effective data protection measures is a top priority. Not only driven by the need to classify and protect sensitive data to prevent it from leaving the organization by mistake, but also to prevent data exfiltration caused by bad actors, malware, and new AI-powered threats. Never has the demand for robust cybersecurity been more important.Zscaler Leadership and Advantage: In AI, Data Wins Enabling more secure use of AI and GenAI tools in organizations and using AI to provide a stronger security posture are two crucial aspects in the modern landscape. An AWS Advanced Technology Partner, Zscaler has been a leader in zero trust for over a decade. As organizations wage the battle against cyberattacks, they must deploy robust defense systems, including zero trust architectures that utilize AI to effectively combat evolving threats, while keeping users productive. The best AI is powered by the best data, and that is what makes Zscaler stand out. Operating the world's largest security cloud and processing over 400 billion transactions daily, Zscaler ensures access to the most relevant cyber threat data. Prioritizing three key elements for effective enterprise AI – vast datasets exceeding 500 trillion daily signals, deep domain expertise, and a skilled team of data scientists, Zscaler leverages complete logs, full URL and anonymized data to train their LLMs. This approach ensures rich data for AI training, unlike DNS and firewall logs, which often lack detail or are blind to encrypted traffic. As a result, Zscaler continually improves its AI models with high-volume, high-quality data, empowering IT and security teams with valuable insights and solutions. Come and visit us at the 2024 AWS Summit events As apps move to the cloud, cyberattacks become more sophisticated, and users work from anywhere, using any device, perimeter security using VPNs and firewalls provide incomplete, inconsistent security and a poor user experience. With the Zero Trust Exchange powered by AI, Zscaler provides comprehensive visibility, control, and security for all cloud based applications within a unified platform. At the 2024 AWS Summit events, you can discover how Zscaler empowers organizations to: Improve security posture with zero trust Reduce attack surface and prevent lateral threats Accelerate migration of on-prem apps to AWS Enjoy fast, direct access to private apps and workloads Deploy AI-powered security for sensitive data, workloads, and GenAI data And more Visit us at the 2024 AWS Summit events, which include EMEA stops at: Amsterdam on April 9 London on April 24 Berlin on May 15-16 Milan on May 23 Stockholm on June 4 Madrid on June 5 The 2024 AWS Summits are free events that bring the cloud computing community together to connect, collaborate, and learn about AWS. Stop by our booth to learn more about Zscaler solutions for AWS and how to safely embrace GenAI tools, while leveraging AI for an improved security posture. To learn more about the 2024 EMEA AWS Summit events and to register, click here. And to learn more about Zscaler solutions for AWS visit our website. Tue, 09 Apr 2024 02:07:52 -0700 Yaroslav Rosomakho https://www.zscaler.com/blogs/company-news/zscaler-is-showcasing-zero-trust-and-ai-at-the-2024-aws-summit-events-across-europe https://www.zscaler.com/blogs/company-news/mobile-world-congress-shows-a-vision-of-even-more-connected-things I approached this year’s Mobile World Congress as I usually would – with a very open mind. However, this year was different. It was far more fulfilling than previous years and, in some ways, had me feeling overwhelmed. Not so much by the sheer distances walked each day (approximately 20 kilometers) but by the types of discussions about the state of the telco industry and its future directions that were both enlightening and refreshing. For the first time I had the feeling that 5G will reach new milestones this year based on the various innovations that were on show. Telco networks need to seize opportunities Network operators globally are shaping their future, with MWC serving as the perfect moment to come together and discuss perspectives and the various opportunities that need to be recognised. Within this, what they can offer with regards to insights into data streams and providing additional overlays or security services on top to make their services more valuable and stick for customers were some of the key focus points. More important, however, is the growing opportunity to be more connected than ever before, offering the maximum potential of interconnectivity. Thanks to this, there is a clear opportunity for collaboration and the critical next steps that will define the future of telco networks for years to come. For this to happen, however, telcos must start seeing the value of their infrastructure. Similarities can be drawn with parallel industries, take banking for example. The SWIFT network is critical for international money transfers. While this network is great, there was a demand from consumers to have a faster, simpler network to move money. Given this, the financial industry has complied with more agile alternatives such as the VENMO, PayPal, and intra bank networks to deliver high speed financial transactions. These additional services are what drive adoption and value add to financial networks. Telcos, however, risk falling into two traps: Becoming a network provider to simply move data traffic or expanding their offerings by bundling additional services, such as partnering with Netflix as part of an entertainment package at no extra charge. So far in Telco we haven’t seen a level of innovation within its services that will lead to the additional demand for and consumption of said services. This is where true innovation will happen in the near future. Optimisations are required between every single network and service operator that is delivering and or creating content. In the age of AI, the level of data and measurement that can be consumed to ensure the best sets of services must be leveraged. From understanding how to best compress a video file through to moving and allowing disparate edge computing usage. All of this is to be delivered through intelligent insights. A few companies have the foresight to realise that they must start looking into the contextual aspects of interconnectivity. It is more important to figure out why a specific device is connected on a specific network, when thousands of devices are making connections every second. Telco providers need to find a way to bucket this information to orchestrate the data streams effectively and deliver on the value of the data that is created. My key takeaways from the show are: SIMS are literally everywhere From facilitating seamless communication between devices to enabling groundbreaking technologies, the versatility and adaptability of SIM cards are redefining the boundaries of connectivity. E-SIMS will allow organisations to provide country-specific access to data that travels with the user. The question that pops into my head is how these data streams will be secured in the future? 5G is real 5G is no longer a theory only, even in Europe. While we still don’t have the proper standalone 5Gs in Europe, private 5G has matured to be widely accepted and used. We were always waiting for the killer app in previous years and speculating about the virtual reality goggles occupying this space. More and more applications are demonstrating the potential of virtual worlds this year, e.g., for training purposes. Data sovereignty is a driving force Given our fragile global situation, the topic of data sovereignty has been getting more attention. Organisations and governments alike want to be able to take active control of the locations of their data, and not only data resilience. The debate steered by NIS2 and new security measurements for national critical infrastructures ties into this data sovereignty, software, and cloud ecosystems as well. Moving forward, the focus will be on connectivity being delivered everywhere now that almost everything is SIM enabled. There will also be questions around how telcos will make use of all the available information, and perhaps more importantly, how they can orchestrate it in one environment and deliver effective controls. The great unifier is security – every user, company, and service demands uniform security on any network. Zscaler as the world’s largest cloud security service, available everywhere, is in a poignant situation to deliver this glue. Wed, 20 Mar 2024 04:06:08 -0700 Nathan Howe https://www.zscaler.com/blogs/company-news/mobile-world-congress-shows-a-vision-of-even-more-connected-things https://www.zscaler.com/blogs/company-news/ai-powered-sales-leadership-transforming-the-playbook-for-world-class-coaching We are in an era of change brought about by AI. There’s a lot of positivity but also uncertainty. For sales leaders, the advent of artificial intelligence (AI) presents an opportunity to rewrite the playbook for optimising our impact across our whole team. There’s an opportunity to capitalise on the processing power of AI to amplify sales leaders’ experience and talent. Currently, I have the privilege of running our sales leadership enablement in EMEA at Zscaler, and advising external GTM leaders. I’ve also been doing some independent research into AI. As such, I have developed a good understanding of the current challenges sales teams face and how AI could assist us in being more effective leaders in the future. Current State: Human-Powered Sales Forecasting In sales, managing the forecast is one of the key challenges for leaders. Managing the forecast today can mean getting intimately involved in as many deals as possible so that you can spot risk, coach the people involved, and drive the right actions and urgency directly. This approach has, in the past, worked effectively at delivering the forecast, but with clear drawbacks: inconsistency, time drain, and inability to scale. Sometimes referred to as the “hero” approach, “saving” deals can be exhausting for leaders and can unintentionally create a micro-management style of culture that can lead to other challenges. In addition, a sales leader can only focus on a few key deals at a time, sometimes sacrificing support for the vast majority. The Data Dilemma Sales leaders are not data analysts. Currently, they are expected to review large amounts of performance data constructively, extract the necessary insights efficiently, and translate these insights into coaching opportunities for their salespeople. Traditionally, we use leading indicators to help us understand what activities will deliver success for our salespeople and sales leaders. These are powerful metrics that shape the weekly and quarterly operating cadence for our teams. These leading indicators are manual inputs. E.g.: Number of new business meetings Number of opportunity progression meetings Proof of values Pipeline coverage, etc. Leading indicators have always been very important because we need a scalable way of measuring how to protect the business now and in the future. However, what every good sales leader knows is that for each person, business unit, region, and market, there are always discrepancies based on the skill of the individual, their tenure, the market, the culture of the region, etc. Therefore, it becomes challenging to cater for these nuances at scale and the manual inputs can feel limited. In an age when we can develop deeper insights, imagine if we could tailor make leading indicators that are fit for each individual, team, or region. The human-powered playbook for sales leaders stops working at scale As the needs of our employees change and the metrics for success remain constant, there is an opportunity to evolve this traditional playbook, looking toward new tools for assistance. Specifically, AI can help us to scale our ability to coach our people, understand potential business risks, and deliver for the business. Future State: AI-Assisted Analysis & Insights to Optimise Sales Coaching The charter for sales leadership has always been about prioritising their people – putting them before the deal and providing the right tools to be successful. Now we have an opportunity to expand our coaching at scale using data to guide us to the right areas of focus. There is a huge opportunity for sales leaders to develop their management style and transition from being dealmakers to being transformative coaches, assisted by AI. You may have heard of the term “Building a Second Brain,” coined by Tiago Forte: “Building a Second Brain is a methodology for saving and systematically reminding us of the ideas, inspirations, insights, and connections we’ve gained through our experience … . A Second Brain ultimately expands our memory and our intellect using modern tools of technology.” AI presents the potential to serve as a second brain, helping bridge the gap between a sea of data to having effective coaching conversations. Ultimately, helping leaders scale. For instance, imagine an AI tech stack that can help us ingest the sea of data across deals, learn the patterns and trends across the entire GTM salesforce, benchmark the performance data against the norm, trend this information and tailor it at scale for specific individuals, then create intuitive, human-like written insights that are easy for sales leaders to understand in the moment so that they can coach their team effectively on where to focus their time and energy. AI could finally be the technology that can help sales leaders develop insights from the pool of performance data in real time so that they can deliver impactful coaching for their people. I’m privileged to be a part of this game changing transformation. It’s an exciting time for all sales leaders if we adapt and evolve the way we think and behave. This topic is top of mind for myself and the other sales leaders at Zscaler and across industries. I welcome you to join the conversation, perhaps by responding to this prompt: How can AI help us rewrite the Sales Leader playbook, and help us become world class coaches? If you’re interested in learning more about the advancements we’re driving and the opportunities for growth within Zscaler’s sales organisation, please DM me directly to begin the conversation. Thu, 22 Feb 2024 07:29:08 -0800 Jason Creane https://www.zscaler.com/blogs/company-news/ai-powered-sales-leadership-transforming-the-playbook-for-world-class-coaching https://www.zscaler.com/blogs/company-news/the-old-social-engineering-playbook-now-with-ai When you’ve been in the security world long enough, you start to see old playbooks being reused, with new technology. Case in point: ‘Deepfake’ has been an increasingly common phrase in the news, describing digitally manipulated video being used to misrepresent a person or falsify identity. The latest example of deepfake targeting, where a successful video call resulted in a 25 million USD money transfer, captured people’s attention for a number of reasons. The main news value was in the enormous amount of money that the attackers were able to steal by faking a single video call. In itself, the technical playbook used to trick the person was nothing new. However, this deepfake example demonstrated once again just how high a level of sophistication is possible when AI is orchestrated creatively. People generally fear a relatively new technology, like AI, because they can’t immediately grasp its full potential and they have a fear of the unknown. Similarly, technological advancements also scare people when they feel like they pose a threat to their sense of security or working lives, such as losing their jobs to AI. The social engineering techniques used by adversaries have continuously evolved and usually these adversaries are faster to adopt new technologies for their benefit than we, the defenders, are to protect their victims. You can see examples of this in the not too distant past: In times of modem connectivity, a common piece of malware would dial up a modem in the middle of the night and connect it to a toll number, leading to enormous bills. A few years ago, a rash of malicious android apps hacked mobile phones to dial toll numbers as a way to make quick and easy money – which was basically a modern form of the old modem dialer tactic. Cryptominers harvesting the compute powers of infected systems was then the next step in this evolution. The human risk factor History has shown us a number of examples of the old social engineering playbook in use. The technique of faking a senior executive‘s voice by reusing publicly available audio clips to threaten users into taking action is already fairly well known. Faking video sessions showing a range of people in a live and interactive call, however, reaches a new (and scary) level of cybercriminal sophistication and has therefore sown a new level of appropriate and respectful fear around AI’s technological evolution. It is the perfect demonstration of how easily humans can be tricked or coerced into taking action – and of bad actors using this to their advantage. But this attack also highlights how a new piece of technology can enable adversaries to do the same tasks they have been doing before, but more efficiently. And bad guys are taking advantage of this technological advancement fast. Unfortunately, the general public is still not fully aware of how social engineering techniques continue to evolve. They don't follow security news and trust that these kinds of attacks will never happen to them. This is what makes traditional security awareness training difficult to prove effective, the public doesn’t believe they (as individuals) will be targeted. So when it does happen, they are unprepared and are duped into falling prey to the social engineering attack. In the wake of this recent attack questions were also raised about how – if AI is really good enough to make these video scenarios look so realistic – an employee would have any chance of detecting the fake. The fact is that human beings are not machines, and they will always be a risk factor as an organisation‘s first line of defence because they will have a variable level of security awareness (no matter how good the internal training process might be). Imagine if someone has a bad night or returns home late from a business trip or sports event. They simply might not be as laser-focused on detecting modern social engineering techniques or paying attention to the details the following day. The big challenge is that AI won’t have an off day – its targeting will remain consistent. The technology to fight these playbooks already exists – but it is not widely used The fact that these kind of plays keep working shows that businesses have not yet adapted their security and organisational processes to handle them. One way to counteract deep fakes videos starts at the (security) process level. My first idea is a simple one: to ensure that teleconferencing systems include a function to authenticate a logged-on user as a human being. A straightforward plug-in could do the job, employing two-factor authentication to verify an identity within Zoom or Teams, for example. Hopefully such an API would be fairly easy to develop and would be a huge step forward in preventing sniffing attacks via the phone as well. Additionally, the mindset about being afraid of AI has to change. It is an amazing piece of technology, not only when it is misused. Society just needs to understand its boundaries. AI can actually be implemented to stop these sorts of modern attacks if security executives learn how to control the problem and use the technology to get ahead of the bad actors. Deception technologies already exist, and AI can be used to detect anomalies much faster and more effectively, showing its potential for good. From a more all-up security perspective, adapting a Zero Trust mentality for security can enable organisations to continually improve their security posture on the process level. Zero Trust could not only help on a connectivity level, but it could also improve security workflows, which helps to verify whether everyone in a call is authenticated against an internal directory. Zscaler‘s Identity Threat Detection and Response (ITDR) is already mitigating threats that are targeting a user’s identity. With the help of the new service, the risk to identities is becoming quantifiable, misconfigurations are being detected, and real-time monitoring and privileged escalations are helping to prevent breaches. Finally – going back to the initial example of the successful deepfake – it is hard to believe that you can transfer so much money in a modern organization without verification processes operating in the background. Organisations would be well advised to check the overall risk level of such processes within their own infrastructure. It would raise the barriers to an attack greatly, if solid administrative processes were put in place to reduce risk – not only in the security organisation, but for operational processes like payments authentication as well. Not everything needs to be enhanced by a technological solution. Sometimes a new procedure where two people must sign off on a funds transfer could be the step which protects the organization from losing $25m USD. Tue, 20 Feb 2024 05:54:06 -0800 James Tucker https://www.zscaler.com/blogs/company-news/the-old-social-engineering-playbook-now-with-ai https://www.zscaler.com/blogs/company-news/nis-2-0-new-cybersecurity-rules-eu Back in 2021, the White House issued an executive order compelling federal government agencies to develop a plan for implementing a zero trust architecture. This was followed by a memorandum that mandated federal agencies to achieve specific zero trust security goals by the end of 2024. Last year, as you may have heard, the SEC in the United States issued new rules compelling publicly traded companies to disclose material cybersecurity breaches. As it’s happened, the SEC has wasted no time in showing its regulations have teeth, with the first prosecutions having already taken place. So, there’s a lot going on in the USA, but it’s not the only place in the world where policymakers are pushing for—or even mandating—the adoption of zero trust principles. This year the European Union will be updating and tightening its Network and Information Systems (NIS) directive, and as anyone who experienced the arrival of the GDPR regulations on privacy will tell you, the reach of EU regulations can be great indeed. NIS 2.0 The NIS 2.0 directive comes into force in October 2024, mandating that management bodies within organizations in specific categories implement cybersecurity risk management measures. Impacted categories extend to: Energy Transport Banking Financial market infrastructure Health Drinking water Wastewater Digital infrastructure ICT service management (B2B) Public administrations Space Postal and courier services Waste management Manufacture, production, and distribution of chemicals Food production, processing, and distribution Manufacturing Digital providers Research As you can see, the directive is focused on critical physical and digital infrastructure within EU member states, but it also has reach. It applies not only to organizations within the EU, but also to any organization worldwide that provides services to any of the protected sectors within the EU. As with the SEC regulations, there are strict rules for prompt incident reporting. The stick The picture is abundantly clear at this point. Government bodies in regions covering hundreds of millions of citizens have recognized that the risk of inadequate cybersecurity practices is severe enough to warrant strict regulations and even severe penalties. The carrot has been in place for many years—now comes the stick! The carrot So, what’s the carrot? What are the positive aspects to strengthening your security defenses? Sure, it starts with reducing cyberattack risk and achieving compliance, but what else? Organizations that implement robust cybersecurity practices stand to gain significantly in terms of cost reduction, competitiveness, business continuity, and customer trust. Not just one carrot, but a whole bunch! Help is at hand. The NIS 2.0 directive itself includes clear guidance on how to improve your cybersecurity stance, and you won’t be surprised to learn that the first recommended cyber hygiene practice listed is the adoption of zero trust principles. In fact, as you review these lengthy regulatory and legal requirements, zero trust comes up routinely as the holy grail to aim for. “Users should log into applications, rather than networks” Help is also available from Zscaler, where we’ve been designing and building the foundational pillars of a zero trust architecture since 2007. If you’d like to speak to someone about implementing zero trust and achieving regulatory compliance, whatever your industry, please get in touch. Alternatively, join one of our monthly introductory webinars to learn more and ask questions. Click here and search ‘start here’ to find the next session to sign up for. Tue, 20 Feb 2024 00:00:02 -0800 Simon Tompson https://www.zscaler.com/blogs/company-news/nis-2-0-new-cybersecurity-rules-eu https://www.zscaler.com/blogs/company-news/now-and-next-how-zscaler-transforming-fuel-channel-success Looking back at 2023, it was impossible to escape the constant buzz surrounding cybersecurity incidents in the market. But amid the chaos, one thing became clear: the cybersecurity market was booming and the role of leaders and partners in ensuring customer safety was crucial. The same still rings true in 2024. As the cyber security market continues to evolve, Zscaler is proud to be at the forefront of innovation, and now, we’ve put the programs in place to allow our partners thrive in this digital era alongside us. Both for what’s now… and what’s next. As we step into the second half of Zscaler’s fiscal year, we’re proud to showcase to partners the army of new opportunities we’ve designed to grow their business, maximize earnings, and elevate their skills. This includes a revamped incentive structure and new selling motions that empower partners with more collaborative selling opportunities throughout the sales cycle to deliver the greatest customer experience in their journey to digital transformation. We have transformed our partnering foundation to provide comprehensive support throughout the customer lifecycle. You’ve probably heard me say it before, zero trust is a team sport. In the 1H half of the year, we took on both an internal and external transformation to ensure that we have purposeful alignment, process, and engagement with our partners throughout the customer lifecycle. This means, from the earliest stages of our world-class sales process to the final delivery, our partners are integrated every step of the way, embedding their services and support to help our customers transition from legacy appliances to a true zero trust model. We’re leading the charge with the market-leading platform, and now the most lucrative incentive framework, in the market today. With the most comprehensive platform in the market today, Zscaler leads the charge. And now, we have introduced the most lucrative incentive framework to match. Over the past six months, my team and I hit the road to listen to our partners and understand what they truly desire in a partnership. One thing stood out loud and clear: they want to work with vendors who offer the most comprehensive security platform and drive profitability. That's why we have enhanced our incentives framework and channel-led selling motion, offering larger payouts, increased discount advantages, and performance bonuses. We want our partners to earn more and thrive in the cloud security market, establishing themselves as trusted advisors. As the digital landscape continues to evolve, Zscaler remains dedicated to supporting partners in driving customer success and achieving mutual growth. We’re empowering our partners to thrive in the cloud security market and establish themselves as trusted advisors. We know that for Zscaler and our partners alike, our number one commitment is driving customer success in the ever-evolving digital era. That’s why Zscaler not only continues to innovate its cloud security offerings to address emerging threats and challenges, but in the first half of our year, we simplified our certifications to help our partners become experts and build practices around zero trust. We also launched targeted enablement around Zscaler-powered customer outcomes to help our partners lead the way as trusted advisors to our customers. But our journey is far from over. As we enter the second half of our fiscal year, we have more exciting announcements lined up to fuel partner success. We will introduce new offerings and specializations to help partners seamlessly integrate Zscaler into their practices. We will optimize our collaborative partnering approach and launch industry-leading tools to make Zscaler the easiest to do business with in the industry. We’ll also continue to be in the field with you each and every day, to make sure our valued partners have the support to deliver transformational outcomes to our customers. We have achieved a lot in the first half of the year with your feedback and support throughout this transformative journey. We are fully dedicated to supporting our partners in reaching their maximum potential with