Blog Category Feed Zscaler Blog — News and views from the leading voice in cloud security. en What Japan and Germany have in common in terms of digital transformation My first trip to Japan since the outbreak of the pandemic was an eye-opener: Germany and Japan are not that far apart when it comes to digital transformation. Culture and tradition play decisive roles in organizational change in both countries. In fact, culture forms the basis for initiating change. During my recent trip, I struck up conversation with an elderly fellow traveler on the train. He had worked for a Japanese company in Germany for a long time, and so we discussed the cultural differences and similarities between the two countries. At the time, my acquaintance worked in an internationally senior position, and his job was his life. Back then, once you had joined a company, you remained loyal to it throughout your working life. Employees didn’t change employers every few years as they do now; instead, staff climbed up the internal career ladder. The same principle applied to work and production processes. These were continuously optimized over many years according to the motto, "improve what you have". There was no 'rip and replace', rather, systems and processes were developed and adapted step by step. Today, a rapid cultural change is taking place in Japan, according to my traveling companion. The younger generation has a different view of life and the world of work and is willing to undergo fundamental change. For aspiring leaders, a different motto applies—the existing is replaced with the new in order to move forward. For a long time, adaptation meant perfecting what exists Adherence to and development of established procedures are the cornerstones of why technology, workflows, and procedures in Japan are so mature. For example, Japan has connectivity under control to an impressive degree. On the train I was sitting on, everything worked perfectly: the internet, the technology, the service, even the seat quality was on point. In this way, public transport in Japan offers more than just punctuality, it also serves as a technically mature workplace. However, cautious approaches to optimization have left both Germany and Japan somewhat behind in terms of digital transformation. Germany, a production stronghold, relies on long cycles of production investment amortization and high caution when introducing innovation. Only what has proven to be viable in other regions is evaluated. This philosophy is typically applied to the introduction of cloud and holistic digitization, especially since the concept of Industry 4.0 was introduced. Interestingly, Japanese company branches have tackled transformation issues on their own much faster than those back at HQ. This is because many HQ offices have built up complex IT infrastructures that have grown over many years. These huge legacy environments have prevented Japanese companies from taking the first steps of innovation, and “perfecting what exists“ has been too tightly guarded a concept - much like the highly complex production facilities that slow down digitization in Germany. In addition to this point, most Japanese companies, particularly the large traditional ones, must adapt people management practices to bring about cultural change. For example, many companies find developing young leaders, and breaking the traditional seniority system, a challenge. Historically, Japan has excelled at product innovation. However, people, process and platform transformations are now all key success factors, and enablers for Japanese companies striving for a competitive advantage on the global scene. Transformation is essential This all being said, change can happen quickly, both in Japan and in Germany. Just three years ago, the cloud was an issue limited to applications on both sides of the globe. Then came the Coronavirus and, with it, hard lockdowns, which lasted much longer in Japan than in Germany. The pressure to turn the home office into a secure workplace has, as such, spurred the transition to modernized, secure cloud architectures. Traditional VPN access often failed to keep pace with the requirements for high-performance, seamless access for all employees. Accordingly, the young generation of workers now demands more flexibility than ever. Home office or hybrid working, flatter hierarchies, more self-determination, and a good work-life balance are at the top of the list when choosing an employer. For them, work is part of life, but it has long since ceased to be the center of their lives. Today, mainly due to external pressure, companies have come to realize that adaptation is not a transformation, and that a lack of transformation can catapult companies to the sidelines. We find, therefore, that the current situations in Japan and Germany are comparable: cloud transformation and the resulting digitization of production environments, including more flexible working methods, are in full swing. It was made inevitable by external factors including the pandemic and the changes that triggered. It would seem that old ties are now being quickly cut by companies in both countries. You can read more about the international comparison with regard to zero trust transformation in the State of Zero Trust Transformation 2023. Thu, 08 Dec 2022 03:54:58 -0800 Ismail Elmas "Growing together, secured" was the motto of the EMEA Partner Summit For three days, Zscaler‘s EMEA Partner Community took part in an engagement, training, and networking event in Mallorca; an event that created a lasting impression. It was a fiesta in the truest sense of the word, a celebration with around 130 Zscaler partners in the island’s bright sunshine, with the added opportunity to engage with Zscaler’s senior leadership and channel team. During the summit, we demonstrated our passion to deliver cloud-based zero trust security to customers. In attendance were representatives of service providers, VARs, system integrators, and distributors, all of whom conveyed the market‘s positive momentum for cloud-delivered security. As Dali Rajic, Zscaler Chief Operating Officer, expressed in his keynote, market forecasters expect growth in investments in cloud technologies to rise at an above average rate. This is due in part to accelerating digitalization, which enables employees across all industries to work productively from anywhere, as well as efforts to create hybrid work environments. Through our comprehensive Zero Trust Exchange platform, partners can engage customers to address issues that go far beyond security, including the need to digitally transform business operations. Securing growth opportunities through Zero Trust The motto "growing together, secured" reflects how partners can secure opportunities and grow their revenue streams through a zero trust platform approach. To this end, Zscaler and partner representatives want to join forces in the sales process. As a result, Zscaler introduced the Zscaler Zero Trust Certified Architect (ZTCA), one of the industry’s most comprehensive zero trust certifications, that helps network and security professionals attest their expertise in establishing a holistic, layered security approach based on zero trust principles. This was demonstrated in an interview with Banco Sabadell, one of Spain‘s largest financial institutions that operates in 14 countries worldwide and has commercial banks in Spain, the UK and Mexico. In the interview with Ismail Elmas, GVP, International at Zscaler, Marc Segarra López made it clear that the expertise of the partner in the vendor portfolio is of decisive importance for the customer to build trust in the chosen solution approach. "We have to be confident that the partner will have more expert knowledge than ourselves and that they will always suggest the best solutions, architectures and configurations,” said Marc. “We want a partner who joins our entire technology and business journey and that can offer resources, expertise, and services throughout the whole process.” Empowering partners to transform customer operations Partner engagement was the focus of the summit to make partners experts in transformation to zero trust-based infrastructure. The flexibility of a cloud approach resonates here: the transformation from a hardware-based security infrastructure to a flexible security service edge (SSE) approach based on zero trust enables companies of all sizes to securely transform to a cloud-based business operation in which employees, workloads, and digital production facilities can be secured with a single, unified platform. Rather than a complex architeture, this flexible approach provides identity-based access to required applications, workloads, or devices for third parties. In addition, customers have the option of obtaining a flexible licensing model for cloud security services from managed security service providers that offer the necessary agility for business operations. What’s more, all members of the Zscaler partner and executive teams were thrilled with the opportuntiy to connect with partner representatives face to face. Personal discussions at board-level—for example during a round of golf at the beginning of the summit—not only strengthened relationships, but also enabled the sharing of insights to help deepen partnerships and develop joint go-to-market strategies. Accordingly, there was much praise from the partners for the availability of the entire management team during executive 1-1 sessions, including the ecosystem of technology partners, to further joint sales initiatives around the digital workplace. Awarding zero trust experts On the last evening of the event, awards for the partners of the past financial year were presented in a festive setting. Partners were recognized as zero trust experts across eleven categories for their commitment to working together as well as their expertise. The following received Partner of the Year awards: EMEA Partner of the Year: Telefonica EMEA Service Provider of the Year: Orange Business Services EMEA Systems Integrator of the Year: NTT EMEA Value Added Reseller of the Year: Softcat EMEA International Partner of the Year: Infosys EMEA Transformation Partner of the Year: BT EMEA North Partner of the Year: HCL EMEA South Partner of the Year: Deutsche Telekom EMEA Growth Partner of the Year: Sirar by STC EMEA Technical Partner of the Year: Xalient EMEA Partner Enablement Innovation: Westcon It was rewarding to see the partner community grow even closer to the Zscaler team over the summit‘s three days. The willingness of both sides to invest in the partnership was clearly felt. Together, we want to advance zero trust for customers and secure sustainable business models with digitization expertise—regardless of company size. Zscaler's message was clear: in Europe, the commitment to partners and the channel is stronger than ever, and it’s set to grow in the coming years. Thu, 08 Dec 2022 03:56:47 -0800 Kadir Erol Zscaler’s Entire Zero Trust Exchange Platform FedRAMP Authorized Trust is paramount when it comes to protecting federal government IT systems - from the critical data of our nation to the millions of employees and citizens accessing those systems. This is why the Federal Risk and Authorization Management Program, better known as FedRAMP, is an invaluable assessment and authorization process. The goal of FedRAMP is to make sure federal data in cloud products and services used by U.S. Federal agencies are consistently protected. Zscaler has always had the goal to help secure IT modernization of our government, and we have worked diligently over the past five years to secure FedRAMP authorization at all levels across our full portfolio. I am proud to share a new milestone for Zscaler - with Zscaler Private Access (ZPA) now authorized at the moderate level, our entire Zero Trust Exchange platform suite of solutions is FedRAMP authorized at both moderate and high levels. You can read the press release here. FedRAMP authorization is a rigorous process to give agencies assurances around confidentiality, integrity and availability. FedRAMP high authorization is based on 421 controls in these three areas and 325 controls for FedRAMP moderate authorization. Zscaler has committed to successful FedRAMP authorizations to help Federal agencies, the Department of Defense (DoD), and intelligence organizations strengthen cyber defenses using Zero Trust to secure their users, secure their workloads and secure their IoT/OT. Government is making great progress with digital transformation at the same time that new vulnerabilities continue to surface. The attack surface has expanded and become more complex, making it harder to protect. Zscaler is leading the effort to implement Zero Trust solutions with the first and only Zero Trust Architecture and SASE platform to be offered end to end at both moderate and high baseline. ZPA in action Government agencies are transitioning private applications that once ran solely in the data center to public clouds. At the same time, they are searching for ways to enable productivity as users work from anywhere and on any device. ZPA is a cloud-delivered zero trust service that uses a distributed architecture to provide fast and secure access to private applications running on-premise or in the public cloud. ZPA applies the principles of least privilege to give users secure, direct connectivity to private applications while eliminating unauthorized access and lateral movement. When a user (employee, third-party contractor, or customer) attempts to access an application, the user’s identity and device posture are verified to provide a seamless user experience whether the user is remote or on-premise. In addition to ZPA achieving FedRAMP Joint Authorization Board (JAB) High Authority to Operate, the Department of Defense granted ZPA a Provisional Authorization to Operate (P-ATO) at Impact Level 5 (IL5). Government agencies and their contractors are able to use ZPA for systems that manage their most sensitive Controlled Unclassified Information (CUI) as well as unclassified national Security Systems (NSSs). ZPA delivers a central platform that gives IT control over application access As more private applications move to public cloud environments such as Amazon Web Services, Azure and Google Cloud Platform, access must be secured through the internet. With ZPA at the Moderate and High Baseline levels, agencies can provide secure and consistent access regardless of where an application is running, remove the need for the VPN gateway security stack or back-hauling traffic to the Trusted Internet Connection (TIC) before going out to the cloud, and accelerate application migration through rapid deployment and a seamless user experience. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE), a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including Zero Trust, and met TIC 3.0 use cases. ZIA Improves security controls – Keeping IT focused on innovation with TIC in the cloud per the President’s recent Executive Order Another core solution of the Zero Trust Exchange, Zscaler Internet Access (ZIA) – Government (Secure Web Gateway – vTIC)™ is a multi-tenant Cloud Security Platform known in the government that meets the Cybersecurity and Infrastructure Security Agency (CISA) TIC 3.0 guidelines. It has been the market leader as agencies work to meet modernization goals of shared services, mobile workforce enablement, improved FITARA scores, and more. Zscaler powers the shift to a modern, direct-to-cloud, Zero Trust architecture, regardless of device or user location. Federal IT leaders can improve on the who, what, where, when, and how they see, protect, and control user traffic to the internet by moving TIC security controls and other advanced security services to a cloud platform. The goal: immediate remediation on a global scale. This approach offers agencies global internet access and peering with FedRAMP-authorized applications. In addition, agencies can capture extensive log/telemetry data and store all agency data on U.S. soil with citizen-only access. Agencies can also provide the telemetry data to CISA’s Cloud Log Aggregation Warehouse (CLAW). With ZIA at the Moderate and High Baseline levels, agencies have access to global TIC or more secure U.S.-only TIC solutions. Achieving a Zero Trust model with the Zscaler Zero Trust Exchange for all Through our Zero Trust exchange and FedRAMP high and moderate solutions, all Federal agencies can achieve the Zero Trust goals mandated in the Cybersecurity Executive Order and implement CISA’s TIC 3.0 guidelines. Most agencies will need to approach Zero Trust in bite-sized chunks, setting priorities based on their unique needs. Check out our Zero Trust Playbook for prescriptive guidance on key steps that can be taken over time, leveraging a security ecosystem to achieve the end goal of Zero Trust. Zscaler is committed to helping agencies accelerate modernization securely, and has invested heavily to meet the unique requirements of our government. Over the last five years we have built a compliance program, launched an entity dedicated and focused on the needs of our US government (Zscaler US Government Solutions), and continued to build on our commitments to the NIST National Cybersecurity Center of Excellence (NCCoE), the Advanced Technology Academic Research Center (ATARC) Zero Trust working groups, and the American Council for Technology-Industry Advisory Council (ACT-IAC). Now we have also achieved FedRAMP authorizations at all levels across our full portfolio, emphasizing the importance of public and private partnerships to better protect our nation's critical assets, and giving our government customers the flexibility to choose the best solution to meet their needs. Visit our Zscaler US Government Solutions page for more information. Wed, 30 Nov 2022 05:05:09 -0800 Kumar Selvaraj Zscaler Debuts Zero Trust Certified Architect (ZTCA) Program to Address IT & SecOps Skills Gap An increase in large-scale cyber attacks has driven widespread interest for organizations to migrate to a Zero Trust architecture. A Zero Trust architecture is a new, clean architectural paradigm - one that is built to reduce a network's attack surface, prevent lateral movement of threats, and lower the risk of a data breach. This new Zero Trust architecture is based on the core tenet of Zero Trust, in which implicit trust is never granted to any user or device. The Zero Trust security model puts aside the traditional "network perimeter" built with firewalls and VPNs - inside of which all devices and users are trusted and given broad permissions by putting them on a routable network. A Zero Trust architecture eliminates the biggest problem associated with routable networks - lateral threat movement - by preventing access to the network, period. As Zero Trust became popular, the term was hijacked, with every vendor claiming to have a Zero Trust architecture. This is causing widespread confusion for customers and partners. A Zero Trust architecture is a new architecture, and cannot be bolted onto a traditional legacy-based approach. While it’s becoming more widely understood that legacy network-based firewall and VPN models simply cannot protect today’s modern cloud-first and hybrid working enterprise, one of the major pain points