Zscaler, both with what’s now and what’s next. Together, we are changing the channel and revolutionizing the cybersecurity market. Thu, 08 Feb 2024 05:00:02 -0800 Karl Soderlund https://www.zscaler.com/blogs/company-news/now-and-next-how-zscaler-transforming-fuel-channel-success https://www.zscaler.com/blogs/company-news/zscaler-appoints-steve-mcmahon-new-chief-customer-success-officer In the past year, Zscaler achieved a significant milestone by surpassing $2B in ARR. We take great pride in the fact that we accelerated from $1B to $2B ARR within a span of just seven quarters. Looking ahead, our sights are set on surpassing $5B ARR, a testament to our continuous growth and the trust placed in us by over 40% of Fortune 500 companies for their secure digital transformation. As we embark on this journey, we are diligently ensuring that our organizational structure and leadership are well-equipped to propel us to the next level of success. While Zscaler has many impressive stats about its business, the stat I’m most proud of is the Net Promoter Score (NPS) of over 70 while the average NPS score for SaaS companies is 30. This is driven by our innovative architecture and customer obsession which are part of our key values. The organization that plays a critical role in making sure our customers are delighted is Customer Success. To scale the customer success organization and continue exceeding expectations of our global customers, I’m excited to welcome Steve McMahon to Zscaler as our new Chief Customer Success Officer. This strategic addition to our leadership lineup demonstrates our ongoing commitment to delivering exceptional customer experiences and driving long-term growth. With over 25 years of customer success and services experience at a range of leading technology companies including Cisco, Splunk and, most recently, CrowdStrike, Steve has the expertise and know-how for developing strategies and programs that drive customer satisfaction, retention, and advocacy. His extensive experience in this space will enable us to further optimize our customer engagement model, ensuring that we are providing the right level of support at every stage of the customer journey. The trusted relationship we establish and cultivate with our customers is paramount to our business, which is why customer obsession has always been at the heart of everything we do. I am confident that Steve’s contributions will have a positive impact on our organization and help us maintain our focus on driving customer loyalty and satisfaction. Please join me in extending a warm welcome to Steve and a big thank you to the Zscaler team for your continued support and commitment to making Zscaler the leader in cloud security. Wed, 31 Jan 2024 11:01:44 -0800 Jay Chaudhry https://www.zscaler.com/blogs/company-news/zscaler-appoints-steve-mcmahon-new-chief-customer-success-officer https://www.zscaler.com/blogs/company-news/quo-vadis-zero-trust-zscalers-one-true-zero-live-roadshow-provides-the-answers At the London tour stop on 29th of November 2023, companies will receive practical tips on how to unlock the full potential of Zero Trust While a lot of educational work has had to be carried out around the Zero Trust security framework in recent years, there is now agreement that we’ve reached the tipping point for mass adoption. In order to remain competitive, companies are transforming their IT processes, reducing the complexity of their infrastructures, and trying to derive maximum benefit from automation and digitalization. Zero Trust-based security for users, workloads, IoT and OT environments, as well as B2B connectivity with external partners helps to realize these transformation goals. That’s not to say that discussion around the potential of Zero Trust is no longer important – if anything it is more important than ever. Today‘s decision-makers are faced with a flood of Zero Trust offerings and have to choose which approach – whether a single solution or a highly integrated, cloud-based platform – best fits their digitalization strategy and will most efficiently support the consolidation of their IT infrastructure. Meanwhile, ever-changing compliance requirements and regulations such as DORA and NIS2 add new challenges and must also be taken into account. Our European One True Zero Live Roadshow will demonstrate how the right Zero Trust framework can help companies overcome even the most complex of challenges – from protecting against cyber threats, to ensuring data security, enabling borderless connectivity, and unlocking business analytics. Zero Trust: No longer if, but how! To bring a holistic Zero Trust strategy to life, every company must first do its homework. Implementing Zero Trust principles of least privileged access to data and applications typically necessitates a total shake-up of the established IT infrastructure. This not only means considering the segmentation issue that we’ve had for the last 20 years, but also how to deal with the flood of data and provide comprehensive, identity-based data protection in the age of growing cybercrime. The focus must be on determining who has access to what. And companies often need solid advice on how to start answering this. Last but not least, companies must ask themselves which identities can still be trusted and how artificial intelligence (AI) can be used profitably and safely. Zscaler’s latest “All eyes on securing GenAI” survey highlights the dilemma companies face when dealing with a new technology like generative AI (GenAI). 95 percent of the IT decision-makers surveyed worldwide said their organization is already using GenAI tools to varying degrees, and yet 89 percent also see the technology as a potential security risk. How does Zero Trust help address this challenge? Implementing Zero Trust in practice During our tour stop in London, we’ll be presenting new technologies and practical case studies that help bring Zero Trust to life – showing how it can reduce business risks, optimize productivity and increase the flexibility of companies, while enabling them to implement technologies like GenAI in a secure and controlled way. The agenda includes a panel discussion with four customers who have already overcome the hurdles of implementing a Zero Trust architecture, as well as technical presentations and demos around the four core areas of modern security: Cyber Threat Protection: How can companies efficiently protect themselves against the ever-present dangers of ransomware attacks using AI-based tools for threat prevention, segmentation and isolation? The topic of identity theft will also be covered – examining how, with the help of deception technologies, companies can create a “negative trust” environment to mislead attackers. Data Protection: The classification of critical data – and understanding where different data types are kept – are two of the core challenges facing any company looking to get started with Zero Trust. The roadshow will demonstrate how automated data detection and classification works, how shadow vulnerabilities are identified and how data in motion can be secured across all channels. Zero Trust Connectivity: Zero Trust can be used not only to protect data streams to the Internet, but also for secure connectivity between users, branches, production sites and IoT/OT devices. Given the rapidly increasing amount of workloads in the cloud, these communication flows also need to be monitored. Business Analytics: The Zscaler Zero Trust Exchange Platform provides a powerful framework for risk quantification and visualization to address cybersecurity risks. Zscaler Risk360 helps managers make informed decisions to reduce cyber risks based on a holistic view of the security situation in real time. The AI-based analysis of data streams also helps optimize the digital user experience. Leaning into their deep insights around the implementation of Zero Trust from a customer perspective, Zscaler experts will be on hand during the event to offer practical tips and assistance to those setting up their own projects – from structuring the process, to classifying data and policies as a basis for meeting legal requirements. The event will also encourage peer to peer exchanges, giving anyone who has embarked on the path to secure digitalization based on Zero Trust the opportunity to share valuable learnings. This includes former Zscaler clients, who now act as transformation strategists, accompanying interested parties on their quest to redesign their digital infrastructure. Exploit untapped potential The right Zero Trust platform can provide the answer to all of today’s business and organizational infrastructure requirements. From supporting hybrid working, to securing workloads in the cloud, or enabling future scenarios for securing applications at the edge, the roadshow will show the potential for Zero Trust to lead to a truly holistic transformation. Zero Trust can do so much more than just strengthen a company's security posture. Are you ready to be inspired? Register for the One True Zero Roadshow in London today! Mon, 20 Nov 2023 04:43:19 -0800 Marc Lueck https://www.zscaler.com/blogs/company-news/quo-vadis-zero-trust-zscalers-one-true-zero-live-roadshow-provides-the-answers https://www.zscaler.com/blogs/company-news/reimagine-your-cloud-security-zscaler-aws-re-invent-2023 Zscaler will be at AWS re:Invent 2023, running November 27 - December 1 in Las Vegas! This will mark our second year attending AWS’s premier technology conference. If you’re heading to Vegas, be sure to visit us at booth #1259. We’ll be hosting exclusive giveaways (including a raffle for multiple drones), but even better, you’ll have a chance to learn about our latest groundbreaking features and see up close how Zscaler can secure your organization. We also recently revealed several innovative capabilities for Zscaler Workload Communications that will significantly improve your cloud workload security, including: Integration with AWS user-defined tags: This unique capability enables you to create custom security groups based on user-defined tags and native attributes in AWS, eliminating the complexity associated with legacy methods. Auto discovery of cloud resources in real time: Zscaler's native integration with AWS enables real-time automatic discovery of VPCs, subnets, and EC2 resources, along with their associated tags and attributes. Securing multi-session VDI deployed in the public cloud: An industry first, Zscaler inspects all ports and protocols for multi-session, non-persistent VDI deployments in the public cloud. Check out our recent launch blog post for more details. In addition to demonstrating how Zscaler can improve your cloud security, we’re hosting some awesome events in partnership with AWS, Okta, and Splunk. To register for these events, reach out to your Zscaler account team and visit our page! Learn more about our recent innovations in New Zero Trust Innovations Radically Simplify Cloud Workload Security. You can also visit our solution page. To learn more about what Zscaler is doing at AWS re:Invent, click here. And if you haven’t already, to register for AWS re:Invent 2023, visit their homepage. Wed, 15 Nov 2023 08:00:01 -0800 Franklin Nguyen https://www.zscaler.com/blogs/company-news/reimagine-your-cloud-security-zscaler-aws-re-invent-2023 https://www.zscaler.com/blogs/company-news/all-eyes-on-securing-gen-ai Survey shows that organizations rush to use generative AI tools, despite significant security concerns The IT world has a tendency to repeat itself in terms of the mistakes it makes scrambling to adopt the latest technology innovations. The best current example of this is the rush we have seen in the last year to adopt generative AI (GenAI) tools, which was kicked off by the popularity of ChatGPT. The proliferation of new GenAI applications parallels what we witnessed with SAAS. Organizations rushed to migrate applications from their datacenters into cloud environments and only started to worry about their security (and performance) as an afterthought. Zscaler recently commissioned research titled “All eyes on securing GenAI“ to uncover how today’s enterprises are utilizing GenAI tools, the security implications of this rapid adoption, and the ways in which intellectual property and customer data is being protected along the way. The findings, which represent the responses of 900 IT leaders across 10 global markets, suggest that organizations are feeling the pressure to rush into GenAI tool usage, despite significant security concerns. Security concerns are dominating According to our research, a staggering 95 percent of organizations are already using GenAI tools in some guise within their businesses. 57 percent of the IT leaders are allowing their use without restrictions and a little over a third (38 percent) are approaching their use with caution. The remaining 5 percent of the respondents answered that they are either holding back to see where the technology goes or have banned the tools’ use entirely. Despite such high usage figures, however, a significant 89 percent of the surveyed IT leaders admit that their organization considers GenAI to be a potential security risk, and nearly half (48 percent) agreed that the threat may currently outweigh the opportunities these tools could unlock. A majority of businesses are using GenAI tools Given results like these, early GenAI adoption appears to be less of a calculated risk than we might like to believe. And in fact, organizations would be well advised to take both security and privacy concerns into consideration before they go any further. GenAI promises remarkable benefits in terms of productivity and creativity, so a complete ban on its use would place organizations at a substantial competitive disadvantage. From that perspective, it is encouraging to see that only a small minority is taking this route. But its adoption must be approached strategically, with a paramount focus on security to ensure responsible and safe utilization. Where are security concerns coming from? The top concerns listed for those organizations not using GenAI were the potential loss of sensitive data, a lack of understanding around its dangers and benefits, and a lack of resources to monitor its use. With 23 percent of the organizations who are using GenAI tools not monitoring this at all, it’s clear to see why this last point in particular was raised as a threat. Organizations are not acting on the security concerns When bringing in any new technology, it’s crucial to understand the unique security challenges it raises so that these don’t overshadow its potential. Failing to implement any additional GenAI-related security measures—which a third of the organizations using it admit to—is another risky move that could leave organizations vulnerable. And while 31 percent of that same group have included GenAI-specific solutions in their roadmap, intent is far less effective than action as the temporary tends to become the permanent. With GenAI the primary security challenge lies in data leakage, underscoring the vital importance of robust data security measures. The first step organizations must take therefore is to have visibility of who is using what AI apps and then control the use. Once they have regained visibility, they can implement data protection measurements starting with data classification to prevent leakage. Astonishingly, only 46 percent of respondents expressed confidence in their organization having classified all its data based on its level of criticality. A further 44 percent have at least started to classify some of their data as a prerequisite to implement security measures. But that still leaves a big gulf to close. Organizations must act now to regain control IT needs to take control of GenAI use and security With organizations appearing to be so unprepared to secure GenAI, you might speculate about what is forcing such a rapid adoption of the technology. Surprisingly, the rollout pressure isn’t coming from where people might think. Despite mainstream awareness, it is not employees who appear to be the driving force behind current interest and usage – only 5 percent of respondents said it stemmed from this group. Nor is it business leads (21 percent). Instead, 59 percent of IT leaders said they were driving it themselves. The situation, in this case, seems to be less about business “pressure” to introduce new technology and more about IT teams’ “desire” to keep up with technological innovation. If anything, with interest from business leaders still low, it would seem that GenAI has yet to bridge from being the playground of IT teams to a broader business enabler. The fact that IT teams are behind early adoption should offer reassurance for both IT and business leaders. It means there is room to strategically temper the pace of GenAI adoption, giving IT enough time to establish a firm hold on its security measures before security and privacy risks turn into crises. Implementing GenAI should be accompanied by a zero-trust solution like the Zscaler Zero Trust Exchange platform, ensuring comprehensive oversight and authority over the technology’s usage per user and application, and allowing organizations to maintain a secure and controlled environment. The following steps will allow IT teams to regain control of GenAI tools: Conduct thorough security risk assessments for GenAI applications to understand and respond to security and privacy risks Implement a holistic zero trust architecture to get visibility and authorize only approved GenAI applications and users Establish a comprehensive logging system for tracking all GenAI prompts and responses Enable zero trust-powered Data Loss Prevention measures to secure all GenAI activities and prevent data exfiltration Whenever a new technology emerges, it brings both positive and negative use cases. Zscaler is pioneering zero trust solutions to unleash GenAI's massive potential safely and responsibly, just as we spearheaded secure cloud adoption. With Zscaler, boldly accelerate your generative AI revolution. Mon, 13 Nov 2023 23:00:03 -0800 Sanjay Kalra https://www.zscaler.com/blogs/company-news/all-eyes-on-securing-gen-ai https://www.zscaler.com/blogs/company-news/an-inside-look-at-c-level-decision-making Many years ago, businesses were starting to make the move from analytics to big data, and I was looking for the right vendor to help my team do the same. My organization had already been approached by an established brand claiming their solution could solve all our problems. But a smaller, less well-known company in California had also approached us with a significantly cheaper bid. Now, typically, when one solution is offered at a different price point than another, you’d assume the two technologies are not made equal. But when I had my team do some research into both companies and test the cheaper product, their feedback was overwhelmingly positive. As a CIO, I had to decide which solution would be the best fit for my organization. How are IT vendor decisions influenced? I had also learned that one of our key competitors had recently started to work with the smaller company, so I jumped on the phone to get my CIO counterpart’s opinion. After this reference call, I confidently made the decision to go with this smaller, less well-known vendor and they became integral to our IT strategy for many years. Being able to have a conversation with someone who holds the same C-level role at another company is worth more to me than any other independent opinion in the IT decision-making process. It allows you to hear first-hand about the style of the organization you are considering—is it a marketing-led or engineering-led organization? How approachable is the vendor’s leadership in case of a crisis? These softer factors are increasingly important for a CTO/CIO when making technological decisions for their business and should be taken into account before any decision is made. But how should you weigh your decision-making process and what are the factors you should prioritize over others when making a C-suite decision that will have an impact on your organization for decades? Weighing deciding factors When I was the CIO at Engie, networking with the right peers outside of my organization was essential to ensuring I was making the right choice as a member of the C-suite. As CIO, CTO, or CISO, you will need to make product decisions that may impact your business for years to come. If you get it right, then it is fine (though no one will thank you). But, if you get it wrong, then you are the first in the firing line. What mattered most to me when I was making a product decision was ensuring I had the team around me doing their due diligence – purchasing would check the vendor, legal would review the contracts, engineers would test the solution – and their feedback would account for 50% of my decision whether to move forward or not. The other 50% was determined by what competitors in my field were doing. If you choose a product that you believe to be the best for your business, but are the only person to do so, you may soon become exposed when that product fails to secure funding for its next evolution. Becoming an early follower There are some businesses and members of the C-suite who are known as pioneers and innovators. They are always on the cutting edge of technology and feel comfortable leaping into the abyss with the next product that promises to revolutionize the business. this is a risky strategy. While I respect and admire these people, most business leaders don’t have the opportunity or courage to risk it all. They must be more cautious in their approach. Of course, if you exercise too much caution, you risk becoming an industry laggard and losing ground to competitors. Instead, my approach was to be an ‘early follower’. To do this, you must be a keen observer of your industry and aware of big moves being made by competitors. In practical terms, it means taking the time to attend meetings and events where you can network with your counterparts and understand which technologies are the next sure bet. Armed with this intelligence you can invest early enough that you are ahead of the curve—giving you not only a competitive advantage with customers but ensuring you have exciting solutions to entice future employees to join your team. Conclusion In summary, building a network of trusted colleagues is paramount because collaboration drives innovation and helps organizations move forward. The Zscaler CXO Exchange in Amsterdam on 26 - 27 March 2024 is an excellent opportunity for C-suite members to stay on top of the latest solutions and trends. By attending, you'll gain insights from peers facing similar challenges and engage in open conversations, brainstorming sessions, and collaborative workshops to help you navigate the ever-evolving landscape with confidence. Whether you're a CIO, CISO, or CTO, staying on top of the innovations discussed at the event can help you make informed, visionary decisions. I hope to see you in Amsterdam. This blog first appeared on the CxO Revolutionaires Website. View the agenda and register to join us. Tue, 17 Oct 2023 04:37:55 -0700 Yves Le Gelard https://www.zscaler.com/blogs/company-news/an-inside-look-at-c-level-decision-making https://www.zscaler.com/blogs/company-news/making-small-business-security-effortless Small enterprises might have a false sense of security, but, despite perceptions, they are just as vulnerable to cyberattacks as big businesses. According to Statista, in 2020 around a third of small business executives in Switzerland considered their company‘s risk of a low-level cyberattack to be very small, and only two percent believed they were at great or very great risk of an attack big enough to close their doors. Although they set up their business operations digitally, many small business leaders still aren’t prioritizing building defenses against cyber attacks. This is primarily due to a lack of expertise and resources – there is simply not enough time and staff to take care of internet security in addition to having to handle the ongoing operation of the micro-enterprise. This is a dangerous approach, as almost a third (31 percent) of Swiss small businesses fell victim to a cyberattack at least once in 2022, according to the annual survey by gfs-Zurich. An economic factor at risk? Small businesses are an important economic factor to any country. Across Europe, 60-70 percent of the gross domestic product is generated by SMEs, and more than 20 million people are employed by companies with fewer than ten employees. At first glance, an attack on a large company may therefore seem more lucrative for cybercriminals who can extort millions of dollars in ransomware demands. But smaller companies are equally at risk because they are generally an easier target for cyberattacks. In many cases, their lack of protective measures to block malware from infected websites, phishing emails or man-in-the-middle attacks effectively leave their doors open to attackers. In order for small businesses to take more preventive measures to protect their operations, today’s cybersecurity solutions must be better tailored to their needs. And this means making the entry barriers as low as possible. Ultimately, the deciding factors in the purchasing process for a business are the same as for an individual. They are looking for a solution that enables a quick and simple deployment – that follows the motto: "I call, I click, I use." Those managing small businesses don’t have the time to spend on lengthy contract discussions, nor do they have the resource for regular security maintenance and updates – which is why they look to others to help. Many companies are already used to having their telecommunications provider oversee their connectivity needs in this manner. Now, with digital transformation taking connectivity into the cloud, it makes sense for telecommunications providers to team up with their cloud security counterparts to efficiently secure the economic factor of SMEs. Security made visible In partnership with Zscaler, telecommunications provider Swisscom has developed an online-office solution that’s tailored to SMEs: InOne SME. This solution offers micro-enterprises with up to ten employees the same level of internet security that large corporations around the world receive. Before getting started, SMEs can do a security audit online, carrying out an end-to-end assessment of their digital landscape at the click of a button. The audit reveals where the main gaps in protection exist, enabling the SME to focus on those areas first, adding additional security features as and when budget allows, or their needs expand. Via Swisscom‘s self-service portal, SMEs are empowered to close identified security gaps quickly and easily, simply by adding their chosen security package as a monthly service to their existing internet or mobile phone contract. A Client Connector is provided, ensuring that all data streams connecting to the business are routed through the Zscaler Cloud for security checking. Malware, phishing attempts, and other cyber threats are detected and intercepted before they reach users' devices. This solution also gives SMEs the advantage of the ‘cloud effect‘. If a newly emerging cyber threat is detected in the Zscaler sandbox anywhere around the globe, all users worldwide are automatically protected from this danger. Such a service is particularly beneficial for small companies, who can just leave their security running in the background, safe in the knowledge that their protections are as up to date as possible, and they can focus all their attention on growing their business without worry. Fri, 22 Sep 2023 04:13:05 -0700 Markus Breuer https://www.zscaler.com/blogs/company-news/making-small-business-security-effortless https://www.zscaler.com/blogs/company-news/zscaler-proud-be-one-best-workplaces-technology Today, Zscaler was named one of Fortune’s Best Workplaces in Technology, a significant accomplishment given the highly competitive nature of this ranking which is based on over 162,000 responses from employees at companies across the technology industry. And because this recognition also takes into account feedback provided by Zscaler team members, it’s an especially important endorsement from the very people who know our culture best. Like many iconic technology companies, Zscaler was born out of an original idea, a lot of hard work, and the unwavering belief that this idea had the potential to change the world. Sixteen years later, we’ve seen how cloud security has become an essential component in accelerating digital transformation initiatives and, as I look back over our company’s history, I’m reminded of all we’ve accomplished as we’ve grown Zscaler into the global cybersecurity leader it is today. Images from the early days of Zscaler. (Left) Mapping out a novel approach to cloud security that would later become the Zscaler Zero Trust ExchangeTM Platform. (Right) With a team of founding engineers who helped bring the vision to life. Every milestone adds to the mosaic that makes up who we are as a company and what we stand for. Over the years we’ve been recognized in a number of areas, such as our product innovation (we have over 400 issued and pending patents worldwide) and customer satisfaction (with an NPS of 70+, Zscaler’s score is over 2x the average for SaaS companies). But I firmly believe that our team members are our greatest strength, so as we continue to grow our ranks, it’s extremely important that we continue to invest in creating a positive culture and environment that enables our employees to do their best work and contribute in meaningful ways. This year has been quite eventful with Zscaler being named to a number of “Best Workplaces” lists, including: Fortune’s Best Workplaces in the Bay Area Fortune’s Best Workplaces for Millennials UK’s Best Workplaces for Women UK’s Best Workplaces in Tech Each award serves as further validation that Zscaler has come to be known as an iconic company that’s driving cybersecurity innovation and market growth with a talented and world-class team…fulfilling a dream that started 16 years ago. A big thank you to the Zscaler team for making us a “great place to work” - this award celebrates you and all of your valuable contributions. Congratulations, everyone Tue, 19 Sep 2023 07:30:02 -0700 Jay Chaudhry https://www.zscaler.com/blogs/company-news/zscaler-proud-be-one-best-workplaces-technology https://www.zscaler.com/blogs/company-news/zenith-live-23-emea-closes-customer-calls-action-quest-innovation "Change is uncomfortable. Fear of the unknown leads to inertia. The bold and curious will succeed." – Jay Chaudhry, Zscaler Cybersecurity spending is projected to reach $219 billion in 2023. Nevertheless, researchers predict cybercrime to cost the global economy $10.5 trillion by 2025. How can we bridge the chasm between our mitigation efforts and the results they deliver? That was the question Zscaler CEO, Chairman, and Founder Jay Chaudhry opened Zenith Live 2023 in Berlin last week, and it’s one Zscaler colleagues, customers, and partners spent the rest of the conference trying to answer. It was time well spent with encouraging results. Why? For one, it starts with a refusal to settle for the status quo. Equinix VP of Technical Sales Vaishali Ghiya, who joined Jay on the stage for his opening keynote, summed up the endless possibility of this mindset perfectly when she remarked, “We said bye-bye to that appliance-based VPN, and it's been happily ever after ever since." Now, her expectations have reached new heights: "I look forward to getting on an airplane, firing up Zscaler, and getting all my work done on a long flight," she said. Refusing to sacrifice productivity while in the air demonstrates an unwillingness to settle. CompuGroup Medical is another shining example of a company that battled inertia and reaped the rewards. After organizing its IT environment around hub-and-spoke connectivity and castle-and-moat security for years, CompuGroup decided it had other options, as Jochen Klein and Tim Cottin reported to the audience. As one of the world’s leading e-health companies, its cyber and IT operations protect customer data, accelerate business transactions, and secure developers’ access to code databases to insulate the company against supply chain attacks. Following its transition to a zero trust architecture, Jochen and Tim reported that CompuGroup vaulted into the top 2% of companies for security in independent pen testing. It can connect employees productively on day one following M&A deal closures. "Because of Zscaler's ZPA, [third-party pen testers] were unable to penetrate our network and were not able to find any services to try to breach," Jochen said. In addition to a strong bias for action, the willingness to continuously innovate is another key factor contributing to successful digital transformations. Not surprisingly, this urge to improve was also on full display in Berlin last week. E.ON CISO René Rindermann, with whom I had the pleasure of sitting down for a fireside chat, spoke of digital transformation as the impetus for breaking down silos between departments at the European energy provider. By recognizing that digitization was a business priority rather than an IT priority, he said the company became more nimble in all facets, from product rollouts to enabling remote work. While Zenith Live is always an opportunity for Zscaler to showcase the innovations it has been hard at work on, that’s truly something best done by our customers. Few do it better than our longtime collaborators at Siemens Energy. VP of IT Infrastructure Wolfgang Schubert and Head of Threat Intelligence Dusan Vignjevic were on hand to highlight some of the company's efforts. Knowing the company is facing spikes of 30-40% in energy demand within the next 20-30 years, Siemens Energy is committed to innovating to meet this demand sustainably. As Wolfgang put it, “Technology drives decarbonization.” Specifically, he called out Zscaler Digital Experience (ZDX) as a tool the company uses to maximize its resources without sacrificing security. MAN Energy Solutions CISO Elena Furini, who also took to the stage at Zenith Live, has a similar focus. "Through our products, we want to reduce global emissions by 10% by 2030," she said. As one of Zscaler’s first Zscaler Private Access (ZPA) customers, we are proud to have supported Elena and MAN on their mission by providing a means for protecting crown jewels like Active Directory, granting secure access to third parties, and acting as a secure VPN replacement. I could not help but notice the synergies between Man Energy Solutions and Siemens Energy’s efforts and a point made by Jay in his opening keynote that Zscaler can drive a 93% reduction in carbon emissions compared to on-premise solutions. While this is ultimately a small contribution to a significant global problem, I am proud of its alignment between Zsclaler and its partners. Sadly, cybercriminals are as committed to innovation as upstanding technology leaders. For threat actors, data is gold. Protecting that data is critical for Zscaler customers like the staffing firm Randstad, financial services provider Equiniti, and banking conglomerate Absa Group. "For [Equiniti]," said CISO John Meakin, "knowing where the data is and where it's going is core to our business." Enter innovations in data loss prevention (DLP). Because so much of cybersecurity boils down to ensuring data is secure and confidential, this was a major theme running through the innovations unveiled at Zenith Live. Representatives of customers who took to the stage to discuss their DLP efforts highlighted the essential need to capitalize on the advantages offered by the cloud, the risks it introduces, and the high stakes with which they are all playing based on their industry. Knowing this is the case for many Zscaler customers, this year's innovations put a premium on distributed data protection with new features focused on LLM-related data governance issues, AI-powered cloud configuration monitoring, and forthcoming multi-modal DLP capabilities for audio and video file formats. These were a few highlights from two truly incredible and inspiring days with colleagues, customers, and partners. If you could join us, I hope you took away important lessons and fond memories. If you missed us in Berlin, please register to watch the recorded sessions. To hear more customer voices from Zenith Live ‘23, check out the day one and day two recaps from our Las Vegas event. Wed, 05 Jul 2023 13:40:20 -0700 Kavitha Mariappan https://www.zscaler.com/blogs/company-news/zenith-live-23-emea-closes-customer-calls-action-quest-innovation https://www.zscaler.com/blogs/company-news/power-zscaler-intelligence-generative-ai-and-holistic-view-risk Zenith Live ‘23 was a resounding success as we brought together a host of experts, industry analysts, and customers to learn, explore and exchange ideas on cybersecurity technology innovation and transformation. Each year, Zscaler announces several industry-changing innovations at this event, and this year was no different. One thing that captured the attention of attendees, however, was generative AI— and for all the right reasons. Your partner in the AI transformation journey At Zscaler, we believe Generative AI as a technology is fundamentally transformational, but delivering impactful AI-powered outcomes requires large volumes of diverse, high-quality data and a sophisticated AI engine to precisely train AI models. Zscaler’s AI advantage is a result of 15 years of expertise and leadership in developing and operating the world’s largest cloud security platform, which processes more than 300 billion daily transactions from users, IoT/OT devices, workloads, and business-to-business communications. The scale of Zscaler’s platform combined with our unique large language models (LLMs) differentiates our AI solutions in the industry. Just as we are helping organizations navigate through security and network transformation, Zscaler is committed to helping customers safely embrace Generative AI and accelerate their AI transformation journey. To that end, we made several notable announcements at Zenith Live ‘23—ranging from advancements in current products that customers love and use every day, to industry-defining new innovations that are coming down the pike. Generative AI is transformational Embracing AI transformation securely Several Zscaler products today leverage the benefits of AI and ML to recommend security policies, segment users and applications, classify data, and identify risks accurately. Recently, we have delivered additional capabilities to give customers more power over access control and protecting sensitive data to ultimately enable them to embrace generative AI more securely. Data protection for AI: Zscaler Data Loss Prevention (DLP) prevents potential data leakage and enables organizations to record and retain content, including prompts to generative AI queries and outputs of publicly available LLMs and AI applications, for security and audit purposes in their own environments. AITotalTM : a comprehensive grouping and risk classification for an exploding number of AI applications, for security and audit purposes in their own environment. AI visibility and access control: A new URL category and cloud application specifically tailored for monitoring AI application usage. This innovative solution offers the versatility to establish a variety of disparate policies for different user sets and groups, granting organizations precise control over access to AI applications. By implementing cloud-based remote browser isolation, Zscaler provides an additional layer of security while restricting potentially hazardous actions, such as uploads, downloads, and cut-and-paste functions, when accessing AI applications. More details about how Zscaler is making it safer for customers to embrace Generative AI tools are covered in this blog by Dhawal Sharma - SVP, Product Management at Zscaler. Patrick Foxhoven talking about Zscaler’s leadership in AI at Zenith Live ‘23, Las Vegas Ground-breaking Generative AI security innovations for the next generation of threats Zscaler is embracing generative AI and using it to develop several industry-leading innovations that were improbable (at least not with precision) even a few years ago. We previewed some of these at Zenith Live ‘23 and will share more soon. Security Autopilot™ with breach prediction: A proactive approach to securing data by enabling AI engines to continuously learn from changing cloud-based policies and logs. Between accurately recommending policies and performing impact analysis effectively, Security Autopilot simplifies security operations while preventing breaches. This is currently piloted by ThreatLabz, Zscaler’s advanced threat research and incident response team. Zscaler Navigator™: A simplified and unified natural language interface to enable customers to interact with Zscaler products and access relevant documentation details using a seamless, secure, and user-friendly approach. Multi-Modal DLP: Zscaler’s revolutionary approach to DLP will operate by integrating generative AI and multi-modal capabilities into its already capable DLP offerings to protect customers’ data from leakage across various media formats beyond text and images, such as video and audio formats. Introducing Zscaler Risk360TM: Holistic view of risk for organizations Zscaler is deeply rooted in solving some of the most complex security challenges for our customers. One thing that comes up in our conversations with CISOs across the globe is the need for them to have a near real-time view into the organizations’ holistic risk. The ever-increasing frequency of cyberattacks and external pressure from regulatory bodies, such as the Securities Exchange Commission (SEC), has made cyber risk quantification and reporting a board-level conversation. However, legacy solutions tend to be manual, static, and difficult to use. Leaning again on the strength of Zscaler intelligence coming from our Zero Trust Exchange and our commitment to solving the most complex security challenges for customers in an elegant fashion, we announced the limited availability of Zscaler Risk360 at Zenith Live ‘23. Zscaler Risk360 is a powerful risk quantification and visualization framework for remediating cybersecurity risk. It ingests data from external sources and your own Zscaler environment to curate a detailed profile of your risk posture across all four stages of a cyberattack - external attack surface, compromise, lateral propagation, and data loss - and all the entities in your environment, including assets, applications, workforce, and third parties. Zscaler Risk Dashboard Zscaler Risk360 gives security practitioners the ability to intuitively visualize holistic risk in real time and to use data-driven recommendations to take prioritized action to prevent breaches. CISOs can lean on Zscaler Risk360 to quickly understand the top risk drivers for the organization, make business decisions intelligently, and communicate simply and broadly to the executive team. Zscaler Risk360 is a game changer for security and risk professionals. You can read more in this blog by Raj Krishna - SVP of Product Management and Kanishka Pandit, Sr. Product Marketing Manager at Zscaler, or request a demo on our website here. I hope many of you joined us at Zenith Live ‘23 in Las Vegas or Berlin where we celebrated innovation, collaboration, and joint success with customers and partners. If you missed it, you can still watch the recording here. Thu, 29 Jun 2023 08:00:02 -0700 Harsha Nagaraju https://www.zscaler.com/blogs/company-news/power-zscaler-intelligence-generative-ai-and-holistic-view-risk https://www.zscaler.com/blogs/company-news/zero-trust-connectivity-extended-plus-massive-leap-data-protection-zenith-live Day two of Zenith Live jumped right into our third innovation keynote of the conference, focused on our initiatives to extend zero trust connectivity beyond users to workloads and IoT/OT devices. In the same spirit, I’m diving right into key takeaways from the second half of our main event in Las Vegas. Extending zero trust connectivity beyond the user Dhawal Sharma, Zscaler VP & GM of product management, pivoted in his keynote from a security to a networking focus, taking the audience through the evolution of networks from monolithic, as workforces worked almost exclusively from corporate offices, to gradually more distributed leading up to the pandemic until ultimately taking their current hybrid form. For the past 30 years, Dhawal emphasized, IP-based networking worked well. But the movement of employees from behind the corporate firewall and increasing adoption of cloud-native applications mean routable networks expanded attack surfaces beyond reason. The Zscaler Zero Trust Exchange addresses these shifts, allowing users to be connected to resources without the need for routable networks, effectively hiding both from internet onlookers. Establishing this history is essential to understanding what we mean by extending zero trust connectivity. Many users sit outside the corporate network today, and workloads and IoT/OT devices make up an increasing proportion of corporate traffic. Workloads require a zero trust connectivity framework at the cloud level. Employees and IoT/OT devices need a zero trust connectivity framework wherever they reside. We released Cloud Connector and Branch Connector to cover these use cases. According to Dhawal, it is akin to the shared responsibility model in cloud computing. We aim to shoulder the responsibility for zero trust connectivity to lighten the load on our users. In other words, we are automating how users bring traffic to the Zero Trust Exchange. Cloud Connector innovations Brian Lazear, Zscaler Vice President, Product Management, took over for a deeper dive into the cloud workload innovations. Brian discussed three core challenges facing cloud development and security practitioners: Operational complexity – With hundreds of workloads in existence at any time and new ones being constantly created or retired. Manual segmentation – Unrealistic given the number of existing workloads, which can expose organizations to attacks and data loss. Multi-cloud environments – That often must be managed independently of one another due to nuances between platforms. He then explained how Zscaler helps address these challenges by: Simplify operations through enhanced, near real-time visibility offered by workload discovery-as-a-service, infrastructure-as-code integrations for easy templating and granular configurations. You can tie these to ZIA and ZPA policies. Automate segmentation with the ability to add app-to-app controls and machine learning-backed grouping policies, as well as visibility over which apps talk to which others for true microsegmentation capabilities. Unify multi-cloud environments by introducing Google Cloud Platform support in addition to existing AWS and Azure offerings. New capabilities stemming from our partnership with Equinix allow push-button direct connectivity to the Zscaler Zero Trust Exchange for uniform policy enforcement. Managing a multi-cloud environment was especially taxing for NOV VP of IT Patricia Gonzalez-Clark. "They're very similar, but then they each have their own nuances. That's why we are especially excited about the advances to the Zscaler Cloud Connector, especially policy by tags." Branch Connector innovations Cafe-like connectivity is the gold standard for branch locations, confirmed Zscaler VP of Product Management Naresh Kumar. He took to the stage to explain how Zscaler Branch Connector innovations make it possible to open a laptop and connect to the business from anywhere. To do so securely, we focused on removing the need to connect different office branches using SD-WAN-enabled site-to-site VPNs. These entail a discoverable attack surface and can enable lateral movement if breached. Instead, the Zscaler Branch Connector is a network edge function that forwards traffic via a TLS tunnel with no overlay network required. Essentially the same technology powering ZPA today, Zscaler Branch Connector provides a singular path for traffic from the branch office to the Zscaler security cloud. No attack surface. No opportunity for lateral movement. This innovation keynote ended with Zscaler Sr. Director, Product Management Javier Rodriguez Gonzalez and Sunbelt Rentals EVP, Chief Digital & Technology Officer JP Saini expounding on the benefits of Zscaler Digital Experience (ZDX )and its new feature set. AI enhancements simplify diagnosing performance degradations for customers by automating the discovery of problems with, for example, an internet service provider. This feature pinpoints issues quickly and delivers reporting on which users are affected and possible remediation steps, all at a speed only possible with AI assistance. ZDX "allows our teams to be more proactive in identifying issues and pursuing remediation accordingly," said JP. Taking a digital transformation road trip with CarMax Shamim Mohammad, EVP & Chief Information and Technology Officer at CarMax, walked attendees through a phased digital transformation journey. Founded on the idea that buying a car could be straightforward, CarMax and Shamim were determined to make their zero trust implementation equally easy. Though it broke the mold, CarMax had a more challenging time innovating in IT. Before its transformation, the company was sitting in a massive legacy environment. Hair pinning was causing latency and fragmenting the customer journey. So CarMax established two goals: Strengthening the business by setting the standard for the digital car buying experience Overhauling IT operations by prioritizing cloud-native productivity solutions for its workforce By migrating business applications to the cloud, CarMax could operationalize the massive data sets it had amassed across its roles as a direct-to-consumer car dealer, vehicle wholesaler, and financial institution (as a top-10 auto lender). The migration also shifted mindsets among Shamim’s team from project completion to business enablement, inspired by the feeling they could contribute to the company’s success. Next, CarMax locations switched to local breakouts so users could access the internet directly. The employee experience improved, network-related costs cratered, and security enforcement became more manageable. According to Shamim, CarMax is now confident that the online car buying experience is secure for customers, and the company can provide excellent insights garnered from its large dataset. "One thing I love about Zscaler is they're innovating," he said. "As a company focused on being an industry leader, we need a partner that can innovate." An integrated solution to distributed data protection How can data protection be secure, simple, and productive? For Zscaler SVP Take-Off Teams, Willie Tejada, that is the fundamental question driving his team to dream up innovative ways to keep organizations safe from data loss and theft. To rise to the challenge, Zscaler GM & VP, Data Protection Moinul Kahn said his team has delivered over 70 new features in the past six months. To what end? Comprehensive, fully integrated data protection capabilities with the least burden on Zscaler users. New features advancing this goal include: AI/ML-powered automatic data classification and enforcement – Using sophisticated techniques to automatically classify data on the wire according to categories and enforcing rules based on policy. Improved incident management – Automatically notifying users of data loss prevention (DLP) rule violations and providing the opportunity for justification of that action. Cloud app control – For granular policy control over applications like ChatGPT, which allow rules to allow use but block actions like uploading source code to third-party apps. Data protection for unmanaged devices – By enforcing remote browser isolation to protect against uploading and downloading, copying and pasting, and even watermarks to discourage screenshots. Email DLP – Through SSL/TLS inspection of outbound mail that checks subject lines, body text, and attachments for DLP violations. These capabilities are essential for John Graham, CISO at NetJets. His company possesses data critical to ensure its elite clientele is comfortable and accounted for on private flights. Their privacy is paramount for NetJets. After hiring a red team hacker to prove somebody can steal information belonging to clients from cloud applications, John called in Zscaler. "We utilized the Zscaler team to actually prove that, not only could we see this happening, we could stop it," John said. "It proved itself out right away." For Equinix Deputy CISO Gene Casady, the most valuable data protection capabilities involve a cloud access security broker (CASB) solution. As an administrator of SaaS apps, Gene was looking for a CASB that integrated several functions into a single solution to reduce cost and simplify operations. He looks forward to seeing how the latest product enhancements will increase efficacy. "What I'm most excited about is seeing how Zscaler will apply AI and ML models cross-functionally to my unique data sets to produce more accurate and actionable alerts," he said. Zenith Live 2023 in Las Vegas has wrapped. We look forward to hearing from more customers at Zenith Live EMEA in Berlin on June 26-29. What to read next Zenith Live ‘23 kicks off with stunning series of innovation AI ethics: One more reason to look forward to connecting with fellow women IT leaders at Zenith Live '23 In Their Own Words: Customers in the Spotlight at Zenith Live '23 Fri, 16 Jun 2023 13:14:33 -0700 Kavitha Mariappan https://www.zscaler.com/blogs/company-news/zero-trust-connectivity-extended-plus-massive-leap-data-protection-zenith-live https://www.zscaler.com/blogs/company-news/zenith-live-23-kicks-stunning-series-innovation-announcements We were thrilled to welcome customers, prospective customers, journalists, and industry analysts to the opening day of our annual Zenith Live user conference in Las Vegas yesterday. My fellow Zscaler executives and I were excited to showcase all of the hard work our product and engineering teams engaged in over the past year. These industry-redefining innovations in the arenas of AI-enabled security, data-driven business intelligence insights, and product enhancements promise to further strengthen the platform underpinned by the world’s largest security cloud. Attendees fill the event space at the ARIA Resort & Casino in Las Vegas. Jay Chaudhry sets the table for disruptive innovation with his CEO keynote Zscaler CEO, Chairman, and Founder Jay Chaudhry introduced several new Zscaler innovations by stressing that these capabilities were built on top of the existing platform. A guiding principle for the 15-year-old company has always been to help its customers consolidate vendors and eliminate point products. "Our goal," Jay said, "is to be integrated, comprehensive so you don't have to deal with multiple point products that don't work with each other." New offerings weren’t cobbled together from a string of acquisitions to add functionality in areas that were lacking, he pointed out. They weren’t dreamed up to extend product lines and create additional revenue streams. They were not knee-jerk attempts to capitalize on the buzz surrounding AI. Instead, they capitalize on Zscaler’s massive cloud security data lake for training sophisticated AI models to provide advanced insights to our customers. These insights were always present in the more than 300 billion transactions and 500 trillion daily signals seen by the Zscaler Zero Trust Exchange each day. AI simply allows us to process and serve them to users in scalable, intuitive, and actionable ways. Zscaler CEO Jay Chaudhry opening Zenith Live ‘23 from the main stage. Customers are always central to the Zenith Live agenda, and this year’s features many who were instrumental in conceiving and developing the innovations unveiled at this year’s event. First, Jay welcomed Christopher Porter, SVP & Chief Information Security Officer at Fannie Mae, to the stage to describe how the company jumped out of the gate early to begin its transformation journey. Christopher explained how Fannie Mae’s digital transformation began after they migrated key business applications like ServiceNow and Office 365 to the cloud. The company’s on-premise proxies could not keep up with the scale of traffic headed for the internet. That all changed when they switched to Zscaler Internet Access, allowing users faster and more secure internet access. "[Zscaler] changed the experience to where it's the same whether you're home, whether you're at Starbucks or you're in one of our physical buildings," Christopher said. As with many companies, the pandemic accelerated Fannie Mae’s transformation. It was the impetus for pushing out Zscaler Private Access (ZPA). Porter said it allowed him to sleep better at night since it removed the threat of lateral movement previously introduced by a VPN solution. More data protection capabilities followed: exact data match, index document matching, and integration with Microsoft information protection capabilities. Next, Jay discussed Zscaler's first foray into hardware with Justin Dustzadeh, Chief Technology Officer at Equinix. Equinix is a global digital infrastructure platform with over 240 highly reliable data centers connected by a global software-defined backbone network. A partner for more than a decade, Equinix had a vision of evolving its infrastructure security and interconnection consumption from box-based point solutions to a cloud-native, software-enabled, and customizable platform that could secure any-to-any capabilities for its user while enforcing policies and preserving visibility. The result, Zero Trust Branch Connectivity, is a plug-and-play appliance for securely connecting branches while reducing the cost and security risks associated with VPN-over-SDN-WAN connections. "We are partnering to take friction away and make secure cloud-to-cloud and hybrid multi-cloud interconnection an easy and enjoyable experience for our users," Justin said. To cap off the CEO keynote, Microsoft Chief Security Advisor James Eckart joined Jay and Zscaler EVP, Business and Corporate Development Punit Minocha onstage to explore the partnership between the two companies. "One of the things Zscaler first did with Microsoft, very successfully, was allow us to go straight from the endpoint to Office 365 while crossing Zscaler's complete security stack," James said, "so we could get around all of the hair-pinning and latency issues we were experiencing in our data centers. That was just really a boon for everybody. It