that IT and security operators are facing today is a skills gap, both in terms of (a) understanding what is true Zero Trust and how it contrasts with a legacy firewall and VPN-based approach, and (b) learning how to actually implement a Zero Trust architecture. Modern security teams need a specialized set of skills - one that isn’t based on 30 years of legacy networking and security principles - in order to address today’s cloud-first security requirements. To provide the necessary skills required for network and security professionals interested in building a holistic security approach based on Zero Trust principles, Zscaler is introducing the Zero Trust Certified Architect (ZTCA) program. This advanced certification program is designed to provide a comprehensive overview on the fundamentals of a Zero Trust strategy along with practical guidance for the planning, design, implementation and maintenance of a Zero Trust architecture. The course follows NIST’s Zero Trust guidelines, and directly compares and contrasts a Zero Trust architecture with the legacy routable networks and firewall- based approach. We’ve designed the course to help the learner be clear on the pitfalls of a legacy-based architecture, and understand how to implement true Zero Trust. Developed to be relevant and useful in today’s dynamic security environment, the curriculum features custom content that specifically addresses the needs of modern enterprises to secure their hybrid workforce and cloud-based data, applications, and workloads. When I speak with CXOs, they always tell me that the “people element” is the most important part of any digital transformation journey. And it’s no secret that the competition for talent within the IT and security industries continues to be fierce, so we’re pleased to be able to provide a means for network and security professionals to differentiate themselves, while acquiring the necessary skills to lead their organizations’ secure digital transformation. For more details on this exciting new certification program, please visit the ZTCA site. Mon, 14 Nov 2022 17:08:20 -0800 Jay Chaudhry Celebrating 15 Years of Innovation This year, I’m thrilled to celebrate Zscaler’s 15th anniversary. When we first started the company in 2007, I knew that we had a real opportunity to transform the security industry, especially in light of enterprises’ migration to the cloud - we had a bold idea, bright minds, a solid business plan, and the conviction to make it work. But the journey was not without risk, nor was it always easy. Like many companies, we had our own share of growing pains, but we also shared many moments of discovery, camaraderie, excitement, and accomplishment. These moments are now woven into the fabric of our company’s DNA and are truly what makes me proud when I reflect on how far we’ve come. Fifteen years ago, we signed The Arc Mid-Hudson, as our first, and now longest-standing, customer. They are a not-for-profit organization in New York State dedicated to supporting individuals with intellectual and developmental disabilities and they were looking for a cloud-native security solution that would allow them to provide secure connectivity to employees, while maintaining client data integrity and adherence to strict healthcare compliance mandates. I still remember the excitement we had over winning the account and how great it felt to know that Zscaler technology would be helping them to better serve their community. Today, The Arc Mid-Hudson is still a Zscaler customer and they’re leveraging the power of the Zscaler Zero Trust Exchange to support its transition from a site-based human services provider to a remote and highly mobile service model. The first Zscaler solution slide that was created in 2007 is still relevant today. Since then, we have kept the same focus and mission. It’s extremely satisfying to know that there are customers who have been with us since the very beginning. These relationships are built on trust, openness, and an exceptional level of service. Customers have the confidence of placing their most precious data assets in our care and that’s a responsibility that we take to heart each and every day. It’s what motivates me to continue to develop and deliver solutions that improve our customers’ security posture. Our success as a company heavily depends on our commitment to our customers and we never lose sight of that. Among our current workforce are employees who have been with the company since the very beginning. Recently, we came together to reminisce about how it all started and I jotted down a few memories which I thought really captured the sentiment and entrepreneurial spirit that underpins our company culture today: “It was during dinner at Jay’s house when he first proposed the idea of a cloud security platform. After we spoke, I was so convinced that this is the future, but the problem wasn’t easy to solve from a technology standpoint and it hadn’t been done. After four months of development, discussion and lots of trial and error, it seemed that we had a viable solution.” - Kailash Kailash, Zscaler Co-Founder “Kailash called me up, explained the concept, and suggested we do a workshop and start building something. To be honest, I wasn’t overly convinced that it would work, but Jay was always very clear in his vision of using a cloud-native architecture and that we were not going to build an on-prem solution. The team had conviction, which always kept me motivated.” - Srikanth Devarajan, early Zscaler employee “I think I was at the right place at the right time and I feel fortunate to be a part of this amazing journey. The passion of the founders was inspiring and the early team was very close. We were doing agile development before it became an industry-wide practice, so it was exciting to pioneer new methods while developing new capabilities at a lightning pace. We had the best time!” - Siva Udupa, early Zscaler employee “The time has gone by really fast. I still remember the early morning voice calls with Jay and the software teams, discussing a new feature to implement. By the end of the day, the feature was ready and the process started again the next day. We created our own agile methodology, but it was very exciting!” - Pratibha Nayak, early Zscaler employee The past 15 years has been quite a remarkable journey - what started out as an idea has grown into a company that’s generating in excess of $1B in revenue and is a recognized industry leader in cloud security. As a company, Zscaler has driven growth and innovation that’s constantly adapting to the changing security landscape and our customers’ evolving needs. I couldn’t be prouder of all of our accomplishments to date and I’m looking forward to another 15 years. To see a timeline of notable technology triumphs and significant company milestones, please click here. Thu, 03 Nov 2022 18:12:51 -0700 Jay Chaudhry Come Visit us at AWS re:Invent 2022 Zscaler will be at AWS’ premier conference from November 28 through December 2. The conference, located in Las Vegas, is one of the leading technology conferences focused on cloud computing. At the conference, you can visit and chat with Zscaler experts in the Expo at booth #118. There you can learn how you can Secure Your Workloads from build-time to runtime using Workload Communications and Posture Control. In addition, at AWS re:Invent you can View live demos that showcase the benefits and capabilities Zscaler for Workloads can deliver to your organization Have one-on-one meetings with Zscaler product leaders Listen to our talk, Zero Trust CNAPP and cloud workload protection with Zscaler, at the Lightning Theater 1 on November 28th at 6:25PM PST Grab some amazing swag to take home To learn more, please visit our registration page. We hope to see you there! Wed, 02 Nov 2022 20:37:01 -0700 Franklin Nguyen Zscaler: Celebrating 15 Years of Innovation Zscaler started in 2007 with an idea: transform cloud security in ways we never thought possible. Fifteen years later, with numerous industry firsts, notable technology triumphs, and significant company milestones throughout our history, Zscaler is in the perfect position to support our customers as they continue their digital transformation journeys. We’re beyond excited about the future. Join us as we celebrate 15 years of innovation. Learn more about Zscaler Join the team Wed, 26 Oct 2022 20:07:00 -0700 Jay Chaudhry Thank You and Best Wishes to my Dear Friend, Amit I am both saddened and pleased to announce that Amit Sinha has decided to pursue a CEO role at a private company. I would like to thank Amit for his contributions to Zscaler in various roles over the past 12 years, most recently as President of Zscaler. I met Amit in early 2005 when I was running AirDefense and CipherTrust in Atlanta. From my first meeting, it was clear to me that this young engineer with a doctorate from MIT and a bachelor’s degree in electrical engineering from IIT was not only a brilliant engineer but had great business acumen. Amit joined me at AirDefense as its CTO and our friendship and partnership continued to grow. He joined me at Zscaler in 2010 at its very early stage to incubate security for mobile devices. I’ve enjoyed watching him grow as a leader and lead multiple functions to help Zscaler grow into the market leader in cloud security. I am pleased that Amit will remain on Zscaler’s Board of Directors as a trusted advisor and strong supporter of Zscaler. Over the next few weeks, Amit will work with us to transition his roles and responsibilities. Amit has been a dear friend and collaborator of mine for over 17 years. While I am sad to see him move on; it