created a lot of user delight." How the “strategic imperative” of cybersecurity aligns with Hyatt Hotels’ mission I also had the good fortune of sitting down with my good friend and longtime Zscaler customer Ben Vaughn, SVP & CISO of Hyatt Hotels, for a fireside chat. For Ben and Hyatt, cybersecurity is integral to the company's core purpose: care. "What an amazing purpose for a hospitality company, but what a really amazing purpose to have for a cybersecurity department," Ben remarked. As always when I talk to Ben, our conversation ranged from the idealistic underpinnings of a career in cybersecurity to its tactical implementations like risk transfer via cyber insurance – something for which Hyatt has a very innovative approach – to the importance of turning on SSL inspection to protect guests and employees from those who would try to do them harm online. Ben Vaughn and Kavitha Mariappan in conversation at Zenith Live ‘23 In talking about Hyatt's adoption of zero trust and what it means to the company, Ben acknowledged it has become a loaded term but boiled it down for his team as referring to validating traffic, identity, and security posture at multiple points within its environment. Vaugh also discussed the challenges of securing a highly mobile workforce that often shuffles among the company's more than 1,250 properties. "When we look for security technologies like Zscaler, cloud-based security delivery mechanisms are really important to us because we just can't rely on security to only exist the moments that you're inside our hotel," he explained. Of those 189,000 colleagues Hyatt and Ben rely on Zsclar to help secure, only roughly 40 work in cybersecurity directly. Vaugh attributes this to his team’s willingness to use the full suite of capabilities Zscaler offers to enhance Hyatt’s security posture. "I think we owe it to Zscaler and ourselves to push the buttons you give us because those buttons are the way we seize the initiative from threat actors," he said. “We make the amount of people that are required to respond to incidents that much smaller because we push the buttons” Ben wrapped our conversation with his advice for practitioners looking to stay in the field for the long run. "Find a way to tie what you do every day to what the company does every day," Ben says. "I think you might find that that makes it a lot easier to get permission to push that button." The power of Zscaler intelligence: Generative AI and a holistic view of risk Zscaler EVP & Chief Innovation Officer Patrick Foxhoven fittingly kicked off the Zenith Live innovation deep-dives by introducing many new features and enhancements made possible by AI. "We've been at this for a long time, so AI's not new, but I'll make a statement. We do think it has the potential to change everything," said Patrick. But the technology is not without risk, he noted. Both deepfakes and data loss can be enabled by the same generative AI capabilities we expect will also change the world in more positive ways. As Zscaler VP, Product Management Sanjay Kalra took over to explain, new Zscaler capabilities are focused on advancements in three key areas: Enabling Zscaler customers to use generative AI safely – You can’t protect against what you can’t see, so Zscaler began by adding a new URL category and cloud app for tools like Bard, ChatGPT, and others. This allows admins to finely control who is able to access these tools and enforce browser isolation to protect against sensitive data being uploaded. Zscaler also now provides risk scores for commonly used apps to determine if their AI integrations pose a threat based on the application’s security posture and data retention policies. Building new and enhancing existing products – Zscaler announced it is releasing its own proprietary natural language processor, dubbed Zscaler Navigator, which draws from the company’s own data lake so users can interact with products, request usage statistics, and query support in an intuitive and conversational format. Increasing the efficacy of everything we do – Multi-modal scanning makes data loss prevention (DLP) even more effective by scanning images, videos, and even Zoom calls for sensitive information like intellectual property and preventing them from being uploaded to third parties, assisting security teams with one of the most challenging threats to contain – insider attacks. Zscaler Global CISO Deepen Desai also walked attendees through the typical attack chain from downloading a malicious file to data exfiltration and, eventually, ransomware delivery. He explained how AI insights generated by Zscaler’s new Risk 360 platform can help security prioritize, isolate, and implement policies for preventing future process iterations. "In my opinion, this all ends with AI vs. AI," said Aflac VP, Security Operations & Threat Management DJ Goldsworthy, who joined Desai onstage to discuss the reduced response time necessary to compete with AI-enabled attacks and how he worked with Zscaler to limit his attack surface and automate remediation efforts. As Darin Hurd, Chief Information Security Officer at Guaranteed Rate, who provided feedback on the platform during development, put it, "What Risk 360 does for me is three things: First, it helps me more effectively communicate to my board. Second, it helps to prioritize where we spend our limited security resources. And third, at the end of the day, it inspires confidence because security is difficult and complex." Raj Krishna, SVP, New Initiatives, wrapped by previewing how the forthcoming Zscaler Business Insights will leverage company data to help solve business problems such as understanding licenses purchased versus those deployed or tracking employee usage patterns to understand their return-to-office journeys better. More on that to come… This article originally appeared on CXO REvolutionaries Fri, 16 Jun 2023 13:13:41 -0700 Kavitha Mariappan https://www.zscaler.com/blogs/company-news/zenith-live-23-kicks-stunning-series-innovation-announcements https://www.zscaler.com/blogs/company-news/introducing-zscaler-risk360-tm-measuring-risk-holistically Given the current macroeconomic climate, IT leaders are judiciously re-evaluating their cybersecurity investments. Legacy solutions fail to provide the breadth of visibility into cyber risk and attack exposure necessary to accomplish this. Zscaler is introducing a new approach - a data-driven, real-time solution for managing cybersecurity risk. Cybersecurity is arguably one of the top priorities for organizations everywhere. The current macroeconomic environment and external pressure from regulatory bodies, such as the Securities Exchange Commission (SEC), require IT leaders to quantify and communicate cyber risk to internal stakeholders, business leaders, board members, government regulators, cyber insurance underwriters, and third-party vendors. Legacy solutions fail to meet this requirement for real-time, data-driven cyber risk management. These are often a medley of point solutions, spreadsheets, and manual aggregation of results. They just do not work. A new approach is required. Real-time, data-driven risk management with Zscaler Risk360 Introducing Zscaler Risk360, a powerful risk quantification and visualization framework for remediating cybersecurity risk. Zscaler Risk360 ingests data from external sources and your own Zscaler environment to curate a detailed profile of your risk posture in real time. Leveraging over 100 factors across your entire attack surface, it helps you understand your financial loss estimates, top cyber risk drivers, and the investigative workflows you can follow to remediate your cyber risk. More importantly, Zscaler Risk360 provides a powerful platform for CISOs to evaluate the efficacy of their cybersecurity controls across the four stages of attack - external attack surface, compromise, lateral propagation, and data loss - and all the entities in your environment, including assets, applications, workforce, and third parties. And given the criticality of communicating cybersecurity strategy across the entire enterprise, Zscaler Risk360 also generates CISO Board slides and high-fidelity peer comparison data to facilitate decision making. Zscaler Risk360 Dashboard Powerful risk quantification based on data and research Zscaler Risk360 leverages a highly complex, ThreatLabz-powered framework backed by hundreds of signals and several years of research to calculate risk scores for each of the four stages of breach - External Attack Surface, Prevent Compromise, Lateral Propagation, and Data Loss. Our model ingests data from your Zscaler environment and other external sources to evaluate your risk posture across more than 100 factors based on Zscaler’s unique inline vantage point. Zscaler Risk360 visualizes your cybersecurity risk across four entities - Workforce, Third Parties, Applications, and Assets. This allows enterprises to gain a more accurate picture of their risk exposure, correctly prioritize mitigation efforts, and make informed cybersecurity investment decisions. Intuitively visualize risk across your attack surface, in real time The Zscaler Risk360 web portal displays your organization’s cybersecurity risk in an intuitive, unified dashboard that allows you to quickly access key information. You can easily filter and drill down into the top drivers of your organization’s cybersecurity risk to further analyze and make security decisions. Business leaders, who are increasingly under pressure to demonstrate that their security programs adequately manage cyber risk, can explore financial loss estimates, including straightforward remediation recommendations. Zscaler Risk360 also includes a handy feature called “CISO Board Slides” which allows you to export a PowerPoint format slide deck to facilitate communicating key risk findings and dollar-value estimates of financial exposure consistently across stakeholders including Board, Audit, and IT Risk committees. Data-driven, prioritized actionable recommendations to prevent breaches Zscaler Risk360 surfaces risk insights with drill-down views for specific details and prioritized recommendations to amend policy. Once an enterprise’s risk posture is clearly understood, it’s critical that action is taken to prevent breaches. This is where the power of Zscaler Risk360’s prioritized remediation framework comes to bear. For example, when investigating users uploading sensitive files, Zscaler Risk360 provides guided investigative workflows that allow you to drill into suspicious users and apply critical policy changes to prevent further exposure. With Zscaler Risk360, you get to sit back and relax watching your risk score improve as your risk owners take policy actions over time. Fig: Actionable Recommendations Why Zscaler Risk360? Replace spreadsheets and third-party tools Gain a more accurate picture of your risk exposure along with a data-driven approach to estimated financial impact. Understand your top risk drivers Learn the top drivers of your enterprise’s cybersecurity risk with the ability to drill down into each contributing factor. Actionable recommendations to tune your loss expectancy Leverage Zscaler Risk360’s proprietary, research-backed guided workflows to investigate the most critical issues and prioritize actionable recommendations to remediate them. Board-level reporting and guidance Access curated collateral to share your quantified cybersecurity risk with your board, executive leadership, and other stakeholders. Wrapping up It’s time to put away your growing stockpile of third-party vulnerability management tools, attack surface reports, and spreadsheets. With Zscaler Risk360, signals across all your attack surfaces are aggregated in a single view, altogether with guided investigative workflows and prioritized actions to prevent likely breaches. Start your journey toward a more effective cybersecurity risk management posture today by talking with our team! Zscaler Risk360 is offered today in limited availability and is expected to become generally available soon. Read more and request a demo here. Thu, 29 Jun 2023 21:30:01 -0700 Raj Krishna https://www.zscaler.com/blogs/company-news/introducing-zscaler-risk360-tm-measuring-risk-holistically https://www.zscaler.com/blogs/company-news/introducing-zscaler-itdr-tm With identity becoming the next frontier of cyberattacks, Zscaler is introducing identity posture, hygiene management, and threat detection capabilities as the pillars of an identity-first approach to security that extends the tenets of zero trust to help create resilient IT environments. Cyber defense in an identity-centric world The end goal of all adversarial action is to leverage resources to get to the crown jewels. There are a variety of resources that could aid threat actors but the one with the highest effort-to-impact ratio is the identity of the user; and by extension, the credentials, privileges, and access rights associated with the identity. There are two paradigm shifts happening right now. First, EDRs are approaching the tail end of the slope of enlightenment in Gartner's security operations hype cycle, meaning they are pervasive and widely used. As a result, organizations are more successful than ever in detecting malicious tools and code execution. The second paradigm shift is the transition to zero trust. Gartner projects that at least 70% of new remote access deployments will be served mainly by ZTNA instead of VPN services by 2025—up from less than 10% at the end of 2021. As evidenced by Zscaler's 7000+ customers, organizations are adopting a zero trust architecture that minimizes their external attack surface, limits resource access, and verifies every user. These two paradigm shifts have forced the hand of threat actors; as a result, they're now going after Identities. If the modus operandi of a threat operation is to get to the crown jewels, then what better way to do it than by assuming the identity of a legitimate user? By compromising users and leveraging valid credentials, attackers can circumvent traditional detection controls and zero trust policies and instead leverage access rights and privileges to move laterally. In terms of the effort-to-impact ratio of an attack operation, network and host artifacts that comprise identity provider configuration, role-based access controls, and Windows credential stores sit in the middle of the Pyramid of Pain – annoying but not challenging or difficult. As a result, identity-based attacks that use valid credentials have quickly become the preferred strategy of not just organized threat actors (Lapsus$/Nobelium/BlackMatter/Vice Society), but have also been widely embraced by the cybercriminal community in general (80% of attacks in 2022 were identity-centric, 5/10 organizations suffered an Active Directory attack, and 90% of Mandiant IR engagements involved the use of Active Directory). Current approaches are ineffective Organizations typically use traditional threat detection and identity management approaches to mitigate the risk of identity attacks. However, these approaches often fall short because they were not built to deal with identity threats. Detection controls to identify the use of malicious credentials have existed for ages (UEBA / SIEM analytics), however, they are prone to false positives, and invariably lack the context to allow threat detection teams to make decisions (e.g. is random user X actually allowed to change Y permission?). Attacks such as 2FA MiTM, 2FA spamming, SIM cloning, session token hijacking/cookie stealing, etc. target IAM/PAM preventive controls, bypass MFA, and often rely on users to make smart decisions (historically, never a winning proposition). Furthermore, many internal forms of identity and credentials do not lend themselves well to multifactor authentication, this includes service accounts, applications that don’t support multifactor authentication, certificates, session tokens, and keys. These paradigm shifts, combined with the limited efficacy of existing solutions, necessitate an identity-centric approach to security. Zscaler Identity Threat Detection and Response (ITDR) – Bringing identity-first security to zero trust Zscaler’s vision for identity-first security is based on three fundamental pillars: Identity attack surface visibility The first step toward securing identities is to audit your identity infrastructure thoroughly. Zscaler ITDR provides the ability to assess your on-prem Active Directory (support for additional identity stores coming soon) and get a comprehensive view of your identity posture, risky users and computers, misconfigurations and vulnerabilities that exist in Active Directory, and a MITRE ATT&CK mapping that helps you locate blind spots and prioritize where to focus. Identity hygiene management Once you have visibility into your Identity Attack Surface, the second step is to build identity hygiene. Zscaler ITDR provides real-time monitoring of critical changes in the Active Directory that introduce new risks and open up pathways for attackers to escalate privileges and move laterally. In addition to real-time alerting, you also get remediation guidance in the form of video tutorials, commands, and scripts that can be used to resolve issues. Identity threat detection and response Not all identity issues and misconfigurations can be remediated. Some are business-critical and leave organizations open to exploitation in the event of a compromise. The last step is to be able to detect identity attacks that bypass existing defenses and leverage these misconfigurations to escalate privileges and move laterally. Zscaler ITDR provides high-fidelity detection for attacks like DCSync, DCShadow, LDAP enumeration, and more. How it works Zscaler ITDR takes a low-touch and operationally simple approach to identity security. It’s built into Zscaler Client Connector, our unified agent that securely brokers connections between users and applications/resources. Attack surface visibility Zscaler ITDR audits the Active Directory by running LDAP queries to build a map of schema, users, computers, OUs, and other objects in your identity store. It then runs checks against these objects to find misconfigurations and vulnerabilities that exist in your Active Directory. For assessing the Active Directory, Zscaler ITDR needs to run on a Client Connector installed on a domain-joined Windows machine. The security team sets up a scan by specifying the Active Directory domain they wish to access and selecting the Client Connector installed machine from which to run the scan. Depending on the size of the Active Directory, it takes anywhere between 15-30 minutes to complete the assessment. Once the assessment is complete, the results are available in the Dashboard. The assessment includes a domain risk score, focus areas to prioritize remediation, a list of the riskiest users and computers, a basic analysis of severity and risk categorizations, MITRE ATT&CK kill chain mapping, and a complete list of misconfigurations discovered. For each misconfiguration, the solution provides the following: Risk categorization Severity Remediation effort MITRE ATT&CK ID and tactic Explanation of the issue Potential impact List of users, computers, and objects affected Remediation guidance Video tutorials Scripts Commands Identity change detection Once an assessment has been configured, security teams can turn on change detection for the Active Directory domain. Change detection surfaces configuration changes that affect the security posture of Active Directory in near real-time, allowing security teams and directory admins to quickly respond and remediate. Zscaler ITDR runs a series of high-priority configuration checks against Active Directory. The scope of these checks targets the discovery of issues that have the highest possibility of abuse by adversaries. These checks run every 15 minutes from the Client Connector installed endpoint for the given domain. Changes are marked as having a good or bad impact. A good impact indicates that an issue has been resolved. A bad impact indicates a potential issue has been introduced. Identity threat detection Zscaler ITDR has a threat detection capability that alerts SOC teams and threat hunters of malicious activities directed toward potentially malicious misuse and theft of identities. Identity threat detection can be turned on as an endpoint policy on designated Client Connector-installed machines. Available detectors include DCSync, DCShadow, Kerberoasting, session enumeration, privileged account access, LDAP enumeration, and more. Security teams can choose to turn on all or a combination of detectors on designated endpoints. If a pattern is noticed, Client Connector signals to Zscaler ITDR that a threat has been detected. Zscaler ITDR will enrich the threat signal with information relevant to the security team to perform an investigation. The security team can configure orchestration capabilities in Zscaler ITDR to take automated actions from alerting to forwarding, to remediation. Why Zscaler ITDR? No additional agents / VMs required Built into the Zscaler Client Connector, Zscaler ITDR unlocks new capabilities and protections out-of-the-box. Integrated with access policy The Zscaler Zero Trust Exchange can dynamically apply access policy controls to block compromised users when an identity attack is detected. SOC integrations Strengthen investigation and response with Integrations that include leading EDRs and SIEMs. Our telemetry is OpenAPI compliant. Benefits Identity protection strengthens your zero trust posture by mitigating the risk of user compromise and privilege exploitation. Quantify identity risk Know where, how, and why you are at risk. An identity security assessment generates a risk score to quantify and track the posture of your identity attack surface. Find misconfigurations Uncover issues that allow attackers to gain the upper hand. Discover risky configurations like GPP password exposure, unconstrained delegation, and stale passwords that open up new attack paths. Remediate issues Build strong identity hygiene with remediation guidance. Understand the issue, impact, and who is affected. Leverage step-by-step remediation guidance along with video tutorials, scripts, and commands. Monitor in real-time Get alerts when configuration changes introduce risk. Identity stores are in constant flux with configuration and permission changes. Monitor in real-time and get alerted to new risks and issues. Detect identity attacks Stop privilege escalation with identity threat detection. Not all misconfigurations can be remediated. Detect and stop attacks like DCSync, DCShadow, kerberoasting, and more in case of a compromise. In closing Zscaler ITDR is a new class of Identity-centric security control that provides visibility into the identity attack surface, detects attacks against identities and identity systems, and mitigates risk by closing the loop on hygiene, containment, and remediation. With attackers using identity compromise as the preferred route to a breach, Zscaler ITDR provides a pragmatic approach to identity-first security to mitigate the risk of threats that bypass existing defenses. Tue, 13 Jun 2023 21:30:01 -0700 Amir Moin https://www.zscaler.com/blogs/company-news/introducing-zscaler-itdr-tm https://www.zscaler.com/blogs/company-news/announcing-new-zscaler-platform-capabilities-identify-mitigate-and-manage-large We’re excited to unveil new platform innovations on the Zero Trust Exchange during Zenith Live 2023. These new services transform secure branch connectivity and provide continuous monitoring and threat detection, including quantifying risks and delivering a seamless IT experience. We’re proud to announce new innovations to our customers to help them identify, mitigate, and manage large-scale attacks. These new innovations are: Zscaler Risk360™ Zero Trust Branch Connectivity Zscaler ITDR™ ZSLogin™ Join us virtually at Zenith Live 2023 to see the latest innovations firsthand! Zscaler Risk360: a powerful risk quantification and visualization framework Zscaler Risk360 helps CISOs make informed and expedited business decisions that help reduce cyber risk. By leveraging a rich set of signals from internal and external sources within the Zscaler platform, CISOs gain unparalleled visibility and actionable intelligence from more than 100 data-driven factors to enable the following: Powerful Risk Quantification Delivers real-time risk scores for all stages of cyber breaches, as well as risk visualized across four entities, including workforce, third parties, applications, and assets. Intuitive Visualization and Reporting Filters top drivers for cyber risk and anticipates financial exposure estimates, including financial remediation recommendations, with the ability to create concise board-level presentation materials. Actionable Remediation Prioritizes actionable recommendations with guided workflows to investigate and remediate the most critical issues to keep an organization secure and operations running non-stop. Zero Trust Branch Connectivity: Redefining branch connectivity for superior security and simplified management. Zero Trust Branch Connectivity delivers simplicity, scale, and superior security, dramatically reducing recurring overhead costs associated with MPLS connections for branch locations. This fundamentally new approach to securely connecting branch offices helps eliminate risky site-to-site VPNs over SD-WANs resulting in improved user, application, and data security, lowered costs, and reduced operational complexity, all while being able to significantly accelerate M&A. A new plug-and-play branch appliance will be an optional offer featuring zero touch provisioning, making installs effortless. Zero Trust Branch Connectivity enables CISOs to: Replace Site-to-Site VPNs and Costly MPLS Connections with Zero Trust Securely connecting users, services, and IoT/OT devices between branches and their application stack. Simplify Branch IT Operations Direct-to-internet connectivity to reach cloud-based applications eliminates the need to maintain complex legacy routing and reduces infrastructure. Seamlessly Integrate Collaborating Workforces Reducing time to productivity for organizations by bringing people and business applications together. Zscaler ITDR: Mitigating identity attacks with continuous visibility, risk monitoring, and threat detection Cybercriminals are increasingly targeting users for their identities and credentials. The Zscaler ThreatLabz annual Phishing Report found that most modern phishing attacks rely on stolen credentials. Zscaler ITDR strengthens the business’s security posture with continuous visibility into identity misconfigurations and risky permissions. With Zscaler ITDR, CISOs can: Quantify Identity Risk By generating a risk score to quantify and track the posture of the identity attack surface. Find Misconfigurations Discover risky configurations like GPP password exposure, unconstrained delegation, and stale passwords that open up new attack paths. Remediate Issues Understand the issue, impact, and user affected. Leverage step-by-step remediation guidance along with video tutorials, scripts, and commands. Real-Time Monitoring Get alerted to new risks and issues when configurations change. Stop Privilege Escalation Detect and stop attacks like DCSync, DCShadow, kerberoasting, and more in the event of a compromise. ZSLogin feature: Centralized login dashboard with streamlined authentication for IT processes Zscaler makes IT administrators' lives easier while elevating their effectiveness by providing the following: Centralized Authentication Ability to authenticate directly to Zscaler one time to seamlessly access all admin consoles. Centralized Entitlement Management A simple way to review all entitlements across the platform and ensure administrators receive the appropriate permissions. Passwordless Multi-Factor Authentication Support for passwordless, multi-factor authentication, increasing the strength of admin authentication that is easier to use and phishing resistant. Automated Administrator Identity Management Administrator identities can be managed using SCIM to automate the creation, entitlement assignment, and revocation of administrators based on the identity data from customer identity providers. For more information join Zenith Live virtually to hear about the latest Zero Trust Exchange platform innovations. Tue, 13 Jun 2023 21:30:01 -0700 Simon Tompson https://www.zscaler.com/blogs/company-news/announcing-new-zscaler-platform-capabilities-identify-mitigate-and-manage-large https://www.zscaler.com/blogs/company-news/it-s-time-reimagine-branch-connectivity Introduction So much has changed in the world of IT over the past two decades. There was a time when almost all of us did our jobs at a place of work where IT resources were provided from an onsite data center. In larger organizations, branch locations were often connected back to headquarters over a private circuit or leased line, accessing IT resources from a centralized data center. As the 2010s came along, two displacement trends started to accelerate the pace of digital transformation. First, public and private cloud applications began gaining significant traction, displacing locally installed and licensed monolithic apps. Second, software-defined wide area networking (SD-WAN) emerged, taking advantage of a more robust and performant internet to displace expensive MPLS circuits and complex traditional WAN routing. SD-WAN networks are typically built using lower-cost commodity hardware, are managed via a cloud-hosted GUI instead of CLI, and use site-to-site VPNs over the internet to create virtual private circuits. Unsurprisingly, SD-WAN took off and rapidly became the de facto means of connecting sites together, and users to their apps and services. Service providers followed the trend, placing more emphasis on selling business-grade direct internet access (DIA) services over which to run mission-critical services. Challenges with SD-WAN Extending the network using SD-WAN facilitates connectivity, but in typical deployments, it can create security challenges. Every SD-WAN appliance using the internet for transport must have a public IP address, opening up an attack surface that can be easily discovered. Then, if a breach occurs, it is easier for an attacker to move laterally through the network and between sites. Addressing these risks means deploying traditional network-based security like firewalls, intrusion detection and prevention, malware protection, and so on. What looked like a simpler, more cost-effective solution turned out to retain a lot of the cost and complexity from previous WAN solutions. Reimagining branch connectivity Fortunately, the underlying trends that helped SD-WAN gain its foothold also provide for a fresh approach to branch connectivity. Zscaler has spent the past 15 years developing its Zero Trust Exchange platform to securely connect users and workloads to their applications and services, creating session-based encrypted tunnels that can run on top of any network. This approach has made the use of client VPNs redundant, and is perfect for home workers, smaller café style branch offices, or co-working spaces where non-user devices are the concern of the building owner. Larger branch offices are more likely to be owned or leased by the organization, with a mix of in-house IT resources, as well as reliance on services at other offices, or HQ. They’re also more likely to have devices unable to run the necessary client connector, like servers, printers, and IoT/OT devices. To meet the needs of branch connectivity without relying on VPNs, Zscaler has developed the Branch Connector, a forwarder for all traffic emanating from, or bound for, branch sites, which eliminates VPNs and provides secure access via the Zscaler Zero Trust Exchange for users, servers, and devices within branch sites. Benefits Zero Trust Branch Connectivity delivers three key benefits: By eliminating VPNs, the risk of attack surface discovery/exploit and lateral threat movement is removed. A direct-to-cloud architecture removes the need to maintain complex legacy routable networks and reduces infrastructure, helping to reduce costs. A low barrier for new branch sites, M&A, and B2B. It’s now easier to seamlessly integrate collaborating workforces, reducing time to productivity for organizations bringing people and business applications together. Deploying Zero Trust Branch Connectivity The Branch Connector is deployed on-premises as either a lightweight virtual machine or – later in 2023 – a plug-and-play appliance. Its role is to manage all traffic forwarding for the branch location, using any router to relay traffic over the internet to the Zero Trust Exchange. The Branch Connector is managed out-of-band and all security policies are managed from the Zscaler portal. This makes it easy for security and IT admins to not only have the visibility they need into what’s running in the branch, but also ensure that appropriate policies are consistently applied to all users, servers, and devices at branch locations. Interested in seeing whether Zscaler Zero Trust Branch Connectivity can replace your site-to-site VPN infrastructure? Click here to learn more in the data sheet, and reach out to your Zscaler representative to ask for a demo. Tue, 13 Jun 2023 21:30:01 -0700 Simon Tompson https://www.zscaler.com/blogs/company-news/it-s-time-reimagine-branch-connectivity https://www.zscaler.com/blogs/company-news/join-us-aws-re-inforce The next AWS re: Inforce 2023 is just around the corner, taking place June 13-14 at the Anaheim Convention Center in California. For the second consecutive year, Zscaler will sponsor this two-day security conference, where cloud security leaders and practitioners will network and learn about the latest cloud security innovations from AWS and its partners. Zscaler plans to unveil several innovations at AWS re:Inforce that will help you foster secure digital transformation and achieve cloud security. We invite you to visit our booth #776 at AWS re: Inforce to learn how Zscaler innovations can help your organization be more agile, innovative, and secure in AWS environments while maintaining compliance and optimizing ROI. Additionally, you can: Discuss your AWS security roadmap with Zscaler security experts. Work with our experts to discover how Zscaler can solve your security challenges with a comprehensive platform approach. The Zscaler team is offering mini speakers and some exciting swag just for meeting with the on-ground team during the event and booking a personalized on-site Zscaler Posture Control demo. Experience Posture Control Freemium version Secure up to 250 AWS Workloads with Zscaler Posture Control for Free with the industry’s most comprehensive CNAPP - Posture Control, free of charge as we announce the launch of the Zscaler Posture Control Freemium version. Explore the Zscaler Posture Control platform With our free, no-obligation Cloud Security Risk Assessment, you can kick-start your cloud security program. Experience the power of Posture Control, simply connect cloud accounts to Posture Control for immediate onboarding and complete monitoring. Take advantage of exclusive offers AWS customers can also visit AWS Marketplace and check out Zscaler Posture Control procurement information, offerings, and exclusive offers. Discuss and finalize exclusive offers and deals on Posture Control. Learn about Posture Control Dive into Posture Control—learn about its functionality and modules, and discover how it gives you 360-degree visibility to protect all your cloud resources. Register for the Posture Control self-guided workshop We look forward to seeing you at AWS re: Inforce! To learn more about the conference and to register visit https://reinforce.awsevents.com/ Tue, 06 Jun 2023 08:00:01 -0700 Mahesh Nawale https://www.zscaler.com/blogs/company-news/join-us-aws-re-inforce https://www.zscaler.com/blogs/company-news/zenith-live-showcases-how-businesses-can-move-forward What drives innovation in organizations? When people ask me this question, my answer is always the same: business strategy. It's simple - to deliver innovation at scale, organizations must develop a strategic vision of what they are trying to achieve, with a clear understanding of how technology can support their goals. And by modelling secure infrastructures for highly mobile and decentralized organizations, Zscaler can underpin these transformation initiatives. If organizations embrace the ideal scenario of an innovation cadence, they can completely reimagine the way they build their companies. Innovative organizations have already started thinking 10 years ahead with their technology life cycles and many predict the end of buying infrastructure or even owning warehouses; replaced by a renting service model in a warehouse that builds, packages, and ships products to customers. The foundation of this bold vision is to utilize dynamic solutions as a service. Computation knowledge and technology infrastructure are no longer just a technology function but an output of a business logic flow. The flexibility of a service approach allows organizations to move their business forward into the future much faster and dynamically, freeing them from the administrative burden of owning technology. Thinking out of the box Making such a bold move may seem challenging, and most organizations will push back, claiming it's not feasible or too burdensome. This is like the response we receive when introducing the concept of Zero Trust security to decision-makers. Organizations often don't know where to start in making the shift to a new security paradigm that is relevant for the age of the cloud. They have too many systems, complexities in their infrastructure, and get lost in detail that appears to be relevant to for a cloud-first transformation journey for a highly decentralized workforce. An easy tabletop exercise helps organizations get started on their Zero Trust journey (as well as their innovation vision). For Zscaler, Zero Trust is not just a technology upgrade to another box; it is a continuous evolution towards more agility, simplicity of infrastructures, and greater resilience. It all begins with gaining insight into the roles and responsibilities of employees as the foundation for access privileges to required apps and services. My recommendation to business functions today is to review their business continuity plan and ask themselves what they would do if they had to rebuild everything from scratch. This exercise helps them identify their core assets easily. In the next step, decision-makers need to determine who needs access to those core assets. This establishes a logical flow that can be used to implement Zero Trust. Although few organizations voluntarily take this strategic step, many enterprises are forced into running a tabletop exercise when they experience a ransomware attack. They then have to follow a similar routine of gradually granting access to apps in order of business priority to re-establish access permissions to their core systems. All organizations can innovate, but often take the easy route and innovate with what they already know. The IT team is usually tasked with maintaining the technology stack and leading the process. However, organizations fare better when they innovate as a unit, considering the requirements of all business units and pursuing a multithreaded path. Innovation requires coordinated efforts to bring all stakeholders to the round table. When all forces are combined, a new strategic direction for the business logic can be mutually decided. If the future involves procuring many services, it is essential to ensure that those services are interconnected to establish the logic layer. This understanding serves as the starting point for organizations' innovation initiatives: the ability to build a logical business flow that is consistently available whenever required. This brings us to the Zero Trust debate. Security must be an integral part of the innovation exercise. As technology evolves and becomes a result of the business strategy, securing that strategy becomes equally important in the journey. To protect a service-oriented business model effectively, it should be implemented from scratch to avoid creating an attack surface for the hostile outside world. Companies that excel in initiating the innovation process toward Zero Trust have realized the necessity of disconnecting from existing infrastructure in order to innovate and transition to Security as a Service. The pandemic and current macroeconomic conditions have clearly demonstrated the innovative potential of organizations. At Zenith Live 23 in Las Vegas and Berlin, we are bringing together innovative brands that have successfully harnessed their innovative forces to transform their organizations. This event enables peers to learn from each other's best practices. At Zscaler, we will also be discussing the future of security innovation. Our services portfolio already encompasses a significant amount of innovative power, and we are excited to unveil our AI innovations that are driving transformation for our customers. Tue, 30 May 2023 13:01:21 -0700 Nathan Howe https://www.zscaler.com/blogs/company-news/zenith-live-showcases-how-businesses-can-move-forward https://www.zscaler.com/blogs/company-news/reinforce-your-security-strategy-zscaler-aws-re-inforce-2023 For the second year, Zscaler will be at AWS re:Inforce – AWS’s primary conference focused on cybersecurity. This year, the conference will be located in sunny Anaheim, California and will run from June 13 - 14. If you plan to attend, make sure you swing by booth #766 to speak with our product experts and learn how Zscaler is best positioned to properly secure your AWS cloud environment and workloads. We’ll be providing live demos of Zscaler Workload Communications and Posture Control (CNAPP) and giving out some great swag for you to take home. We’ve also partnered with AWS, Deloitte, and Crowdstrike to host an exciting invite-only networking event at Disney California Adventure Park! You’ll be able to enjoy top-notch cocktails and gourmet bites while taking in the amazing sights and sounds of the park. Reach out to your Zscaler account team for an exclusive invitation! Additional Information Before the conference, if you want to test out Workload Communications, we have a free self-guided lab you try out in a live AWS environment. We also provide a complimentary security assessment of your AWS environment which you can sign up for here. To learn more about the conference and to register, visit https://reinforce.awsevents.com/ We hope to see you there! Mon, 22 May 2023 08:00:01 -0700 Franklin Nguyen https://www.zscaler.com/blogs/company-news/reinforce-your-security-strategy-zscaler-aws-re-inforce-2023 https://www.zscaler.com/blogs/company-news/zscaler-microsoft-build Conference Overview Microsoft Build is an annual developer conference (hybrid format event with on-the-ground and digital presence) that provides excellent insight into various Microsoft cutting-edge technologies. This event is designed to help developers, students, engineers, and technology professionals to learn more about Microsoft products, associated technologies, and Microsoft partner ecosystems. Taking place at the Seattle Convention Center, Washington, the Microsoft build event is scheduled for May 23rd and will end on May 25th. Pre-day workshops will begin on the 22nd. Zscaler at Microsoft Build 2023 We are proud to sponsor the Microsoft Build conference. Our theme for the Microsoft Build event this year is ‘Build, Deploy and Run Secure apps with Zscaler Posture Control’ We plan to showcase several new innovations at the Microsoft Build event. Technology Showcase We invite you to our booth #321 (third floor) and interact with leaders and experts to learn how we help to manage cyber-risks in the ever-increasing threat landscape with a platform approach. We offer exciting swag just for meeting with the on-ground team during the event and booking a personalized on-site Zscaler Posture Control demo. You may also explore Microsoft Build online. Breakout and Demo session: You can watch the Zscaler Posture Control breakout session plus demos or talk to our experts onsite Breakout session Level-Up Your Cloud-native Security - In this session, Matt Barrett and David Glading from Zscaler will explain how CNAPP with advanced risk correlation can help security teams effortlessly identify and fix critical incidents. Posture Control demos Shift-left with Posture Control: Learn about Zscaler Posture Controls' integrated approach to embed security across the development lifecycle Prioritize risk with Posture Control: Learn how to eliminate noise, uncover, and prioritize hidden risks and accelerate remediation with Posture Control Not attending Microsoft Build this year? Explore Posture Control to see how it gives you 360-degree visibility and control to protect all your cloud resources. You can also start your Free security assessment here. If you haven’t yet registered for the event you can register here. We look forward to seeing you at Microsoft Build. Fri, 19 May 2023 07:07:02 -0700 Mahesh Nawale https://www.zscaler.com/blogs/company-news/zscaler-microsoft-build https://www.zscaler.com/blogs/company-news/the-c-level-must-anticipate-change The decade of the 20s will go down in history as the age in which organizations learned to position themselves as adaptable. Right at the beginning of the current decade, companies were confronted with unique IT challenges, where rapid response and adaptation to remote work set the course for business success. One hit followed the next, because after the pandemic, the phase of economic uncertainty ensured that the call for agility was once again loud, and the topic of resilience became a trendsetter. But how can companies better adapt to constant change? Nothing is as constant as change Every age is accompanied by new, special demands for the decision-makers who steer the fortunes of companies. However, business success has never been so closely linked to the IT department as it has been in recent years. Since users, applications, and devices are located in distributed environments, and mobility is a high priority for employees, secure connectivity to on-premises and cloud-based work environments is more important than ever. Seamless and secure connectivity to information is the silver bullet. But there is a long way to go before organizations adapt their traditional infrastructures to this change. After all, lifting and shifting applications from the data center to the cloud is far from achieving desired flexibility. The topic of the cloud is now on the agenda of the management team and accepted as a fact in order to make a company more agile. However, there is still a need for clarification that moving applications to the cloud is far from enough. For holistic digitization, a wide variety of forces must be bundled to ultimately benefit from the required agility and flexibility of the cloud. Today's demand is to achieve more with less IT effort. Because one thing is clear: digitization, automation, and artificial intelligence are not creating fewer data streams, but rather ever-larger data lakes that need to be organized, used, and secured. So how can the requirements for IT complexity reduction be reconciled with greater resilience to external influences while reducing costs? Change requires courage and investment in new things Any change requires the willingness to separate from traditional procedures and processes and break new ground. In difficult economic times, efficiency is imperative. However, in order to achieve higher performance at lower costs, the perspective must be changed. Implementing a change based on existing IT infrastructures will often fail due to entrenched processes and thought patterns. Full integration cannot be achieved from the cloud if traditional network infrastructures are retained for the data streams to cloud environments. Transformation means breaking completely new ground to replace the existing infrastructure. To transform organizations holistically, application, network, and security transformation must go hand in hand while bringing the workforce on board. Decades of network operations cannot be deleted overnight from the minds of your technical teams. This means that a change to a digitized company must not only be considered technologically, but it also requires change management at the personnel level. “Reskilling” is the motto required to implement the topics that will be driven in the cloud in the future with the available resources. Roles and responsibilities are changing with the advent of new technologies. Zenith Live offers an exchange of experiences Zscaler customers have already embraced the change. While customers are at different levels of maturity of digitalization, they have all taken their first steps and repositioned their organizations by adopting the Zscaler Zero Trust Exchange. Each individual customer has their own best practice story to tell about how the technology change has succeeded, and many of our customers are using Zenith Live 2023 as a platform to share their transformation journey with other organizations. If you are looking for guidance on how zero trust runs as a common thread through the reorganization of IT infrastructures, you will receive first-hand information at Zenith Live. Impulses for the introduction of zero trust for users, workloads, or IoT and OT environments are on a packed agenda in Berlin from June 27 – 29, 2023. Register here. Wed, 17 May 2023 12:35:39 -0700 Ismail Elmas https://www.zscaler.com/blogs/company-news/the-c-level-must-anticipate-change https://www.zscaler.com/blogs/company-news/expert-labs-and-free-certification-zenith-live-23 Zenith Live ’23 is an unbeatable opportunity to sharpen your professional skills, build your expertise, and accelerate your career with focused in-person technical training and certification sessions. Best of all, this year, all half-day sessions and certifications are completely free with registration! Take a look at our full lineup: Free Half-Day Sessions Data Protection Workshop Develop the hands-on skills and knowledge you need to operate Zscaler solutions to protect sensitive and distributed data. SSE for Workloads in Zero Trust Environments Get hands-on experience deploying workloads to the cloud and locking them down to operate securely through the Zscaler Zero Trust Exchange. Zero Trust Architecture Certification Training Understand the need to transform to a true zero trust architecture, and discover the seven elements of an effective zero trust architecture. Prepare for the Zero Trust Certified Architect (ZTCA) exam. Zscaler Cybersecurity Services Certification Learn how Zscaler provides state of the art security to stop threats and reduce business risk for today’s hybrid workforce with a proactive, intelligent, and radically simple security architecture. Paid Full-Day Training Ready to take it to the next level? Check out our only full-day training to learn the ins and outs of our zero trust platform. SSE for Users Workshop In this instructor-led lab, learn how to deploy and configure ZIA, ZPA, ZDX, and Zscaler Client Connector (ZCC). Seats are filling up fast—save yours now Register today for these can't-miss certifications, labs, and training sessions at Zenith Live ’23! Zenith Live ’23 | Las Vegas, Nevada Register now Zenith Live ’23 | Berlin, Germany Register now Tue, 16 May 2023 10:18:11 -0700 Ben Powell https://www.zscaler.com/blogs/company-news/expert-labs-and-free-certification-zenith-live-23 https://www.zscaler.com/blogs/company-news/zscaler-and-leidos-collaborate-5g-applications We are excited to announce today that Zscaler and Leidos will prototype and evaluate 5G-enabled solutions for government agencies, defense organizations, and critical national infrastructure within Zscaler’s 5G Innovation Center. Through this effort, Leidos will be able to build solutions and demonstrate them to customers in a safe, secure, 5G-enabled environment utilizing Zscaler’s zero trust expertise. Testing these capabilities can accelerate the adoption of 5G solutions for Federal agencies and the Department of Defense, including secure operations at the tactical edge. 5G is a mobile wireless connectivity solution that enables lightning-fast, high-bandwidth, and low-latency connectivity. The technology will deliver new levels of performance for mobile applications and continuous connection capabilities for Internet of Things (IoT) devices. When combined with mobile edge compute (MEC), 5G can make new applications possible for the Federal government – autonomous vehicles, smart bases, predictive fleet maintenance, enhanced command and control capabilities for forward-deployed operations, and more. While 5G represents an opportunity to deliver significant new capabilities, the technology also expands the cyber attack surface – more data, many more devices, and operating systems – and as a result, introduces new security risks. Zscaler applies a proven zero trust architecture for comprehensive cybersecurity. The Zero Trust Exchange provides end-to-end security from device, to edge, to cloud. Filtering all user, sensor, and machine traffic using a cloud-native infrastructure that enables dispersed deployment as close as possible to the end user or the machine. The Zscaler 5G Innovation Center, located in San Jose, CA in the heart of Silicon Valley provides a secure location to collaborate, develop, and test 5G use cases and solutions in both government and commercial environments. Leidos is conducting 5G research and development which includes enterprise system and application integration as well as machine learning for threat detection and vulnerability mitigation. “Leidos is a leading systems integrator in science, technology, and engineering. This collaboration brings together two industry leaders with a shared commitment to securely develop and deploy mission critical 5G solutions in a secure environment for our customers. The center will help to accelerate innovations to help our joint customers stay ahead of emerging cyber threats.” said Peter Amirkhan, senior vice president, Public Sector, at Zscaler. “Zero Trust cybersecurity offers the capability for organizations to operate safely over diverse communications networks that cannot be verified as secure. Zscaler’s cloud and edge solutions combined with Leidos’ Zero Trust capabilities, can enable our customers to use 5G transformational technologies,” said Padraig Moloney, External Technology CTO at Leidos. Zscaler shared the news at the company’s inaugural Public Sector Summit, during a session titled “The Future of Public Sector Secured,” featuring Mr. Moloney. The session explored the evolution of the technology landscape and future of next generation technologies and innovations to help keep the nation secure. Learn More Security Leaps Forward for Open Radio Access and 5G 5G and the Power of the Edge 5G and Zero Trust: An Introduction for CXOs Additional Resources Zscaler for Federal Government Zscaler Security Research Zscaler Security as a Service Award-winning Web Security World’s First Next Generation Cloud Firewall Sandboxing and Behavioral Analysis Tue, 02 May 2023 06:28:46 -0700 Peter Amirkhan https://www.zscaler.com/blogs/company-news/zscaler-and-leidos-collaborate-5g-applications https://www.zscaler.com/blogs/company-news/what-s-new-zscaler-digital-experience-greater-insights-deeper-intelligence First, a quick recap Before we unpack what’s new with Zscaler Digital Experience (ZDX), let’s quickly review how we got here. Apps, data, and employees are distributed Did you know that organizations with 250+ employees typically use more than 100 SaaS apps? And with workloads migrating to the cloud, by 2024, most enterprises aspire to have $8 out of every $10 for IT hosting go toward the cloud. As apps and data disperse to the cloud, IT teams have added additional performance monitoring telemetry to their arsenal to gain visibility across all their assets on and off the cloud. In the meantime, the workplace as we know it has changed. Today’s hybrid workforce relies on home Wi-Fi networks and local ISPs to directly access SaaS and cloud-based services. More than 63% of employees prefer hybrid or remote work. Broad cloud adoption and hybrid workplaces have put pressure on network operations, service desk and security teams. They’ve seen a 35% increase in support ticket volumes and a rise of more than 30% in service cost per ticket. Point monitoring tools leave IT teams poorly prepared Device, network, and application monitoring tools leave blind spots between the user’s device and the app, and require IT operations and service desk teams to manually export and correlate data from each tool. This lack of end-to-end visibility into digital experience forces IT teams into firefighting problems after they have been reported, versus proactively finding and fixing them. Additionally, each of these tools send numerous alerts that are often not actionable and frequently misguide teams when uncovering the root cause. Zscaler Digital Experience (ZDX) unifies monitoring silos As part of the Zscaler Zero Trust Exchange, ZDX helps IT teams monitor digital experiences from the end user perspective to optimize performance and rapidly fix offending application, network, and device issues. By securely monitoring your business’s SaaS, public cloud, and data center-based applications right from within your end user devices, Zscaler is able to present user experience insights across your organization, along with an end-to-end view on performance and availability across the entire application delivery chain. Armed with these insights: Network Operations teams can review digital experience health, detect bottlenecks across all their enterprise applications in real time, and rapidly resolve service degradation before users complain. Service desk teams have readily available root cause analysis for every user complaint, helping them quickly triage and efficiently resolve problems, and get employees back to work faster. Unveiling new capabilities for Zscaler Digital Experience As a product of continued efforts to empower network operations and service desk teams to deliver flawless digital experiences and support workforce productivity—especially within businesses where applications, data, and their users are widely distributed—we are delighted to announce the Industry’s Most Intelligent Digital Experience Monitoring solution that enables IT teams to amplify the impact of doing business anywhere. Let’s unpack the details. Maximize digital dexterity a.k.a usage with global insights Businesses thrive when employees fully and willingly use digital tools and data to collaborate and get work done efficiently. ZDX now gives you more insights to help ensure optimize performance of digital services and everything they rely on. 1. Monitor the quality of Webex meetings: Presently, you can use ZDX to monitor the quality of MS Teams and Zoom meetings to instantly isolate root causes of poor experiences, and thus ensure uninterrupted and productive meetings. With this release, we have extended these capabilities to Webex! 