is a fact that great companies produce the next generation of CEOs who go on to change the world. We will miss Amit and wish him well. Mon, 10 Oct 2022 13:29:25 -0700 Jay Chaudhry Zscaler Acquires ShiftRight I am pleased to announce Zscaler’s entry into security workflow automation with the acquisition of ShiftRight, a leader in closed loop security workflow automation. As a result, ShiftRight’s technology is being integrated into the Zscaler Zero Trust Exchange cloud security platform to automate security management, providing a simple solution that will dramatically reduce incident resolution times. In my discussions with enterprise CIOs and CISOs, a pressing issue for their IT and security teams is not having enough time and resources to respond to and determine the severity of all security incidents. This results in not meeting SLAs, contentious relationships between security and business stakeholders and, most importantly, it introduces major risks to the business when critical security issues fall through the cracks. This challenge is further compounded by the complex and distributed nature by which security is commonly implemented within organizations; that is, while security teams are held accountable for the vast majority of security-related tasks, they are often not directly responsible, which causes confusion, miscommunication, delays and inefficacy. ShiftRight’s technology uses analytics, telemetry data, and intelligence to automate security incident tracking to establish clear lines of responsibility, provide real-time visibility, and foster collaboration amongst teams. ShiftRight’s technology enables: High-level visibility of issues and detailed views for more granular reports Improves efficiency by identifying and assigning teams responsible for resolving a security issue and automatically creating tickets Efficient communication with the various stakeholders to ensure accountability Close tracking of team progress to resolve issues end-to-end As I’ve said before, implementing new security tools is easy relative to changing organizational behavior, but I believe that the integration of ShiftRight’s technology into Zscaler’s portfolio will influence positive organizational change, while strengthening the security posture of our customers. We’re excited to welcome the ShiftRight team to the Zscaler family and I look forward to working with them to drive continued innovation in the security workflow automation space. For more details on the acquisition, please see the news release here. This message includes forward-looking statements. See important information here. Thu, 29 Sep 2022 12:54:21 -0700 Jay Chaudhry Zero Trust for Healthcare Cybersecurity has become a strategic imperative for healthcare organizations. Data breaches increased 650% in 2021 and the associated costs increased 29.5%. The rising adoption of telehealth, a mobile workforce, and the emergence of connected medical devices have all contributed to expanding cyber risk, complexity, and cost. As with many critical industries, healthcare delivery is undergoing a digital transformation. Fast and secure access to cloud resources is required, and Zscaler helps securely migrate from on-premises network infrastructure to the cloud using zero trust principles. Trusted by some of the top healthcare systems around the world, Zscaler has now invested in a dedicated practice to help our nation's healthcare systems better protect their data and improve patient outcomes. Check out our new Zscaler for healthcare page for more on how we can help solve the challenges that are unique to health systems today. How can zero trust reduce the threats to your healthcare organization? Let’s look at four key areas: ransomware, infrastructure cost, new care models, and work-from-anywhere user experience. Ransomware The adoption of telemedicine, cloud, and IoT have created new avenues for bad actors to gain access to valuable healthcare data and systems. According to a recent report from the Ponemon Institute, 89% of healthcare organizations surveyed experienced cyberattacks in the past 12 months, with an average total cost for the single most expensive cyberattack at $4.4 million. Further, an average cost of $1.1 million was lost in productivity as a result of these attacks. Zero trust is a highly effective strategy for combating ransomware attacks. The most practical way to keep hackers out of your network is to eliminate the attack surface. If it’s not reachable, it’s not breachable. Zscaler restricts malicious access to a healthcare system’s network by making the internet the network for digital work, or extending the service to your on-premises environment securely. The resulting decrease in attack surface has been proven to reduce the number of malicious attacks by more than 50%. Infrastructure Cost Healthcare organizations must make considerable investments in IT systems at a time when the very care models themselves are evolving. Hybrid cloud architectures are becoming the new standard and extensive industry consolidation is resulting in business and clinical applications migrating to the cloud to improve efficiency and reduce administrative costs. Zscaler helps healthcare organizations connect branches, clinics, care centers, and clinicians to the internet by leveraging multiple network connection types. This optimizes application traffic routing and performance while reducing WAN costs and network operational expenses. Zscaler helps ease this transition by allowing existing systems to remain in place while providing a more secure way to access them. Healthcare mergers and acquisitions (M&A) volume was up 16% in 2021 and the outlook for 2022 is strong. M&A are challenging for IT as the IT team is responsible for ensuring appropriate connectivity to applications and the security of sensitive data while consolidating complex legacy networks and security infrastructure. Zscaler customers experience up to a 70% reduction in overall infrastructure costs and reduce M&A integration timelines from months to weeks. Care-From-Anywhere Healthcare is transitioning to a more accessible model. An “omnicare” or care-from-anywhere approach combines telehealth, in-office visits, remote monitoring, and other modes of treatment to make healthcare more efficient, effective, and affordable. With data dispersed across many different platforms, protecting it is a massive challenge. Add in the increasing number of endpoints created by the internet of medical things (IoMT), and healthcare organizations are finding themselves at risk from extensive unpatched vulnerabilities. The FBI issued a Private Industry Notification on September 12, 2022 that declared that unpatched and outdated medical devices provide cyberattack opportunities. More than 53% of connected medical devices and other IoMT devices in hospitals had known critical vulnerabilities. Leaving such devices insecure makes the entire healthcare facility vulnerable to cyberattacks, endangering patient health and worker safety. The Zscaler Zero Trust Exchange helps healthcare organizations secure and simplify the connectivity brought on by this expanding healthcare model, allowing new applications and devices to be easily added to the enterprise. Customers can increase bandwidth by more than 100%, achieve 99% application availability, and see a 100% reduction in network outages. Work-From-Anywhere Healthcare organizations are increasingly adopting new and innovative approaches to respond to staffing constraints, including the ability to work remotely. A 2022 MGMA Stat poll found that 59% of medical group practices have shifted workers to permanent remote or hybrid work in the past year. This dramatically increases the number of devices connecting to and from your network, potentially expanding the attack surface and opportunities for bad actors. In addition, traditional security architectures require a user to access the network through a VPN with all data backhauled through the data center, creating latency and a poor user experience. Zscaler provides a secure work-from-anywhere experience, enabling access to applications from any location, on any device. Only the right users get access to the right information and systems when they need it. The Zero Trust Exchange provides the ability to decrypt and inspect 100% of all SSL/TLS traffic at scale, keeping data secure at every step and improving employee productivity by up to 80% with near-zero latency. Data Protection Transformed Ransomware, data breaches, and careless user behavior put your data in harm’s way. Zscaler is announcing industry-first innovations that revolutionize how organizations classify and protect data. Join us on Tuesday, October 18 for Zscaler’s Data Protection Transformed event to see how to solve today’s most difficult data protection challenges. Zscaler is trusted by some of the largest healthcare organizations in the world to secure their users and applications. From HIPAA compliance to securing connected medical devices and remote employees, Zscaler sets the standard for digital transformation. Contact us today for more information or to see a live demo. And follow our Zscaler for Public Sector LinkedIn page for regular updates. Thu, 22 Sep 2022 15:33:05 -0700 Ian Milligan-Pate New Learning Experiences to Drive Success - September 2022 I am a firm believer that Zscaler enables companies to complete their secure digital transformation journey and achieve enterprise-wide zero trust. We’ve built the best in the business, no question about it. However, customers can only complete this journey and reach their goals if they fully leverage and adopt all our platform has to offer. No matter how great our products and teams are, this adoption doesn’t happen magically. It takes focus and investment in time from our customers. Getting administrators, engineers, and architects through the right training at the right time can make all the difference in an organization's success with Zscaler and, ultimately, their ability to achieve secure digital transformation. But customers don’t have to go on this adoption journey alone. Zscaler has built engaging, relevant, world-class learning experiences for our partners and customers that will provide the support, tools, and resources they need to learn and adopt our platform. As a result of our efforts, we have several big announcements today: 1. Zscaler Academy & Customer Success Center - Starting September 15, customers will have access to a new centralized resource hub–the Customer Success Center, and a new learning management system, Zscaler Academy! We launched a new learning platform to partners in March 2022 and now we are extending that amazing experience to our customers. Customers will also have access to Zscaler Ascent, our gamification platform, allowing them to collect points for learning activities and redeem them for prizes. 2. New ZIA Administrator Learning Path and Certification - Also on September 15, both customers and partners will have access to new ZIA Administrator eLearning and a corresponding certification exam. This content explores the ZIA product with helpful scenario-based demonstrations and hands-on practice activities. The content will prepare learners to take the all-new ZIA Admin Certification Exam. This content and exam will take the place of the ZCCA-IA certification. All existing certifications will remain valid until their expiration date (3 years from completion date). As a part of this new content release, we are archiving our TAC and Security Specialist courses. The content from these courses will be rolled into the new administration content. Learners who have already started the courses will have until Dec 31, 2022 to complete the course and the exam. Specializations will continue to be honored until their expiration date. 3. eLearning Now Included for Zscaler Customers - EDU Credits for Exams, Labs, and Advanced Content - Our priority is to ensure customers have what they need to be successful on their journey to zero trust. Starting September 15, all customers will have unlimited access to core eLearning with any active Zscaler product subscription. To simplify things, we have combined lab credits and eLearning credits into a single Education (Edu) Credit and customers can use these credits to purchase live training, labs, and select advanced eLearning content. Customers can purchase EDU credits as separate items or as part of their deployment packages with Zscaler. Customers can also redeem the newly-launched Professional Service Credits for EDU credits at a 1:1 ratio. 4. Increasing Certification Security - To ensure certifications maintain their integrity, we are changing the number of exam attempts per enrollment from unlimited to three. This means customers and partners who enroll in an exam will have three attempts to pass that exam. If they do not pass they can email for support. 5. Introducing Zscaler Academy Release Notes - We know our customers and partners have a lot to balance on a daily basis. To make it easier to find and reference changes to Zscaler Academy and our learning programs, check out the new Zscaler Academy Release Notes page available from the Help section on the Partner and Customer Academy sites. We are excited for our customers and partners to explore the new tools at their disposal to learn and grow with Zscaler, and we are eager to hear your feedback. Please email with any comments, questions, or concerns. Happy learning! Thu, 15 Sep 2022 11:59:29 -0700 Rick Kickert Join Zscaler at CrowdStrike Fal.Con 2022 Zscaler is thrilled to be a Diamond Sponsor at CrowdStrike Fal.Con 2022, coming up September 19–21 in Las Vegas. This year at Fal.Con, you’ll have the opportunity to be among the first to hear about our newest integration with CrowdStrike as well as attend any of our three speaking sessions to hear more about the Zscaler and CrowdStrike partnership. Visit our booth Drop by Booth #1607 to see our various integrations with CrowdStrike. See for yourself why more and more customers are choosing the combined technological advancements of Zscaler and CrowdStrike to protect their users and applications. Hear from a joint Zscaler and CrowdStrike customer Featured Session - Architecting and Accelerating your Zero Trust Strategy | Sept. 20, 2:30 p.m. Together, Zscaler and CrowdStrike offer an integrated end-to-end security solution that simplifies zero trust adoption for IT teams. Join this breakout session to get firsthand technical advice from industry leaders on architecting your zero trust transformation, and walk away with a complete view of how to seamlessly integrate our best-of-breed platforms. Speakers include: Alex Borhani, Deputy CISO, CSX Amit Raikar, VP of Alliances, Zscaler Chris Kachigian, Sr. Dir., Global Solution Architecture, CrowdStrike Listen to insights in the CrowdXDR Alliance Panel Executive Panel on Cybersecurity Transformation | Sept. 20, 3:30 p.m. Ransomware attacks have risen dramatically alongside the shift to remote work, and they’re showing no signs of slowing. Join this CrowdXDR executive panel to hear from Zscaler, CrowdStrike, ServiceNow, and World Wide Technology (WWT) on ways your organization can fight back against adversaries, what trends to keep an eye on, and how to leverage best-of-breed technologies to protect your users and data. Learn the best place to start with zero trust Building the Economic Rationale for a Zero Trust Transformation | Sept. 20, 11:30 a.m. Zero trust is more than just a buzzword—today, it’s a driving force in the security community. Even so, organizations of all sizes struggle with where or how to start. For many security leaders, securing budget and getting technological consensus from their staff is a major hurdle. However, most leaders agree that building a strong business case is a key first step. In this session, Zscaler business value experts will walk you through how to build a business case for your internal stakeholders with customizable and quantifiable outcomes that match your organization's goals and IT environments. Grab a T-shirt Be sure to pick up your free Fal.Con shirt at check-in! See you there! To learn more about the event and schedule a meeting with Zscaler experts today visit our Zscaler at CrowdStrike Fal.Con 2022 page. Mon, 12 Sep 2022 08:00:02 -0700 Jason Lee Zscaler is a 2022 Customers’ Choice in the Gartner® Peer Insights™ “Voice of the Customer” Report for Security Service Edge We are excited to announce that Zscaler has been recognized as a Customers’ Choice vendor for 2022 in the Security Service Edge (SSE) category on Gartner® Peer Insights™. This distinction is a recognition of vendors in this market based on feedback and ratings submitted by hundreds of verified end users of our products for an 18-month period ending on May 31, 2022. Overall, reviewers gave us a 4.6 out of 5, (based on (411 reviews as of May 31, 2022) with 93% saying they would recommend Zscaler. In addition, Zscaler was named as a leader in all eight segments in the accompanying “Voice of the Customer” Report for SSE, the only vendor to get this recognition. These recognitions are based directly on unbiased feedback from our customers - the people we’re here to serve - therefore, we believe these recognitions serve as further validation that we are creating security solutions that fit the needs of modern enterprises around the world. The Gartner Peer Insights Customers’ Choice distinction is based on both the number of reviews and the overall user ratings. To ensure a fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate. Here are some comments from customers: ● “This is something I appreciate; it's a terrific method to be entirely compliant. The Zscaler Internet Access Platform is a dedicated SSE solution that focuses on risk mitigation, reliability, and scalability to allow us to deliver our users secure access to our applications while keeping them secure.” – Program Director, Services ●“I have used Zscaler services at multiple companies. The usage of Zscaler truly enables work from anywhere while offering the same security benefits of being in the office. It is a powerful enablement tool for your workforce regardless of location, and simplifies the consumption of cloud based services.” –Associate Director, Network Architecture, Aerospace ● “We have been using ZIA for over a decade now. The capability of the product has only seen upward thrust. We have also subscribed for ZPA since its inception for zero trust capabilities and it’s truly fulfilling. ZDX capabilities are assisting us to troubleshoot EUCI issues during the work-from-home scenarios. Support services and customer focus are overwhelming. Overall, we are very satisfied with Zscaler.” – Enterprise Architecture and Technology Innovation, IT Services You can read more Zscaler reviews here. To all of our customers who submitted reviews - thank you! Your feedback helps us create better products and fuels our drive to keep on innovating. We are committed to earning the trust and confidence worthy of this distinction. To learn more about Gartner Peer Insights Customers’ Choice, or to read the product reviews written by the IT professionals who use them, please see the Security Service Edge page on Gartner Peer Insights. If you have a Zscaler story to tell, we encourage you to