2. Get quarterly insights for productivity reviews: While insights that help us keep the lights on day-to-day are incredibly valuable, IT teams need to be able to review their impact periodically to celebrate successes and seek opportunities for optimization. With quarterly business review (QBR) reports, you can do just that, on a monthly or quarterly basis, and share your teams’ impact with all stakeholders. Achieve faster IT resolutions using AI Digital-first businesses, complex environments, and remote workers’ devices, when monitored for performance, generate vast amounts of data. With AI, this can produce valuable insights. 1. Automate root cause analysis: ZDX uses machine learning to accurately expose root cause by garnering information from past experiences, ensuring that IT addresses the core issues causing poor user experience, instead of just remedying the symptoms. 2. Perform AI-powered analysis: IT teams can also review what factors changed, between when user experience was optimal and when it was degraded, or a fixed point in time. 3. Automate alerts using built-in intelligence: With the multiple factors that can impact user experience, it is close to impossible to create alerts and set meaningful thresholds for every scenario. ZDX has greatly simplified alert configuration. By observing what “normal” looks like for specific users, regions, applications, devices, or networks, ZDX is automatically able to identify when anomalies occur and triggers precise alerts. No longer do admins need to routinely configure and maintain alerts. Effortlessly scale global enterprises A growing business is a healthy business. And they need to scale quickly. IT can help by quickly onboarding employees and ensure that they have great user experiences no matter their location, device, or the applications they rely on to be productive. IT environments are complex. With this release, we introduce capabilities that help implement digital experience monitoring practices more broadly. 1. Get endpoint performance insights: Desktop support teams often struggle with resolving device issues for remote workers and employees in other regions. This release adds a range of key metrics including device health, active processes for ChromeOS and Android (Windows and MacOS are already supported), and Windows OS metrics drawn from Microsoft Intune that are critical to troubleshooting device issues. Device health metrics CPU, memory, battery, disk I/O and usage, network I/O and bandwidth, Wi-Fi Process metrics Top processes and utilization across CPU, memory, disk I/O, network I/O Windows OS metrics Focus time, boot up time, crash reports, software events 2. Capture packets remotely: With 80% of performance issues in hybrid workplaces being largely caused by network problems, this gives IT teams critical information to isolate and fix these issues. 3. Monitor private apps without causing denial of service: For applications protected by Zscaler Private Access (ZPA), this release introduces web caching within the app connector thereby reducing the load on applications without impacting monitoring fidelity. 4. Get end-to-end visibility when using third-party proxies: Adopting zero trust is a journey, one where firewalls, VPNs, and Zscaler ZIA/ZPA co-exist. Now, ZDX can provide you with end-to-end cloud path performance insights across these complex network architectures and help you expose root causes for latency with confidence. See how you can use ZDX With these new capabilities, ZDX presents an even more powerful digital experience monitoring solution that can help IT teams positively impact employee experience, morale, and productivity, and as a result, business performance. To learn more about these innovations, watch our webinar, and read our technical deep dive, or request a demo! Tue, 09 May 2023 04:00:02 -0700 Krishnan Badrinarayanan https://www.zscaler.com/blogs/company-news/what-s-new-zscaler-digital-experience-greater-insights-deeper-intelligence https://www.zscaler.com/blogs/company-news/top-5-reasons-attend-zenith-live-23 Join us at Zenith Live ’23 to experience the latest zero trust security innovations, hear firsthand from industry thought leaders, and take part in exclusive technical sessions. Register by May 31 to save $50 on your Full Conference Pass! Let’s count down the top 5 reasons to attend: Reason #5 Learn best practices for the latest cloud security and connectivity tools, tactics, and playbooks. Elevate your skills and knowledge to keep your organization secure and productive. Reason #4 Connect with peers, innovators, and leaders sharing real-world zero trust use cases and approaches. Plus, learn all about Zenith Community, a collaborative knowledge base for Zscaler users. Reason #3 Discover effective, concrete strategies to increase economic value, optimize technology costs, enhance user productivity, and improve your security posture—directly from real Zscaler customers. Reason #2 Take technical deep dives in expert-led training, hands-on labs and demos, and 60+ focused breakout sessions built for security, networking, and IT practitioners and leaders. Reason #1 Get certified on-site at no cost, including the new exclusive Zscaler for Users - Essentials credential. Spots are limited, so get a jump on your development before they run out: reserve your seat! With free certification training and more best practices, practical insights, and technical sessions than ever before, Zenith Live ’23 is set to be the best yet. See you there! Las Vegas, Nevada | June 13-15 Register now Berlin, Germany | June 27-29 Register now Mon, 08 May 2023 08:00:02 -0700 Ben Powell https://www.zscaler.com/blogs/company-news/top-5-reasons-attend-zenith-live-23 https://www.zscaler.com/blogs/company-news/one-true-zero-live-london-wrap Another One True Zero Live in EMEA is now complete, marking our tenth and arguably biggest and most successful event year to date. It was a pleasure to welcome our community again in person, following three years of virtual events. Feeling the engagement, enthusiasm, and support on behalf of attendees, customers, partners and speakers reminded us why events like this truly matter. Spanning an afternoon packed with real-world Zero Trust stories, keynotes, customer panels and demos, this event leaves the attendees refreshed and recharged with new knowledge and insights to move forward their transformation journeys. With that in mind, we wanted to share a quick summary of the London One True Zero Live highlights so you can catch up on anything you might have missed. Through the eyes of a customer: Setting the scene Zscaler GM and VP, Product Manager, Dhawal Sahrma and Yves Le Gerard, Former CIO, Engie kicked off the afternoon’s sessions with the opening keynote and welcome, delving into Zscaler’s vision of a world in which the exchange of information is always seamless and secure. The session gave us an introduction to Zero Trust and why the Zscaler Zero Trust Exchange offers a combined security and transformation solution for businesses that are adapting to current needs. As Dhawal rightly said, securing data from any location to any destination is more important than ever before for the modern enterprise, and Zscaler is proud to support its customers on their transformation journey to remove the guesswork and find the bespoke solution that best suits them. Security for Users Following the opening keynote, participants received a deep dive into how hybrid work is changing the way we need to secure our users. Highlighting that today’s businesses are at an important inflection point with regards to their security approach, the idea was discussed that chaos is an opportunity for attackers that needs to be addressed. Participants learnt that Zscaler’s Zero Trust Exchange can lead businesses through the paradigm shift needed to protect against increasing cyber threats and enhance the user experience. Security for Workloads As more apps move to the cloud, securing them and protecting their data is a necessity as well. The next session focussed on security for workloads and unveiled best practices and new technologies such as CNAPP that can be used to protect cloud apps and ensure regulatory compliance. An interactive fireside chat and deep-dive shed light on a scenario how organisations can set themselves up for success. Businesses should start thinking about security as early as possible in their transformation journey. Insights from the customer The afternoon continued with a customer panel in which Zscaler was joined by Jaguar Land Rover, Compass Group, the BBC, and Halion to discuss their transformation journeys and how they have built resilience and agility over time. Discussing how Zscaler’s Zero Trust architecture has helped to transform their companies, the panel touched on the various key benefits that have been most valuable. From technology simplification and successful modernisation, to improved user experience and enhanced security. Identifying Zscaler’s ability to house multiple vendors and solutions under one platform as a truly transformative aspect, the group discussed how it has given them the flexibility and adaptability needed to respond to changing business needs at speed. Understanding assets and setting parameters was also a key talking point as the panel turned their thoughts to the power of a smooth transition process and the role that planning plays in unlocking the full potential of Zero Trust. The panel agreed on the benefits of Zscaler’s open API architecture, which enables it to work alongside all major security and cloud providers, allowing users to continue with alternative providers. Rather than requiring everything to exist under one roof, the group outlined how Zscaler aligns with existing ecosystems to give them access to all the tools they need without limitations. Future-proof security for IoT and OT The day closed with a deep dive exploring Industry 4.0 and how a Zero Trust approach can solve the problems that legacy networks and security can’t. Zero Trust-based security can be used to boost uptime and productivity, increase safety, and ensure a seamless and reliable experience as demonstrated by a real-world example from a global engineering brand. More best practices to learn from at Zenith Live 2023 The One True Zero roadshow tour stop in London highlighted the collaborative power behind our community of technology evangelists and leaders coming together to sustain the digital transformation momentum. The next opportunity to learn from the peers is already around the corner with Zenith Live EMEA, which combines security and transformation best practices from the 27th – 29th of June in Berlin. Early bird registration is now open! Wed, 05 Apr 2023 08:49:51 -0700 Paul Hennin https://www.zscaler.com/blogs/company-news/one-true-zero-live-london-wrap https://www.zscaler.com/blogs/company-news/top-5-reasons-zscaler-partners-can-t-miss-zenith-live-23 Zenith Live is back, better than ever! As a Zscaler partner, you’ll find all the latest tools and strategies you need to stay competitive. Plus, you’ll have the opportunity to hear directly from new Zscaler Channel Chief Karl Soderlund on how we’re taking partnerships to the next level. Check out the top 5 reasons partners should attend Zenith Live ’23: Hear from visionary leaders, including Zscaler executives and guest CISOs, sharing innovations and use cases to help you accelerate your business, no matter the size of your team or the shape of our partnership. Attend our Partner Summit to learn how we're investing in your long-term growth in FY24, plus dive into the transformative power of partnership with Zscaler Channel Chief Karl Soderlund. Train with the experts in partner-specific workshops, hands-on labs, and certification sessions to elevate your Zscaler knowledge—check out AMS sessions here, and EMEA sessions here. Explore the Innovations Expo to meet other partners and sponsors in our global ecosystem, as well as discover powerful cross-sell opportunities and added-value solutions for your customers. Celebrate with Partner Awards, where our leaders and a special guest will recognize partners who have gone above and beyond in their partnership to become our Zero Trust Heroes. Register by April 30 to save $150 on Full Conference Passes with our Super Early Bird pricing. On top of that, we’re running a special partner-exclusive promotion: Enter code ZL23_EB to save an additional $100, for a total discount of $250 Zenith Live ’23 at the ARIA Resort & Casino | Las Vegas, Nevada (June 13-15, with Partner Summit on the 15th) Register now Zenith Live ’23 at the InterContinental Berlin | Berlin, Germany (June 27-29, with Partner Summit on the 28th) Register now See you at Zenith Live! Mon, 03 Apr 2023 08:00:01 -0700 Elorie Widmer https://www.zscaler.com/blogs/company-news/top-5-reasons-zscaler-partners-can-t-miss-zenith-live-23 https://www.zscaler.com/blogs/company-news/zscaler-named-leader-2023-gartner-magic-quadrant-security-service-edge-sse The 2023 Gartner Magic Quadrant for Security Service Edge (SSE) has just been published and Zscaler has once again been named as a Leader in this report. SSE is the modern approach to cybersecurity that integrates Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), and Cloud Access Security Broker (CASB) into a single platform. This is the 12th consecutive year Zscaler has been named a Leader in a Gartner Magic Quadrant*. When combined with Zscaler’s recognition as a Customers’ Choice for 2022 in the Gartner Peer Insights™ “Voice of the Customer” Report for SSE (based on 411 reviews as of May 31, 2022 which yielded a 4.6 out of 5-star rating) and the only vendor to be Customers’ Choice across all eight segments of the report, this recognition further validates how we continue to raise the bar for SSE-based Zero Trust architecture. Zscaler was named as a Customers’ Choice in the 2022 Gartner Peer Insights “Voice of the Customer” report for SSE - the only vendor to receive this recognition across all eight segments We believe that our placement in the Leaders Quadrant in this report reinforces our strength in SSE. The services that make up SSE form the foundation of the Zscaler Zero Trust Exchange™, where we pioneered the first cloud-native multi-tenant, proxy-based architecture which now processes over 300B transactions daily. With the introduction of Zscaler for Users - which combines secure access to the internet, SaaS applications, private applications and CASB for users and their devices - Zscaler has led the industry by building foundational security services that make up the SSE for Users category. The SSE category has undoubtedly become more critical with the rise in sophisticated cyberattacks and as organizations and employees transition towards hybrid or fully remote work models. Kudos to Gartner for helping to guide the market evolution from point products to a platform approach for SSE for Users. With a track record of driving innovation for new markets, Zscaler has already extended SSE beyond just users. Extending SSE Beyond Users Based on 15 years of cybersecurity innovation and feedback from thousands of CIOs and CISOs, our vision is to extend SSE capabilities beyond protecting users to also include securing these three additional critical areas: SSE for Workloads - Protects workload-to-internet traffic, provides Zero Trust workload-to-workload communications, and secures cloud workload posture (CNAPP) SSE for IoT/OT - Secures IoT/OT access to the internet, and provides Zero Trust connections to and from IoT/OT systems SSE for B2B - Provides customers and suppliers with fast, seamless Zero Trust access to apps By extending the SSE platform beyond users, Zscaler has provided organizations the ability to simplify their IT operations with a comprehensive, cloud-native SSE-based platform that can protect their entire organization. In keeping with Zscaler’s overarching vision - to create a world in which the exchange of information is always secure and seamless - we’ve continued our innovation path to advance our integrated and comprehensive SSE-based Zero Trust platform. Customers Have Voted with their Wallets We believe that a key measure of success stems from the value we deliver to our customers and the trust they have in us to support them as they progress on their digital transformation journeys. We’re proud of Zscaler’s recognition and advancements in the industry, which are validated by the following proof points: 40% of Fortune 500 companies rely on Zscaler technology to protect their operations A global reach that balances our business with approximately 50% of our revenue in North America and 50% internationally An NPS score of 80+, versus an average of 30 for SaaS organizations Since the close of the SSE MQ evaluation period, we have added 300+ cutting-edge SSE innovations Empowering organizations to implement an SSE-based Zero Trust platform is what fuels our commitment to innovation. We’ve already begun adding new capabilities to protect cloud workload communications, IoT/OT access and B2B access to the Zero Trust Exchange to stay ahead of customers’ escalating security requirements. To receive a complimentary copy of the 2023 Gartner Magic Quadrant Report for SSE and see why Zscaler was recognized, please click here. *Zscaler has been named a Leader for two consecutive years in the Gartner Magic Quadrant for SSE following 10 consecutive years in the Gartner Magic Quadrant for SWG. Gartner Disclaimer Gartner, Magic Quadrant for Security Service Edge, 10 April 2023, Charlie Winckless, et al. Gartner, Gartner Peer Insights ‘Voice of the Customer’: Security Service Edge, Peer Contributors, 3 August 2022. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, MAGIC QUADRANT and PEER INSIGHTS are registered trademarks of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved. Thu, 13 Apr 2023 08:31:01 -0700 Jay Chaudhry https://www.zscaler.com/blogs/company-news/zscaler-named-leader-2023-gartner-magic-quadrant-security-service-edge-sse https://www.zscaler.com/blogs/company-news/zscaler-nacd-partner-advance-boards-cyber-understanding The SEC’s intent to standardize cybersecurity reporting rules for public companies has caused business leaders to reevaluate their board communications. Board members are increasingly eager to better understand cyber risk threats to their organizations and best practices for mitigating them. Boards of directors act as fiduciaries on behalf of organizations and their shareholders, which includes the responsibility to inform and offer appropriate guidance on critical business matters. Cyber risk today falls squarely within this category. Unfortunately, there is a significant gap in cybersecurity domain knowledge. One study recently found that 90% of organizations lack even one board member with cyber expertise. This widespread need for further education is one reason I am excited to announce a new partnership between Zscaler and the National Association of Corporate Directors (NACD). Our collaboration will focus on helping board members build foundational cyber and zero trust knowledge, advance effective cybersecurity discussions between executives and boards, and promote a deeper understanding of overall cyber risk exposure. Cybersecurity risk demands increased vigilance Zscaler’s ThreatLabz team documented a 20% jump in encrypted attacks, which make up the majority of all cyberattacks, between 2021 and 2022. Hacks make headlines daily, and investors are watching. Now demand is growing for greater transparency regarding how companies mitigate this risk. The proposed SEC rule would enforce disclosure of governance methods, risk analysis, and management processes in SEC filings. Enterprise boards that were comfortable in the traditional areas of financial performance, strategy, business risk, talent, and governance are expected to expand their scope to areas such as environmental, social, and governance (ESG); diversity, equity, and inclusion (DEI); and cybersecurity risk oversight practices. This is on top of persistent macro issues like economic downturns, climate change, social unrest, and war. To guide their organization appropriately, boards now require high-level oversight on cyber risk management and threats. This represents a significant opportunity for both board members and growth-oriented IT and security leaders to step in and become trusted board advisors on such topics. Applying risk-cost-benefit analyses to cybersecurity Only a quarter of organizations today could accurately assess the financial impact of a cyber incident, a Deloitte poll recently found. This haziness about the possible consequences of a cyber incident undermines a core responsibility of boards: managing organizational risk. In cybersecurity, there is always a balancing act between absorbed, assumed, mitigated, and transferred risk. To better gauge risk exposure, board members should consider questions including: What is an appropriate level of risk exposure and tolerance? How can the board best work with executives to evaluate the cybersecurity investment balance between risk, controls, and related costs? How do I determine whether new cyber-related initiatives can provide a return on investment? Board governance of cyber risk Zscaler and the NACD have partnered to help boards build the knowledge required to lead their enterprises into the cloud-first future. Without the proper cybersecurity strategy and solutions in place, CISOs and their teams spend too much time on reactive security – plugging gaps in risk mitigation or minimizing the impact of cyber events – rather than developing strategic, comprehensive risk reduction regimes to address current and future threats. To improve outcomes, when in front of boards security leaders must stress: Cyber risk is business risk. No longer an IT-specific concern, the risk from disruptions and breaches threatens brands and their reputations, with major financial implications for organizations and their shareholders. Cybersecurity is a never-ending job. Especially given the current threat landscape, leadership must continually re-assess cyber risk. For many organizations, cyber risks are only re-assessed in case of a trigger incident (i.e., breach, disaster recovery, during M&A, a review of tech budgets). Your adversaries only need to succeed once. Cybercrime is ever-growing and ever-changing, at an unprecedented rate. Criminal groups are now well-funded. Nation-state actors (whether tacitly or explicitly government-supported) are growing in sophistication and capability, with many attacks tailored to target and harm a specific organization. These individuals only need to identify one small, exploitable weakness in an organization to gain access. Security should be proactive. CISOs and security teams must expand beyond continuous tactical defense mode to developing a whole-of-organization, strategic cyber risk solution to properly address root solutions to current and future threats. Everyone must step up. Security, privacy, risk, and compliance do not fall under specific roles in the organization; everyone must share responsibility for organization-wide reduced risk. The time to act is now Whether focused on strategy or governance, a board’s role is responsive to crisis levels. Managing cyber risk, on the other hand, requires a constant and proactive fine tuning of threat detection capabilities, risk exposure, and acceptable levels of risk. Attackers target corporations as much as they do governments, and the risks, along with the loss of a competitive edge, are too critical to leave unaddressed. Boards and CXOs must: Understand their cybersecurity strategy and how the organization’s data, users, and customers are protected in order to ensure the executive team is making decisions inline with the organization’s risk tolerance. Articulate cyber risk exposure based on data and the economic impact For boards to meet their fiduciary responsibility to their organizations, cyber risk should be a top-of-mind, continual conversation with their executive team. Zscaler believes in educating all business leaders on cybersecurity risks and taking steps to help their organizations become more secure. We are proud to partner with the NACD in advancing that aim. While we won’t be able to inject cybersecurity expertise into every board overnight, we can advance top-down cyber risk literacy through initiatives like NACD advocacy and the CXO REvolutionaries. What to read next: Navigating the New Cyber-Threat Landscape: Zero Trust Risk Measurement and Mitigation Best Practices Challenge everything, trust nothing: What boards should know about zero trust Digital architecture risk is a fiduciary responsibility of the board Cybersecurity, governance, and the implications of oversight: How your board of directors could be at risk Wed, 22 Mar 2023 10:10:47 -0700 Kavitha Mariappan https://www.zscaler.com/blogs/company-news/zscaler-nacd-partner-advance-boards-cyber-understanding https://www.zscaler.com/blogs/company-news/zscaler-experiences-no-impact-svb-closure As most of you have seen in the news, Silicon Valley Bank (SVB) was closed by regulators over concerns about its solvency. While this failure has affected SVB clients, many of whom are venture capitalists and tech companies, Zscaler has not experienced any negative impact to our business operations or ability to service our customers. To provide some added context, SVB was put into receivership with the Federal Deposit Insurance Corporation on Friday, one day after its stock declined precipitously and the bank experienced a run on deposits by its customers. In simple terms, this means that a large number of SVB depositors, fearing that the bank will be unable to repay their deposits in full and on time, simultaneously withdrew their funds. Those events were triggered by SVB’s report of a $1.8 billion loss from the sale of investments and plans to raise $2.25 billion in equity capital. Although SVB had been our banking partner in the past, our current banking partners are among the largest, most stable global banks, and our deposits at SVB currently represent less than 0.1% of our $1.9 billion of cash and investments. In fact, the vast majority of our $1.9 billion is not held in bank deposits at all, but rather in extremely safe and liquid investments like short-term US Treasuries or government money market funds. Fortunately for those impacted, the US government just announced it will step in to backstop SVB depositors, with depositors having full access to their cash as early as Monday. Sun, 12 Mar 2023 18:55:13 -0700 Jay Chaudhry https://www.zscaler.com/blogs/company-news/zscaler-experiences-no-impact-svb-closure https://www.zscaler.com/blogs/company-news/take-cloud-native-security-next-level Securing public cloud environments with tools like Cloud Native Application Protection Platforms (CNAPP) has become a top priority for InfoSec leaders. In fact, cloud security spending has increased (statistics show that the market is growing at a rate of 25.1% year over year, from $10.98 billion in 2021 to 13.73 billion in 2022¹), but unfortunately, so has the number of data breaches, with the 2021 Data Breach Investigations Report from Verizon finding that 90% of data breaches target the public cloud.² The whole point of this increased spend is to protect sensitive data in the cloud, so what’s wrong? One of the things I hear from customers several times per week is that they don’t know what sensitive data they have in the cloud and they certainly don’t know where that sensitive data resides. Unfortunately, the CNAPP solutions that they’ve invested in can’t help. While these solutions do a great job of characterizing the likelihood of an incident by correlating weaknesses and visualizing attack paths, they don’t understand the impact of the potential incident because they don’t know whether it would result in sensitive data being exposed to the attacker. In other words, most CNAPP solutions are unable to differentiate between a “critical” severity event with no sensitive data exposure versus a “high” severity event with millions of records of PII at risk. At Zscaler, our customers have repeatedly asked us to solve this problem, and that’s what is so exciting about today’s announcement. We are combining the capabilities of our comprehensive CNAPP solution, Zscaler Posture Control, with the time-tested data protection capabilities that are already trusted by thousands of organizations. Growing pains in the public cloud Cloud services like Amazon S3 Buckets, Azure Blob, and Google Storage have been widely adopted across enterprise cloud deployments and approximately 90% of enterprises³ use multiple clouds for data storage. However, data’s exponential growth poses a risk: the more data stored in the public cloud without proper controls, the easier it is for bad actors to steal them. As a result, the top challenges of securing sensitive data are now because of: CNAPP solutions that lack visibility into sensitive data: With data distributed across cloud applications and services, organizations are experiencing 10K data loss events annually.