join Gartner Peer Insights to share your experiences. GARTNER is a registered trademark and service mark, and PEER INSIGHTS is a trademark and service mark, of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose. Wed, 07 Sep 2022 08:00:01 -0700 Jay Chaudhry Experience your world secured with Zscaler at Black Hat 2022 It’s that time of the year again! Security folks from near and far are gathering in Las Vegas – or making their presence known virtually – for Black Hat to network with peers, learn about the latest security research and threat trends, and check out new innovations. As a proud sponsor of Black Hat 2022, we’ll be there, will you? This past year, the ThreatLabz team has seen a massive uptick in cyberattacks and the use of illusive techniques. Ransomware attacks aren’t going away. In fact, we’ve seen an 80% increase year-over-year with bad actors jumping on the bandwagon with multi-extortion demands, increasing the pressure on companies to pay up. Part of the reason ransomware threat actors are so effective at delivering attacks is because we’ve seen an increase of 314% threats being delivered over HTTPS, an encrypted protocol intended for secure communication. At Zscaler, we are purpose-built to prevent ransomware from the start and stop even the stealthiest attacks. Visit Zscaler at booth #872 in-person or virtually August 10 and 11 to check out our latest innovations and chat with our Zscaler experts and partner presenters. Discover why Zscaler customers trust the world’s largest security cloud to protect their organizations while reducing the attack surface, preventing cyberthreats, eliminating lateral movement, and stopping data loss. How a Zero Trust Architecture Protects Against Ransomware A CxO Fireside chat featuring Zscaler’s Amit Sinha, Patrick Foxhaven, and Deepen Desai Register for this session via the Black Hat attendee portal. In addition to our virtual speaking session, stop by our booth (#872) for nonstop fun from Zscaler experts and partner presenters. Already a customer? Stop by for your free gift! We’re giving away custom MuteMe buttons to customers who visit our booth and exclusive shirts when you sign up for the Zenith Community during the event. Want to meet onsite? Zscaler will have executives and product specialists ready to meet with you and answer your questions. Book a one-on-one meeting with us using the form on our Black Hat event site. See you there! Make sure to follow Zscaler on Twitter and LinkedIn for live updates from the show and to stay updated on all things #ZeroTrust. Visit our Zscaler at Black Hat event microsite to grab details on our virtual speaking session, in-booth presentations, and featured research and partner content. Mon, 01 Aug 2022 12:25:49 -0700 Amy Heng ZIA Achieves Zero Trust Security-as-a-Service FedRAMP High Authorization I am proud to share that the FedRAMP Joint Authorization Board (JAB) has announced that Zscaler Internet Access (ZIA) achieved High Authority to Operate. This federal government certification represents the first-ever Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution to achieve FedRAMP’s highest authorization. ZIA now meets the stringent requirements of civilian agencies with high security requirements, as well as Department of Defense (DoD) and intelligence organizations. Given that JAB only selects a limited number of cloud services for review each year based on government-wide demand, our selection validates the strength of our solution and demonstrated ability to help Federal agencies, the Department of Defense (DoD), and the Intel community strengthen cyber defenses using Zero Trust. We’ve seen tremendous digital transformation progress in government over the past few years, and with this transformation, new vulnerabilities are also on the rise. The attack surface is bigger, more complex, and harder to protect. Zscaler is leading efforts to implement Zero Trust solutions across our patented Zero Trust Exchange to make cloud environments safer across Federal Civilian agencies, the DoD, and the Intelligence community. This milestone builds on our announcement that Zscaler Private Access (ZPA) achieved DoD IL5 and more recently, Zscaler’s Digital Experience (ZDX) service achieved FedRAMP authorization. With these achievements, the Zscaler Zero Trust Exchange, which includes ZIA and ZPA, can secure the U.S. government’s data at the moderate and high impact levels. ZIA in action Zscaler Internet Access – Government (Secure Web Gateway – vTIC)™ is a multi-tenant Cloud Security Platform known in the government that meets the Cybersecurity and Infrastructure Security Agency (CISA) TIC 3.0 guidelines. It has been the market leader as agencies work to meet modernization goals of shared services, mobile workforce enablement, improved FITARA scores, and more. Zscaler powers the shift to a modern, direct-to-cloud, Zero Trust architecture, regardless of device or user location. The Zscaler multi-tenant Cloud Security Platform applies policies set by the agency to securely connect the right user to the right application. As a Secure Access Service Edge (SASE) service, the Zscaler Cloud Security Platform is built from the ground up to provide comprehensive network security functions. Unlike traditional hub-and-spoke architectures where traffic is backhauled over dedicated wide area networks via VPNs to centralized gateways, Zscaler routes traffic locally and securely to the internet over any connection or device from anywhere. The Zscaler SASE architecture shifts security functions to focus on protecting the user/device in any location, rather than securing a network perimeter. This ensures that users get secure, fast, and local connections no matter where they connect. Moving to a security-as-a-service model decouples your organization’s security requirements from the responsibilities of maintaining infrastructure and updates. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE), a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including Zero Trust, and met TIC 3.0 use cases. ZIA Improves security controls – Keeping IT focused on innovation with TIC in the cloud per the President’s Executive Order Federal IT leaders can improve on the who, what, where, when, and how they see, protect, and control user traffic to the internet by moving TIC security controls and other advanced security services to a cloud platform. The goal: immediate remediation on a global scale. This approach offers agencies global internet access and peering with FedRAMP-authorized applications. In addition, agencies can capture extensive log/telemetry data and store all agency data on U.S. soil with citizen-only access. Agencies can also provide the telemetry data to CISA’s Cloud Log Aggregation Warehouse (CLAW). With ZIA at the Moderate and High Baseline levels, agencies will have access to global TIC or more secure U.S.-only TIC solutions. Achieving a Zero Trust model with the Zscaler Zero Trust Exchange Through our Zero Trust Exchange and FedRAMP high solutions, all Federal agencies can achieve the Zero Trust goals mandated in the Cybersecurity Executive Order and implement CISA’s TIC 3.0 guidelines. Most agencies will need to approach Zero Trust in bite-sized chunks, setting priorities based on their unique needs. Check out our Zero Trust Playbook for prescriptive guidance on key steps that can be taken over time, leveraging a security ecosystem to achieve the end goal of Zero Trust. Zscaler ZIA will join with Zscaler ZPA High to offer the Zscaler “Zero Trust Exchange” completely at the High baseline. Zscaler is the first and only ZTA and SASE platform to be offered end to end at both moderate and high baseline. Mon, 01 Aug 2022 05:00:02 -0700 Stephen Kovac Join Zscaler at AWS re:Inforce 2022 The re:Inforce conference is one of AWS’s marquee events primarily focused on cybersecurity. At this annual event, you’ll be able to hear from experts in the field, learn best practices, and discover the latest advances in security to protect your organization from cybersecurity threats. Zscaler will be at booth #504. Visit us to learn how Zscaler for Workloads, which includes Workload Communications and Posture Control, can protect your cloud workloads from build-time to runtime. Workload Communications and Posture Control Overview What is Workload Communications? Workload Communications allows organizations to utilize Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) for their cloud workloads. With Workload Communications you can connect your cloud workloads to any destination–whether it is to the internet or to another cloud workload located in a different region–with secure connectivity using the Zero Trust Exchange. It will help you eliminate your network attack surface, prevent the lateral movement of threats, and reduce the risk of data breaches. What is Posture Control? Posture Control, our CNAPP solution at Zscaler, reimagines cloud-native application security by using a 100% agentless solution that leverages machine learning to correlate hidden risks caused by the combination of misconfigurations, threats, and vulnerabilities across the entire cloud stack. It empowers security, development, and DevOps teams to efficiently collaborate and discover, prioritize and remediate risks in cloud infra and applications as early as possible in the development lifecycle. What to expect at AWS re:Inforce Zscaler will be providing opportunities to Schedule one-on-one meetings with Zscaler product leaders who are driving the direction of Zscaler for Workloads. View live demos that showcase the capabilities and benefits Zscaler for Workloads can deliver to your organization. Next Steps To learn more and to sign up, please visit our registration page here. We look forward to meeting you at AWS re:Inforce 2022! Wed, 13 Jul 2022 08:00:01 -0700 Franklin Nguyen Zscaler for IoT & OT Now Sold by Siemens for Industrial Security I am very excited to join forces with Siemens to extend zero trust into OT and disrupt the traditional OT security mindset. Now, Zscaler and Siemens product and sales teams together are taking OT security to the next level, addressing a significant customer challenge to balance factory digitalization with the increasing severity of cyberthreats. You can read more in our press release about the specifics of the joint zero trust OT solutions we built. Why us and why now? Well, we’ve heard from our customers how Zscaler has transformed their IT infrastructure, showing that the firewall-based legacy castle-and-moat architecture is no longer the safest and most secure approach. Many industrial customers who use Zscaler for IT digital transformation asked us if our zero trust approach to security could help them in the factory to improve uptime and increase people and plant safety. Furthermore, as the world leader that empowers industrial giants, Siemens is perfectly positioned to pioneer the OT/IT convergence and accelerate factory digitalization through a path paved with zero trust foundations. Let’s look a little more closely at why customers are having this struggle between preserving security and modernizing their OT network. Typically, regulations like the IEC62443 suggest industrial networks separate themselves completely from the internet. The thought is that a lack of connectivity could prevent hackers from finding OT assets and hijacking them to gain unfettered access to the OT network, moving laterally to high-value assets until they can execute their ultimate objective. However, perpetual isolation from the internet prevents factories from taking advantage of Industry 4.0 initiatives like automation, AI/ML, cloud-delivered products, and other innovations that could help factories produce greater output at lower cost. It does not make sense for industrial companies to stay forever in the dark ages of an air-gapped state. To do so would lead to unacceptable stagnation. Instead, as a leading security company and manufacturing powerhouse, respectively, Zscaler and Siemens feel progress must be made to help factories become globally connected while drastically reducing cyber risk. Through our partnership, customers deploying industrial edge devices from Siemens, like the SCALANCE LPE, can connect to them from anywhere in the world over any network connection using the most secure architecture: zero trust via Zscaler’s Zero Trust Exchange. Powered by 150+ data centers worldwide, our multi-tenant cloud security service creates a fully encrypted connection between user and OT edge device. Each connection is brokered by the corporate policies set in the exchange, and creates a user identity-based micro tunnel between user and asset, rather than placing the user on the OT network. Compared with traditional network-based OT remote access solutions, this fully SaaS-based approach eliminates the attack surface, making it challenging for the bad guys to find and exploit OT assets and then move laterally about the network. In addition, Zscaler has a global cloud that scales much faster than any other OT secure remote access solution in the market today. What’s most exciting is not just the emergence of new security technologies but also new approaches that change the way people think and alter their assumptions. Almost always, customers find when they look at their networks through the lens of zero trust instead of castle-and-moat, they become more secure, users have a better experience, and they can reduce cost substantially, freeing up funds to be spent on growing the business. With technologies like the SCALANCE LPE and Zscaler Private Access, Siemens sellers can offer joint customers a path to OT and IT convergence through strong security. The combined solution helps customers digitally modernize their factories to obtain a higher output and a better bottom line. I invite you to learn more about the solution by visiting the Zscaler Private Access for OT page on our website as well as learn how zero trust can be used as part of a defense-in-depth strategy by reading our whitepaper titled 3 Essential Zero Trust Principles for Reducing Security Risk in OT Environments. Thu, 26 May 2022 13:05:01 -0700 Jay Chaudhry The Top 5 Reasons Zscaler Partners Won’t Want to Miss Zenith Live 2022 The countdown is on! Zenith Live is back and better than ever - both in-person and virtual! Join technology, channel, and alliance visionaries and industry innovators as we bring together the very best two-day experience for you—our valued partners—no matter what type of partnership you have with us. Here are five reasons why Zenith Live is an event our partners can’t miss: Hear from visionary cloud leaders including Jay Chaudhry, CEO, Chairman, & Founder of Zscaler, and CISOs from organizations, such as Charles Schwab and Equinix, as they share innovations across zero trust, cloud security, and machine learning, as well as real-world use cases, helping organizations of all sizes define a roadmap to accelerate business. Attend our exclusive Partner Summit and learn from Zscaler channel and alliance leaders how we’re investing in our partner ecosystem to accelerate long-term growth—and how we’ll transform together into FY23. Plus, you won’t want to miss special guest Dali Rajic, COO of Zscaler, as he expands on the power of partnerships. Train with the best in the industry through partner-specific training, certifications, and hands-on labs on June 21 and 24 that are designed to elevate your Zscaler knowledge. Learn more and sign up here. Explore the Partner Innovations Expo and meet with our global ecosystem of companies and event sponsors to learn how we’re empowering customers in the cloud and mobile era. Celebrate with Partner Awards where our leaders and special guest speaker will recognize zero trust heroes who have gone above and beyond to expand their partnership with Zscaler. Plus, there will be more than 60 breakout sessions focused on the latest innovations, use cases, and strategies to guide your customers through today’s sophisticated attacks with zero trust. Here are some of our favorite breakout sessions for Zscaler partners: Zscaler Partner Summit: Your Customers, Secured Value Discovery: Methods Specific to Zscaler Solution to Accelerate Your Sales Cycle SASE, SSE, and Zero Trust: Beyond the Hype Case Study: CISO of a Global Organization Talks Cybersecurity Register today Can’t make it to Vegas? Join us virtually. Located in APJ or EMEA? Save the date for our upcoming Partner Summits on tour in your region! APAC: Sydney: September 20, 2022 Singapore: September 22, 2022 EMEA: Week of November 14, 2022 Location TBD Mon, 23 May 2022 13:20:45 -0700 Elorie Widmer My Journey as Sales Engineer is a Journey of Transformation "The only constant in life is change." This saying doesn't just cover the professional career of Cedric Blöchlinger; it's also a great way of describing his current role. As a Sales Engineer at Zscaler, he paves the way for companies to securely join the cloud, gradually transforming conventional IT infrastructures into modern, cloud-based working and production environments. This often involves radical changes to the existing security and network architectures. Cedric’s own personal transformation has evolved from a biotechnology degree to a Master's in Technology & Economics Management with a couple of interim steps to IT security. After his initial career experiences in management consultancy, while taking a break to travel, he decided to focus on security and gained hands-on experience in a pen testing lab as a first step. That paved the way to his current role as a security professional. However, his next career stops were first as a Technical Account Manager to an SD WAN provider, where he looked after existing customers and supervised rollouts so that the connectivity of the data streams remained the focus. In addition, he was certified as a CISSP before he switched to sales. "Today, I'm very happy that I didn't take a more direct route, as my wealth of experience in different areas gives me credibility with customers. I can draw on a broader understanding of network and security issues that come into play during the secure transformation of IT infrastructures. To support companies on their transformation to the cloud, you need to know exactly where the levers have to be applied in the entire infrastructure," he said, summarising a career which has finally led to him working as a sales engineer for cloud security specialists. The need for this type of comprehensive cloud consultancy is not solely a result of the pandemic. In fact, over the last two years, the introduction of Microsoft 365–with its associated collaboration tools–has been on the agenda of a lot of companies. The switch to hybrid workplace models or digitised production environments also involves a lot of awareness raising. It's not only applications that have left the secure company perimeter, but also employees, making connectivity and secure connections a high priority. And even for connecting conventional production lines to digital control or remote maintenance systems, modern security from the cloud is now required. These radical changes are closely connected to each other and should be part of holistic transformation concepts. Opening eyes to new approaches Today, Cedric does not see his current job as “sales,” but