⁴ Without a deep integration of data exposure into the correlation and prioritization engine, enterprises are unable to really understand which risks are most important. Additionally, most solutions focus only on object storage, such as S3 and Azure Storage Blobs, but sensitive data, malware, secrets, and more can be found across the cloud, including in VM and container images. Too many alerts, not enough resources or context: Siloed security policies from point products yield thousands of isolated alerts, but approximately 30% of alerts go uninvestigated⁵ due to volume, context, and talent scarcity without helping the organization understand and prioritize true risk. Insecure configurations: Cloud service configurations are complex—especially in multicloud environments that lead to configuration errors or excessive permissions—and can result in high-profile exposures and compliance penalties. With these challenges in mind, here at Zscaler, we believe a new approach is needed. Introducing the industry’s most comprehensive CNAPP solution with integrated DLP and threat intel Zscaler Posture Control addresses these challenges so organizations can take advantage of the cloud without compromising on security or productivity. With the latest release, we are excited to share that we will be strengthening our Posture Control, Cloud Native Application Protection Platform (CNAPP) solution by natively integrating our best-in-class Data Loss Protection (DLP) solution and ThreatLabz threat intelligence which is powered by the world’s largest security cloud. Deep understanding of how incidents will occur and the resulting data exposure gives DevOps and security teams an unprecedented sense of where to focus their limited resources. The result? Increased security AND increased efficiency. Get the biggest return on your investments By bringing these capabilities together, security teams can get rid of siloed point products and more accurately correlate hidden risks caused by the combination of misconfigurations, threats, and vulnerabilities across the entire cloud stack. With this precision, you can eliminate alert fatigue and enable security teams to prioritize risks more effectively, allowing faster response time and greater security while being more resource- and cost-effective. In addition, embedding DLP and threat intelligence into Posture Control makes it easier for security and cross-functional teams to understand who is doing what with your sensitive data and implement tighter controls when and where needed. This tighter integration of components also allows for better cross-team cooperation across the entire application lifecycle. Key benefits: Resource and cost reduction with point product consolidation: A single, easy-to-deploy agentless solution that eliminates point products by unifying CSPM, CIEM, CWPP, and DLP, continuously securing every stage of the application lifecycle. More accurate risk identification, correlation, and prioritization: Integrated DLP and threat intelligence that identifies attack paths and detects ongoing attacks by automatically correlating seemingly low-risk signals when viewed individually but can be considered great risks when viewed holistically. Efficiency at scale: An integrated graph-based correlation and prioritization engine that expedites remediation and reduces alert fatigue by focusing on the risks that matter most. Native, end-to-end solution without silos: A solution that reduces security and DevOps silos with 360-degree in-depth visibility of risks across the entire multi-cloud footprint – including virtual machines (VMs), containers, and serverless workloads – from build to run. Summary Data breaches and sophisticated threats will continue to rise. As a result, organizations undergoing digital transformation or building new cloud apps must streamline security processes. Zscaler is committed to helping organizations address the digital transformation challenges they face in an ever-changing cloud native environment. Bringing CNAPP, DLP, and threat intelligence components together is part of that commitment. A unified, cloud native security solution like Zscaler Posture Control is designed to identify, prioritize, and remediate the most critical cloud security risks. For more information please watch the on-demand launch webinar or sign up for a free security risk assessment. 1: https://www.cnet.com/news/privacy/record-number-of-data-breaches-reported-in-2021-new-report-says/ https://www.statista.com/statistics/1266461/tam-cloud-security-spend-global/ 2: https://www.verizon.com/business/resources/reports/dbir/ 3: https://www.forbes.com/sites/forbestechcouncil/2022/01/03/dark-data-the-clouds-unknown-security-and-privacy-risk/?sh=2f655cc7375a 4: https://info.zscaler.com/resources-industry-reports-2022-threatlabz-state-of-data-loss-report 5: https://www.cnet.com/news/privacy/record-number-of-data-breaches-reported-in-2021-new-report-says/ Wed, 15 Mar 2023 04:00:01 -0700 Rich Campagna https://www.zscaler.com/blogs/company-news/take-cloud-native-security-next-level https://www.zscaler.com/blogs/company-news/one-true-zero-live-shows-way-holistic-transformation As this year’s One True Zero Live Roadshow travels across Europe, the community will once again come together to discuss the versatility of a zero trust-based IT infrastructure. As companies move to increasingly decentralized IT environments, they can no longer avoid modern security architectures if they want to safely exploit the full potential of their digitization and feel the many benefits of zero trust beyond strengthening security. More than 90 percent of IT decision makers who have migrated their applications to the cloud are already adopting or about to adopt a zero trust-based security strategy this year, according to Zscaler’s 2023 Global State of Zero Trust Transformation Survey. However, less than a quarter (22 percent) of respondents are entirely convinced that their company is exploiting the full potential of its cloud infrastructure. This difference showcases the value of thinking beyond the security aspect. The concept of zero trust, based on the NIST framework, offers many more possibilities for a holistic digitization process. A cloud-based security platform creates the basis for secure data streams between human, machine and application, whereby only authorized connections are explicitly permitted. The company thus makes itself invisible to attackers. On the agenda: education & exchange of experience Zero trust already ranks high on the agenda of IT decision makers, but there is still no unified understanding of its fundamental principles and versatile application scenarios. To address this, the One True Zero Live keynote will review the basics of the holistic concept and explain what to look for in order to mitigate risk through a comprehensive security strategy that should include workloads and OT environments in addition to users. The exchange of experiences is also a central focus of the event – to give those considering making the shift to secure digitization built on zero trust the opportunity to gain valuable insights from those who have already successfully done so. As transformation strategists, former Zscaler customers will accompany prospects on their journey to redesign their digital infrastructure. During the discussion, ideas are exchanged on how the zero trust concept can be extended to other areas – offering new insights to both, participants with deep existing knowledge and companies that are dealing with the concept for the first time. At different locations customers join the panel discussion on stage to share their journeys. For the technical deep dive sessions, the focus will be on how critical infrastructures and hybrid workloads can be efficiently secured with the help of zero trust. As the latest analysis by the ThreatLabz team in the State of Cloud (In)Security Report shows, 98 percent of the companies surveyed are at risk from misconfigurations in cloud environments or offer an unnecessarily large attack surface for intruders due to extensive access permissions. In addition, 68 percent of the companies surveyed have external users with administrator rights accessing cloud environments, which can lead to governance challenges and an increased risk of data exfiltration and infection. These figures show that companies need to be more aware of the responsibility for configuring and maintaining their own cloud environment securely and cannot shift the task of security to the service provider. Key take-aways for decision-makers One True Zero Live provides an invaluable forum for interested parties planning their first steps towards a zero trust strategy, as well as for users who are already on this path and are looking for further inspiration. Business leaders know that digital transformation isn't just about moving applications to the cloud. They have the foresight to recognize that the network and its security also need to be transformed so that the company can realize the full potential of digitization. For this reason, organizations dealing with the provision of new hybrid work environments and digitized production infrastructures are already evaluating a number of new technologies such as IoT/OT, 5G and even the Metaverse. A zero trust platform has the potential to map the associated requirements for the business and organizational infrastructure: Such an approach not only enables companies to adopt the hybrid working model demanded by employees, but also to transition into fully digitized organizations with increased agility and efficiency built on future-proof infrastructure. It also highlights the untapped potential of zero trust to secure a holistic transformation. Are you ready for a new experience? Reserve your seat at the One True Zero roadshow in London and Madrid! Wed, 08 Mar 2023 08:44:56 -0800 Kevin Schwarz https://www.zscaler.com/blogs/company-news/one-true-zero-live-shows-way-holistic-transformation https://www.zscaler.com/blogs/company-news/mobile-world-congress-will-show-how-deliver-5g-promise The hype around 5G has died off—at least that was the impression given by the reporting from the CES show earlier this year. One of the big complaints from the event was that 5G was not as present as it has been previously. This doesn’t necessarily come as a surprise – much of 5G’s supposed allure has been around speed, and that is pretty much in place now. Users are able to view their YouTube videos faster – and that’s what is most important to them. But, how far has the industry progressed with broader 5G use cases? Mobile World Congress 2023 should hold the answer. But it will also raise more talking points. These impressive next generation 5G use cases will not only rely on a fast network, but also on making their workloads available in places where they can be easily consumed by that fast network. This needs to be an edge and orchestration conversation. As such, I expect a lot of discussion at Mobile World Congress to focus on how we will get workloads to become more dynamic, easily and securely accessible, and delivered closer to the user. This is what the industry really needs to deliver on to unlock the 5G promise. The way ahead As an example; when a user accesses a cloud-hosted Enterprise Resource Planning System from their smartphone, the data path has to leave the 5G network to go to the internet before returning to the user. This is not an ideal situation because it adds latency and eats into the benefits of ultrafast connectivity. In fact, it is why the industry started talking about making workloads local more than two years ago. The same issue arises more in B2B settings. Take, for example, the current setup in a factory, where manufacturers have brought in more and more robots that need to interact with workloads. If those workloads are stored in the cloud, 5G doesn’t bring a benefit, as traffic streams still have to break out into the internet to connect to the cloud. Two steps have to be taken to bring the cloud closer to the user. The first is that you need ultrafast radio signals to make it happen. The good news is that we’re at a point where these are relatively obtainable, even for factory services. More than 30% of IT decision makers surveyed in the 2023 Global State of Zero Trust Transformation report stated that the implementation of 5G technologies for enhanced connectivity is one of their top priorities. Step two requires more transformative forces. Getting the workloads to a point where they are available locally requires a rethinking of architecture design. Organizations have already gone through one such evolution in which they had to transform from data center-driven companies to cloud-first enterprises, with distributed services hosted by various cloud providers like AWS or Google. Now they have to determine how they can set themselves up to deliver these workloads, or at least the parts of workloads with dynamic functions closer to those environments, where they need to be consumed. Rethinking application distribution For most organizations, the value of 5G now is that it offers faster connectivity than Wi-Fi. What many fail to realize, however, is that it doesn’t actually enable them to consume the destination application any faster. But that is changing. A lot of organizations have reached a point in their application development where they are beginning to rethink their distribution model. One of the main drivers for this is that their applications are becoming more and more consumer-facing–e.g., the use of virtual reality services. Consumers want to be able to access such apps as quickly as possible, forcing developers to consider how they can bring them closer to the edge. In this scenario, companies start partnering with telecom service providers for their content delivery models. In our three-dimensional world, the delivery models are no longer static, but dynamic, and the application layer needs to run closer to the end user. This is exactly the direction of the evolution we will see in the next 12 months. Consumer-driven applications in the 5G space will only take us so far. The real shift will take place when organizations start deploying private 5G for specific industry use cases. Securing new pathways As they try to support organizations in their delivery of these new application pathways, IT departments must consistently select the right tool for each task. When it comes to security, this means stepping away from using network appliances as gatekeepers for security tasks and instead following a new approach with Security Service Edge (SSE) that switches security directly between the user and the application or service. With applications that are outsourced to the edge, or with IIoT and OT, the next digital applications that need to be secured are almost here. For these, the cloud won’t be the only connective tissue for access; the internet and 5G will also be included. Beyond the traditional network, 5G already enables completely new application scenarios whose data transmission and access authorizations need to be secured. As companies realize the full potential of the cloud to secure users, applications, and devices, SSE can provide a forward-looking framework to help guide them in this journey. Workloads do need the ability to be run at the edge and get more dynamic – but they also need to be secured at the same time. And this is where the conversation turns to zero trust. It is crucial that companies gain security and control over all these data streams in network-independent infrastructures, but this is easier said than done. Security is still too heavily oriented toward well-rehearsed physical, and thus, literally tangible structures that cannot be reconciled with network-agnostic connectivity. This is where SSE comes in; helping extend security from the user to their application, or between applications and workloads, regardless of network. How to make it happen User demand aside, I would argue that economic conditions are going to drive this change forward. While the initial outlay to get 5G working may be a bit more expensive than traditional services, it will add a lot more long-term administration advantages. So 5G deployments, orchestration of applications, and security applications will need to go hand in hand with 5G modularization as a big part of any shift. Our current economic situation is going to challenge organizations of all shapes and sizes to find new ways of unlocking competitive advantage. Coupled with the fact that 5G-driven applications are intrinsically tied to another massive trend – automation – this is definitely a road worth exploring. To find out more about what it’s going to take to make 5G happen, visit us at Mobile World Congress at our ecosystem partners stand. Tue, 21 Feb 2023 07:28:21 -0800 Nathan Howe https://www.zscaler.com/blogs/company-news/mobile-world-congress-will-show-how-deliver-5g-promise https://www.zscaler.com/blogs/company-news/seller-buyer-rethinking-process As the year begins, I’m thinking about which sales approach for cloud or SECaaS offerings will be most successful in 2023. Considering the macroeconomic climate, I believe it is crucial for sales success to initiate a ‘rethink’ in the direction of the purchasing process. The classic sales process still focuses too much on the requirements of the selling company. It is much more important to put yourself in the buyer's shoes. If you look at the customer's purchasing process, you can offer the required support when a deal is approved. The business value assessment of a solution approach will play a much greater role in supporting the purchasing team in 2023. Thus, my appeal: we must all understand how to better convey the value-added contribution of a solution approach in the coming year. The following factors play a role. Technical functionality meets psychology At the beginning, the IT team starts with the technical validation of a solution. As a rule, the company has its own use cases in mind, on the basis of which the technical functionality of a potential new product or service is put through its paces. This is the biggest step in the transformation from hardware-based solutions to cloud services. It is important to understand the pain of the prospect caused by the management and troubleshooting of existing technologies, and to position the advantages of a cloud approach accordingly. The use cases usually show the way to a restructuring of applications, network, and security. However, if the use cases require the replacement of hardware by a service model, other factors can influence the decision. Fears and worries arise among IT employees, which should be treated separately from the actual functionality of a solution approach. For example, it is often the IT team that fears sawing off its own branch if a service model makes the management tasks of hardware obsolete. If these fears get out of hand, there is a risk that the advantages of superior functionality will fall behind. In addition to all the advantages of the actual functionality, holistic transformation should also be carried out on a psychological level at the same time in order to convince the decision-makers of the change. Often, by relieving administrative tasks in hardware management, the upcoming projects of the IT department can be reprioritized. So it's not about reducing manpower, but about redistributing resources to higher-level areas of responsibility in IT teams that are already overloaded. Since projects often have to be postponed due to the shortage of IT specialists, disclosing the opportunity costs can contribute to decision-making. Technology and cost-effectiveness in harmony In the decision-making process, however, and considering the current economic climate, the performance audit of a solution approach will be of greater importance. Even if the evaluated solution is technically convincing, other factors are essential to actually complete the purchasing process. The high prioritization of a transformation plays just as important a role as the business case. Because if something technically meets the requirements, but the cost-effectiveness is not convincing, an implementation can still fail. That's why many potential decision-makers want to understand whether it makes economic sense to use a solution. This is where a business value analysis helps. For this purpose, various decision criteria are used, which make it clear that non-technical benefits also play a major role. For example, productivity advantages can have a positive effect and, with the help of a new solution approach, also improve the user experience. Employees who are satisfied with the technical equipment of their workplace will be less likely to turn their backs on their company. Another scenario is the merging of IT landscapes in the process of a merger or acquisition. Here, a speed advantage in accessing required data ensures shortened time-to-value. In the decision-making process, however, most CIOs primarily have savings in the purchasing and maintenance area in mind, so it may be beneficial to show them the less obvious opportunity costs. For the IT manager, saving costs means first and foremost replacing existing technologies with more modern, cost-effective approaches. For the CIO, cost savings are expressed through the simplification of architecture and reduced administrative overhead. For example, by consolidating legacy systems through a platform approach that takes on a wide range of tasks in a highly integrated manner. Similarly, management time can be reduced through standardization. For example, if ransomware detection, data loss prevention, and package filtering are covered by a single platform instead of multiple products, this also ensures remote access for an increasingly mobile workforce and also helps troubleshoot performance issues based on defined policies. The need for greater safety efficiency Investment in cybersecurity has never been as high as it is today, which is not surprising given the negative headlines from compromised companies. The issue of security also affects the financial decision-maker, because in the event of a successful attack, a company may incur high costs for the restoration of IT systems or even ransom demands. It should therefore be in the interest of the financial decision-maker to be convinced by key figures on preventive security versus reactive security. However, increasing security pressures does not automatically mean that organizations are willing to modernize their security approaches without a thorough evaluation. However, it is the technical aspects that need to be translated into the language of CFOs and company management. This level is more in line with the background of a holistic IT transformation toward the digitization of business models. That's why they need to be convinced of how applications and services in the cloud go hand in hand with network and security transformation. It is important to communicate how ransomware, supply chain attacks and other sophisticated threats in IT landscapes cause security breaches. Companies need to be made aware of their new attack surfaces, which can arise from hybrid workplace models as well as workloads in the cloud, if vulnerabilities and security gaps are not detected in the implementation phase. All infrastructures that can be found on the internet are a potential security risk. Because of this threat, zero trust has made itself heard as a new security approach that helps to reduce the attack surface and also supports the transformation of infrastructures and working environments. Transformation starts with making benefits transparent A full transformation of the IT infrastructure and corporate structure must make its benefits known at all levels of the purchasing process. If it is possible to link the acquisition with existing cloud transformation projects, the added value can also be communicated to the financial decision maker. In many cases, the course has already been set for the transformation to the cloud, without the smooth and secure path to it having already been paved. Greater agility, a simplification of the infrastructure with reduced maintenance costs, and business growth are, in addition to the pure technology costs, a convincing argument to get future-oriented solutions also financed. The purchasing process should be geared to all these factors, as this is the only way to create the sound basis on which companies make their decisions today. Mon, 20 Feb 2023 08:31:29 -0800 Ismail Elmas https://www.zscaler.com/blogs/company-news/seller-buyer-rethinking-process https://www.zscaler.com/blogs/company-news/zscaler-announces-industry-first-cloud-resilience-capabilities The last decade has seen a massive shift in the way organizations—both big and small—have adopted cloud technologies to drive innovation and efficiency. Today, 94% of organizations use cloud services, including some mission-critical services such as user identity, security, and productivity. As the cloud security leader, Zscaler secures the traffic and data for more than 40% of Fortune 500 companies, making Zscaler a critical component of the technology stack. Organizations risk costly interruptions The benefits of cloud computing are profound, but they are not without concerns over the resilience of these mission-critical services as evidenced by the recent Interxion data center outages in London or the internet cable cuts in France. In fact, 80% of organizations have experienced some form of cloud outage in the last three years with losses to revenue, productivity, and reputation. These outages could be a result of a variety of different factors, ranging from power cuts and software issues to natural disasters or nation-state attacks. Regardless of what the cause may be, disrupting an organization's operations is unthinkable and calls for stronger cloud resilience to manage blackouts, brownouts, or catastrophic failures. Introducing Zscaler Resilience At Zscaler, we strive to delight our customers with innovations that make organizations more agile, efficient, and secure. We also understand how critical Zscaler is to our customers and make the reliability, availability, and serviceability (RAS) of our products a top priority for the company. Zscaler products have a long history of near-perfect uptime and are backed by industry-leading service level agreements (SLAs)—but we don’t want to stop there. Today, we are excited to announce the availability of Zscaler Resilience. Zscaler Resilience is a complete set of resilience capabilities that ensures uninterrupted business continuity for customers during blackouts, brownouts, and catastrophic events. It is built on the platform’s advanced architecture and enhanced by operational excellence to offer high availability and serviceability to customers at all times. Zscaler’s customer-controlled disaster recovery capabilities, in combination with a robust set of failover options, support customers’ business continuity planning efforts in all failure scenarios, making Zscaler’s security cloud the industry’s most resilient. Resilient by design Hardware systems that are designed from the ground up with over-provisioning of processing capacity and redundancy provide the foundation for high resilience. This, combined with our cloud-native, multi-tenant data center architecture and carrier-neutral connectivity, ensures that the Zscaler cloud stays resilient in the face of network or workload stresses. In addition to our resilient infrastructure, Zscaler has perfected a set of equally resilient operational processes through our experience operating our inline security cloud—the world’s largest—for over 12 years of service and counting. Agile software development, purpose-built deployment infrastructure, proactive cloud monitoring, and incident management round out a comprehensive set of operational processes to continuously innovate in the cloud. Ensuring resilience across all failure scenarios Not all failures originate in the cloud, however, and interconnections leading up to the cloud can sometimes deteriorate and degrade performance for customers. These failures can lead to other failures as simple as disk or data center outages to complete outages of the cloud in which end users have no access to applications. Fig 1: End-to-end resilience capabilities from Zscaler Many minor failures are typically invisible to the customers since Zscaler’s robust architecture and operations will autonomously handle them in the background offering uninterrupted continuity for customers. Zscaler’s resilient infrastructure can dynamically and automatically take several measures when a blackout or brownout is detected. When access to a certain data center is impacted, Zscaler mitigation efforts could be as straightforward as switching to an alternate carrier or data center provider to mitigate network issues or leaning on the over-provisioned capacity of the data center itself to support additional transient load. When using Zscaler Client Connector, automatic failover kicks in and switches traffic to the secondary gateway. An unintentional or unexpected drop in network service quality due to the brownout however can prove costly - both in terms of lost productivity and revenue, if not managed properly. When Zscaler CloudOps discovers that an upstream ISP gives suboptimal routing, we can reroute traffic through a secondary ISP while we work with the primary one to resolve the issue. In each of these cases, Zscaler’s digital monitoring solution, called Zscaler Digital Experience, has an important role to play. A drop in performance experienced by users is continuously monitored at each and every internet and network hop between the user and the application giving admins a precise idea about the problem. This then helps them intervene appropriately to select the optional routing for the traffic in a particular geo or region to ensure optimal performance for all users. Fig 2: Zscaler Digital Experience provides detailed views into network performance New industry-first capabilities enhance Zscaler Resilience Today, we are announcing three new capabilities that add to the already robust set of capabilities that are intrinsic to the Zscaler platform and make the Zscaler cloud the most resilient security cloud. Dynamic performance-based service edge selection Customers can now quickly recover from brownout scenarios that can cause performance degradation between users and applications by continuously probing the gateways for HTTP latency and autonomously establishing tunnels that choose the most optimal path for traffic. An end-to-end HTTP connection calculates the latency by continuously pinging both gateways and then making a determination. This powerful capability is now in beta and is expected to become widely available soon. Fig 3: Client Connector continuously monitors & automatically switches gateways for optimal performance Customer-controlled data center exclusion With this capability, customers have additional control to customize sub-clouds to temporarily exclude data centers that are experiencing connectivity issues and automatically regain services once it is resolved. When a customer experiences capability issues in a data center, such as a SaaS application peering issue in LAX (which could take hours to fix), that data center can be excluded from the subcloud in the admin portal. Zscaler Client Connector then fetches the new primary and secondary gateway and establishes a Z-tunnel to a new data center. Fig 4: Customers can manually exclude data centers to create custom sub clouds Disaster recovery (DR) With DR capabilities, customers can now continue to access critical internet, SaaS, and private apps even during black swan events that may lead to a cloud outage. When operating in DR mode, direct access to the internet can be restricted to only critical business apps with localized content filtering leveraging Client Connector. For private apps, customers can connect to Zscaler Private Service Edge residing in the customers’ local data center or in a public cloud, where the most updated security policies are still applied without disrupting the business Fig 5: Zscaler DR mode ensures easy switchover and uninterrupted continuity even during catastrophic failures Upon restoration of the Zscaler Cloud functionality, the product returns back to normal operation and takes full advantage of the Zscaler Zero Trust Exchange to enable the best of zero trust security and connectivity. The flexibility for the customer to determine what applications are accessed in the DR mode, combined with the ease with which the Zscaler platform switches between the DR mode and normal operations, gives the best security and user experience that is bar none in the industry. Getting started with Zscaler Resilience Cloud resilience is a topic we discuss with customers consistently, and we care about uninterrupted business continuity for all our customers. Zscaler’s complete list of resilience capabilities including one pair of Private Service Edges is included in Business (and above) Editions of Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler for Users products today, making it easy for most customers to get started now. Additionally, you can work with one of our Technical Account Managers and Customer Success managers to perform a Zscaler Resilience AuditTM of your infrastructure to identify areas for improvement and for closing gaps before unforeseen events can cause disruptions. You can read more about Zscaler Resilience on our website or in the solution brief. Wed, 01 Feb 2023 07:14:07 -0800 Harsha Nagaraju https://www.zscaler.com/blogs/company-news/zscaler-announces-industry-first-cloud-resilience-capabilities https://www.zscaler.com/blogs/company-news/join-us-inaugural-zscaler-public-sector-summit-washington-d-c To accelerate digital transformation and win on the cyber battlefield, public sector organizations at every level are harnessing the power of zero trust architecture. Yet there remains a great deal of misinformation about zero trust, even while the clock is ticking for security, network, and IT teams to move toward a trusted security model. I am excited to share that Zscaler is bringing together forward thinking public sector leaders and industry experts to separate zero trust fact from fiction. Registration is now open for the Zscaler Public Sector Summit taking place on Wednesday, March 8, 2023 at the Ronald Reagan Building in Washington D.C. This inaugural event will bring together like-minded IT professionals for a full day of networking and collaboration around the topics of cyber resilience, successful zero trust implementation and the latest trends and developments in zero trust architecture for government. The Zero Trust Imperative Federal agencies and the defense industrial base must achieve specific zero trust architecture goals outlined by the Federal Zero Trust Strategy, DoD Zero Trust Strategy, CISA Zero Trust Maturity Model, NIST Framework, CMMC 2.0, and more. How can IT leaders ensure they are moving in the right direction and at the right pace in light of these mandates? Attendees at the Public Sector Summit will learn best practices, hear customer success stories, and walk away with new insights into: Eliminating the attack surface Streamlining access to applications Meeting government cyber compliance mandates Delivering fast, secure, reliable application access without compromising user experience Distinguished Speakers The power of the public sector community is in the forward-thinking individuals across agencies who have dedicated their careers to transforming our nation securely. We’ve built a program for the day with a stellar lineup of speakers including: Chris DeRusha, Federal CISO and Deputy National Cyber Director, OMB. Panel on Best Practices in Zero Trust with Roger Gibson, COO at State of New Jersey, Gerald Caron, CIO at HHS OIG, and Dr. Aaron Drew, CE & CA of ESCMMP at VA OI&T. GSA panel with David Shive, CIO and Bo Berlas, CISO of GSA Featured panel on securing government through compliance will discuss FedRAMP, StateRAMP, IL5 and beyond with Leah McGrath, Executive Director at StateRAMP, Brian Conrad, Acting FedRAMP Director at GSA, and Sean Connelly, Sr. Cybersecurity Architect & TIC Program Manager at CISA. Industry experts from Zscaler including Jay Chaudhry, CEO, Chairman and Founder, Stephen Kovac, CCO and Head of Government Affairs, Hansang Bae, CTO of Public Sector, Deepen Desai, Global CISO & Head of Security Research and Operations, Danny Connelly, America’s CISO, and myself as SVP of Public Sector. We’re excited to welcome the public sector community in-person for a full day of learning from the most forward-thinking Government IT leaders. Join us to experience the future of public sector, secured. Register today for the 2023 Zscaler Public Sector Summit. Space is limited for this live event so we’ll be in touch to confirm your invitation. There is no charge for the event. Thu, 26 Jan 2023 09:20:14 -0800 Peter Amirkhan https://www.zscaler.com/blogs/company-news/join-us-inaugural-zscaler-public-sector-summit-washington-d-c https://www.zscaler.com/blogs/company-news/securing-world-possibility When I started Zscaler 15 years ago, it was founded on the vision to create a world where the exchange of information is completely seamless and secure. I set out to create an iconic company that would become a leader in its category. As part of this quest, sustainability and reducing the environmental impact has always been a part of the equation and a top consideration. I firmly believe that Zscaler is in a position to deliver immense value to society by not only protecting our customers' data and making access to the internet safer, but also by making the world a better place. I am inspired by the value we deliver every day when I meet with customers, partners, investors, and employees, which further reinforces our commitment to operate our business with honesty, integrity, and accountability. Whether it be a contribution of technology, time, funding, or expertise - we can each contribute to creating a sustainable future. I also believe that it’s within a leader’s charter to grow their business responsibly, ensuring the adherence to ethical practices and values. The importance of this commitment cannot be understated; today’s enterprises want to engage with vendors who share the same values as they do. As Zscaler continues to grow, we are committed to doing so while taking our ESG priorities into account. As a critical partner to over 6,700 global organizations, we understand first-hand that being a strong partner means holding fast to sound business practices that cultivate trust and confidence. In an effort to foster accountability and support a shared responsibility model, I’m pleased to announce that Zscaler has published its 2022 ESG Report, which details programs across the company’s global operations that impact the following areas: Environment: Efficiency has always been at the heart of our business; it’s one of the inherent benefits of the cloud-native Zscaler Zero Trust Exchange. Powered by 100% renewable energy, the Zero Trust Exchange eliminates the need for expensive and inefficient legacy architecture. In 2022, we achieved carbon neutrality for relevant greenhouse gas emissions categories, and we have set our ambitions to further reduce our impacts on the environment through a goal to reach net zero carbon emissions by 2025. Social: We are passionate about making the internet a safe place because digital security is the foundation for a more inclusive, connected, and empowered society. In parallel, our greatest asset is our people. We have grown our global team while maintaining a culture that has contributed to our success and our giving-back program supports community engagement efforts that are meaningful to our employees. Governance: We have built effective governance structures, management, and ethical business practices to create the foundation for trust and foster a culture of integrity, excellence, and innovation. Our customers rely on us to protect their business - a responsibility we take very seriously - and they need to know that we have the processes, certifications, frameworks, and accountability structures in place to deliver that level of security. Now available, Zscaler’s 2022 ESG Report provides a comprehensive update on the company’s environmental, social and governance initiatives. Click the image above to learn more. This inaugural report builds on Zscaler’s legacy of operating with strong business ethics and values, which have guided our company’s approach since the beginning. As we continue to make responsible decisions today for the betterment of our collective future, I’m excited to share this update with you. To stay up-to-date on our latest ESG initiatives, please visit our Corporate Responsibility page, and to access the full report, please click here. Tue, 20 Dec 2022 15:20:18 -0800 Jay Chaudhry https://www.zscaler.com/blogs/company-news/securing-world-possibility https://www.zscaler.com/blogs/company-news/fedramp-legislation-certify-once-use-many-times Last week the FedRAMP program achieved a significant milestone: Legislation authorizing the program into law was incorporated into the FY23 National Defense Authorization Act (NDAA). The bill is designed to promote reciprocal treatment of FedRAMP Authorizations to Operate (ATOs) for cloud service providers across agencies--enhancing the “certify once, use many times” principle that has been a foundation of the program since its inception. As a long-time proponent of the FedRAMP process, Zscaler is thrilled to see this outcome after almost six years of effort led by Rep. Gerry Connolly. Zscaler was an early adopter of the FedRAMP program and a strong believer in its value to improving overall federal cybersecurity. Our leadership in FedRAMP authorizations for securing government IT led to an invitation to testify to the U.S. Senate Homeland Security and Governmental Affairs Committee last November in support of the bill. In my testimony, I emphasized the importance of FedRAMP and how it enabled federal agencies to more quickly shift to cloud services and adapt to work from home during the COVID pandemic. After achieving our first FedRAMP accreditation in 2018, Zscaler’s commitment to FedRAMP has only grown. We recently became the only cloud security service provider to have our entire Zero Trust Exchange platform FedRAMP Authorized at both the moderate and high levels. This helps give government agencies greater confidence to access modern, cloud solutions for zero trust architecture and other services. Key Aspects of the FedRAMP Bill The FedRAMP Authorization Act, as included in this year’s NDAA, will usher in a new era for the FedRAMP program. As FedRAMP has grown and expanded over the last 10 years, industry partners have advocated for a formal mechanism to provide feedback to the program management office (PMO) on what’s working and what’s not. The bill establishes a Federal Secure Cloud Advisory Committee, to be made up of government and industry representatives, to help the help guide the PMO in areas where change may be needed. Further, the bill aims to modernize the Joint Authorization Board, not just by renaming it as the FedRAMP Board, but also providing it with new flexibilities that will allow it to better serve the needs of CSPs that support federal mission partners. And lastly, the “presumption of adequacy” will go a long way to helping the program finally realize the full spirit of “certify once, use many times.” This has been a labor of love for those of us who were early champions of the FedRAMP concept. I am especially excited to see GSA stand up the Federal Secure Cloud Advisory Committee to establish a formal mechanism for the PMO and FedRAMP Board to solicit and gather feedback from the broader FedRAMP community to help address challenges associated with the program and drive improvements over time. This, along with the ‘presumption of adequacy’ requirement, which is intended to help make the vision of ‘do once, use many’ a reality, are key to the long-term effectiveness of the program We want to thank the members of Congress, and in particular Rep. Connolly, Rep. James Comer, Sen. Gary Peters and Sen. Rob Portman, and their staff for this successful effort to get the FedRAMP Authorization Act bill enacted in the 117th Congress. This legislative initiative took years of committed work, and we appreciate their dedication to improving cybersecurity and expanding access to commercial cloud solutions across the federal government. Wed, 21 Dec 2022 06:40:28 -0800 Stephen Kovac https://www.zscaler.com/blogs/company-news/fedramp-legislation-certify-once-use-many-times https://www.zscaler.com/blogs/company-news/zscaler-joins-jcdc-enhance-collective-cybersecurity-posture-u-s Actionable intelligence is critical to effectively combat cyber threats. It also requires a proactive, real-time collaboration between both public and private sectors. As part of our ongoing commitment to operational collaboration, I am pleased to announce that Zscaler has joined the Joint Cyber Defense Collaborative (JCDC). Established by the Cybersecurity and Infrastructure Security Agency (CISA), JCDC leads the development and implementation of joint cyber defense plans and operations with partners from the private sector and government. Through this joint effort to understand and respond to threats, JCDC strengthens our collective ability to address immediate and impending cyber incidents. Zscaler has unique insights into cyber threat trends from how we secure more than 270 billion transactions per day through the world’s largest security cloud. Our global research team identifies threats, their countries of origin, target destinations, and volumes, as well as threat categories and specific family names. ThreatLabz team actively tracks various threat actor groups behind the scenes keeping up with their tools, techniques, and procedures as well as Command and Control infrastructure to develop effective countermeasures. Zscaler will contribute this expertise to help JCDC and its members expand situational awareness and understanding for cyber defense against some of the most advanced threats. Zscaler also shares its research and cloud data with the industry at large to help promote a safer internet. Our ThreatLabz research team publishes reports on a variety of topics from the state of ransomware, data loss and phishing to real-time dashboards on ISP incidents, encrypted traffic and a global threat map. Just yesterday, we published our annual State of Encrypted Attacks Report, which found that more than 85% of attacks now use encrypted channels, with malware topping attacks in 2022. The research leveraged insights from more than 300 trillion daily signals and 260 billion daily transactions in the Zscaler Zero Trust Exchange. This type of research helps keep our customers, partners and the cyber community informed on the state of current threats seen through the volume of traffic the Zscaler Zero Trust Exchange processes every minute. Zscaler’s participation in JCDC continues and builds on our commitment to public-private intelligence collaboration to keep people, organizations and their data safe from cyber threat actors. More information on our federal solutions can be found here. Mon, 19 Dec 2022 05:04:58 -0800 Deepen Desai https://www.zscaler.com/blogs/company-news/zscaler-joins-jcdc-enhance-collective-cybersecurity-posture-u-s https://www.zscaler.com/blogs/company-news/what-japan-and-germany-have-common-terms-digital-transformation My first trip to Japan since the outbreak of the pandemic was an eye-opener: Germany and Japan are not that far apart when it comes to digital transformation. Culture and tradition play decisive roles in organizational change in both countries. In fact, culture forms the basis for initiating change. During my recent trip, I struck up conversation with an elderly fellow traveler on the train. He had worked for a Japanese company in Germany for a long time, and so we discussed the cultural differences and similarities between the two countries. At the time, my acquaintance worked in an internationally senior position, and his job was his life. Back then, once you had joined a company, you remained loyal to it throughout your working life. Employees didn’t change employers every few years as they do now; instead, staff climbed up the internal career ladder. The same principle applied to work and production processes. These were continuously optimized over many years according to the motto, "improve what you have". There was no 'rip and replace', rather, systems and processes were developed and adapted step by step. Today, a rapid cultural change is taking place in Japan, according to my traveling companion. The younger generation has a different view of life and the world of work and is willing to undergo fundamental change. For aspiring leaders, a different motto applies—the existing is replaced with the new in order to move forward. For a long time, adaptation meant perfecting what exists Adherence to and development of established procedures are the cornerstones of why technology, workflows, and procedures in Japan are so mature. For example, Japan has connectivity under control to an impressive degree. On the train I was sitting on, everything worked perfectly: the internet, the technology, the service, even the seat quality was on point. In this way, public transport in Japan offers more than just punctuality, it also serves as a technically mature workplace. However, cautious approaches to optimization have left both Germany and Japan somewhat behind in terms of digital transformation. Germany, a production stronghold, relies on long cycles of production investment amortization and high caution when introducing innovation. Only what has proven to be viable in other regions is evaluated. This philosophy is typically applied to the introduction of cloud and holistic digitization, especially since the concept of Industry 4.0 was introduced. Interestingly, Japanese company branches have tackled transformation issues on their own much faster than those back at HQ. This is because many HQ offices have built up complex IT infrastructures that have grown over many years. These huge legacy environments have prevented Japanese companies from taking the first steps of innovation, and “perfecting what exists“ has been too tightly guarded a concept - much like the highly complex production facilities that slow down digitization in Germany. In addition to this point, most Japanese companies, particularly the large traditional ones, must adapt people management practices to bring about cultural change. For example, many companies find developing young leaders, and breaking the traditional seniority system, a challenge. Historically, Japan has excelled at product innovation. However, people, process and platform transformations are now all key success factors, and enablers for Japanese companies striving for a competitive advantage on the global scene. Transformation is essential This all being said, change can happen quickly, both in Japan and in Germany. Just three years ago, the cloud was an issue limited to applications on both sides of the globe. Then came the Coronavirus and, with it, hard lockdowns, which lasted much longer in Japan than in Germany. The pressure to turn the home office into a secure workplace has, as such, spurred the transition to modernized, secure cloud architectures. Traditional VPN access often failed to keep pace with the requirements for high-performance, seamless access for all employees. Accordingly, the young generation of workers now demands more flexibility than ever. Home office or hybrid working, flatter hierarchies, more self-determination, and a good work-life balance are at the top of the list when choosing an employer. For them, work is part of life, but it has long since ceased to be the center of their lives. Today, mainly due to external pressure, companies have come to realize that adaptation is not a transformation, and that a lack of transformation can catapult companies to the sidelines. We find, therefore, that the current situations in Japan and Germany are comparable: cloud transformation and the resulting digitization of production environments, including more flexible working methods, are in full swing. It was made inevitable by external factors including the pandemic and the changes that triggered. It would seem that old ties are now being quickly cut by companies in both countries. You can read more about the international comparison with regard to zero trust transformation in the State of Zero Trust Transformation 2023. Thu, 08 Dec 2022 03:54:58 -0800 Ismail Elmas https://www.zscaler.com/blogs/company-news/what-japan-and-germany-have-common-terms-digital-transformation https://www.zscaler.com/blogs/company-news/growing-together-secured-was-motto-emea-partner-summit For three days, Zscaler‘s EMEA Partner Community took part in an engagement, training, and networking event in Mallorca; an event that created a lasting impression. It was a fiesta in the truest sense of the word, a celebration with around 130 Zscaler partners in the island’s bright sunshine, with the added opportunity to engage with Zscaler’s senior leadership and channel team. During the summit, we demonstrated our passion to deliver cloud-based zero trust security to customers. In attendance were representatives of service providers, VARs, system integrators, and distributors, all of whom conveyed the market‘s positive momentum for cloud-delivered security. As Dali Rajic, Zscaler Chief Operating Officer, expressed in his keynote, market forecasters expect growth in investments in cloud technologies to rise at an above average rate. This is due in part to accelerating digitalization, which enables employees across all industries to work productively from anywhere, as well as efforts to create hybrid work environments. Through our comprehensive Zero Trust Exchange platform, partners can engage customers to address issues that go far beyond security, including the need to digitally transform business operations. Securing growth opportunities through Zero Trust The motto "growing together, secured" reflects how partners can secure opportunities and grow their revenue streams through a zero trust platform approach. To this end, Zscaler and partner representatives want to join forces in the sales process. As a result, Zscaler introduced the Zscaler Zero Trust Certified Architect (ZTCA), one of the industry’s most comprehensive zero trust certifications, that helps network and security professionals attest their expertise in establishing a holistic, layered security approach based on zero trust principles. This was demonstrated in an interview with Banco Sabadell, one of Spain‘s largest financial institutions that operates in 14 countries worldwide and has commercial banks in Spain, the UK and Mexico. In the interview with Ismail Elmas, GVP, International at Zscaler, Marc Segarra López made it clear that the expertise of the partner in the vendor portfolio is of decisive importance for the customer to build trust in the chosen solution approach. "We have to be confident that the partner will have more expert knowledge than ourselves and that they will always suggest the best solutions, architectures and configurations,” said Marc. “We want a partner who joins our entire technology and business journey and that can offer resources, expertise, and services throughout the whole process.” Empowering partners to transform customer operations Partner engagement was the focus of the summit to make partners experts in transformation to zero trust-based infrastructure. The flexibility of a cloud approach resonates here: the transformation from a hardware-based security infrastructure to a flexible security service edge (SSE) approach based on zero trust enables companies of all sizes to securely transform to a cloud-based business operation in which employees, workloads, and digital production facilities can be secured with a single, unified platform. Rather than a complex architeture, this flexible approach provides identity-based access to required applications, workloads, or devices for third parties. In addition, customers have the option of obtaining a flexible licensing model for cloud security services from managed security service providers that offer the necessary agility for business operations. What’s more, all members of the Zscaler partner and executive teams were thrilled with the opportuntiy to connect with partner representatives face to face. Personal discussions at board-level—for example during a round of golf at the beginning of the summit—not only strengthened relationships, but also enabled the sharing of insights to help deepen partnerships and develop joint go-to-market strategies. Accordingly, there was much praise from the partners for the availability of the entire management team during executive 1-1 sessions, including the ecosystem of technology partners, to further joint sales initiatives around the digital workplace. Awarding zero trust experts On the last evening of the event, awards for the partners of the past financial year were presented in a festive setting. Partners were recognized as zero trust experts across eleven categories for their commitment to working together as well as their expertise. The following received Partner of the Year awards: EMEA Partner of the Year: Telefonica EMEA Service Provider of the Year: Orange Business Services EMEA Systems Integrator of the Year: NTT EMEA Value Added Reseller of the Year: Softcat EMEA International Partner of the Year: Infosys EMEA Transformation Partner of the Year: BT EMEA North Partner of the Year: HCL EMEA South Partner of the Year: Deutsche Telekom EMEA Growth Partner of the Year: Sirar by STC EMEA Technical Partner of the Year: Xalient EMEA Partner Enablement Innovation: Westcon It was rewarding to see the partner community grow even closer to the Zscaler team over the summit‘s three days. The willingness of both sides to invest in the partnership was clearly felt. Together, we want to advance zero trust for customers and secure sustainable business models with digitization expertise—regardless of company size. Zscaler's message was clear: in Europe, the commitment to partners and the channel is stronger than ever, and it’s set to grow in the coming years. Thu, 08 Dec 2022 03:56:47 -0800 Kadir Erol https://www.zscaler.com/blogs/company-news/growing-together-secured-was-motto-emea-partner-summit