rather an opportunity to demonstrate solutions that can help companies move away from traditional infrastructures to benefit from the full potential of the cloud. “The exciting part is getting to know the company better and understanding what their current issues really are. They know their infrastructure best and therefore know where it might need to change,” he said. Therefore, discussion with the customer as an equal is critical for him. He sees himself as a technical consultant who brings the customer new ideas by presenting modern solutions. By demonstrating the technical options that go hand in hand with a highly integrated security service from the cloud, his customer contact partners often experience the eureka effect. It's best if they discover the benefits of leaving behind traditional processes by introducing new solutions for themselves. The skill here is to show how innovations can find their way into a company: "I get a real sense of achievement when the customer themselves notices that they no longer need a traditional infrastructure that's so complex to manage when they use a cloud-based security service," continues Cedric. "Then I know that I've explained something well, without directly telling the customer which hardware they can get rid of in the future." Every meeting with a prospect is different. Experience with small- and medium-sized business does not necessarily translate to key accounts. The bigger a company, the more decision makers need to be convinced of the need for a transformation strategy for a fundamentally new solution. The bigger the company, the greater the number of interactions with the customer. This makes it important for SEs that they are accepted as consultants, and that a good relationship is established with the customer. "I find it helps to demonstrate how a zero trust platform can support the company goals. Because ultimately, the technology supports the business strategy and ensures that important projects can be implemented," Cedric said. “The customer can determine their own speed and decide which steps are suitable when for their chosen transformation strategy.” Meetings with larger companies are complex and often go beyond the technical department. Highly diverse executive departments are involved in the decision-making process and must be met with their requirements, not to mention their concerns. Particularly when it comes to compliance and data protection, best practice examples can help get the works council on board before the creation of a cloud-based security solution that includes the performance of integrated SSL/TLS scanning. It's a question of convincing employees about the load capacity of an approach and demonstrating tried-and-tested solutions. In the end, it is critical that the entire solution process for a holistic infrastructure change is communicated all the way up to management level. After more than a year as a sales engineer, Cedric believes that he began his journey through the consultancy landscape after moving to Zscaler. Today, he can combine his expertise from different disciplines and contribute to the Zscaler Zero Trust Exchange with technical sales. Thu, 19 May 2022 22:00:02 -0700 Gregor Keller Even the Cloud is Bigger (and More Secure) in Texas Zscaler is proud to have been named to the Texas Risk and Authorization Management Program (TX-RAMP) program. Our early entry into the TX-RAMP program gives our Texas customers access to the largest provider of zero trust access solutions in the U.S. In the spirit of FedRAMP and StateRAMP, this program provides a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process, store, or transmit the data of a state agency. Certifying products under the TX-RAMP umbrella allows for faster acquisition of secure cloud solutions, necessary for the modernization of Texas’ digital government. Being part of the certified products list means that state, local, and higher education customers in Texas have the assurance that Zscaler meets stringent data security requirements. TX-RAMP has reciprocal arrangements with FedRAMP and StateRAMP. Since those certifications can be cost and time prohibitive for many small companies, Texas wanted to offer another option to empower smaller Texas-based companies to pursue contracts with state and local government entities. Requirements for TX-RAMP are based on the same NIST 800-53 framework that StateRAMP and FedRAMP use. Companies are assessed by the Texas Department of Information Resources (DIR) and there is no cost associated with the assessment or program participation. Companies do not have to already have business with the state to participate. Zscaler Private Access (ZPA) and Zscaler Internet Access are certified at TX-RAMP level 2. Both technologies were included on the first authorized list released from StateRAMP and are also part of the FedRAMP program. The State of Oklahoma standardized on Zscaler as a way to strengthen their security posture while also providing their employees the ability to work from anywhere. Today, employees now have the same access and experience whether they are in the office or logging on from a coffee shop. The resulting connection is five times faster than the legacy VPN approach and has dramatically reduced the number of VPN help tickets from hundreds a day to virtually none. The Zscaler solution was up and running for 10,000 users across 90+ state agencies in just days. ZPA is a zero trust solution that connects authorized users directly to agency-approved private applications without being placed on the network, which dramatically reduces cyber risk. This approach significantly improves application performance and the user experience and reduces the attack surface and the associated risk of malware, ransomware, and other threats. The experience is identical whether the agency application is hosted in the government data center, or in destination clouds such as AWS GovCloud, Azure Government, or the Google Cloud Platform. ZPA was granted a Provisional Authorization To Operate (P-ATO) at Impact Level 5 (IL5) and achieved FedRAMP-High JAB Authorization. ZIA is a cloud security service that transforms networks by delivering cloud-based internet and web security that scales to all users, whether they are on- or off-network. ZIA leverages a cloud-native proxy to allow organizations to secure all online and SSL traffic. By securely following all users, applications, and devices, regardless of location, ZIA enables a zero trust approach to SaaS application and website access that helps reduce risk and restore compliance. The solution received Authorization to Operate (ATO) at the Moderate Impact level and achieved FedRAMP “In Process” status at the High Impact level, sponsored by a U.S. Department of Defense (DoD) Command. It is also prioritized for FedRAMP-High JAB Authorization. More information on TX-RAMP can be found here. Mon, 11 Apr 2022 13:38:24 -0700 Ian Milligan-Pate The Five Takeaways You Shouldn’t Miss from Zero Trust Live We recently wrapped up Zero Trust Live, our premier virtual event for IT and security leaders. In this post, I'll help you digest the key news and highlights from the event which featured an incredible line-up of industry visionaries, zero trust experts, and product innovators. Before I begin, if you missed the event and want more than a recap, you can watch it in full, anytime here. While so much was covered at Zero Trust Live, here are what I believe are the five key takeaways from the event: Zero trust marketing confusion abounds As a product marketer, nothing is more frustrating than seeing zero trust slapped onto everything in the industry (ahem, legacy network security vendors). I think Jim Alcove, Security Advisor & Former Chief Trust Officer, Salesforce, brought so much clarity to the term zero trust with this simple analogy from our keynote session: “If we think about security as a network example, it's about protecting how you're going to get to the thing that's important. So it's not about protecting the bank or the airport. It's about protecting the roads to the bank or the tunnel to the airport.” – Jim Alcove, Security Advisor & Former Chief Trust Officer, Salesforce The big news was next-generation ZTNA In 2016, Zscaler introduced the first-generation of zero trust network access (ZTNA) in response to the massive problem of remote access, and it quickly became the industry standard for VPN replacement. Nevertheless, there was still a compelling problem at stake: what happens if the tenets of identity have been subverted by a compromised user or insider threat? With our latest release, Zscaler Private Access (ZPA) becomes the only ZTNA platform available that securely CONNECTS, SEGMENTS, and PROTECTS users, applications, and devices in a single cloud platform. To learn more about next-generation ZTNA, watch the session here. We introduced three industry-first security service edge innovations First, we revealed how private app protection stops prevalent attacks. While there are massive efforts in the industry to develop more secure code, we still have a long way to go. 60% of organizations have had production applications exploited by OWASP Top 10 Vulnerabilities, according to ESG. While zero trust access reduces the blast radius of an attack by eliminating lateral movement, compromised users and insider threats could potentially steal sensitive data or bring down services if they can infect apps behind ZTNA services. ZPA AppProtection will automatically detect and block the attack to protect your applications. Watch the demo here. Secondly, we dove into how new integrated deception disrupts advanced adversaries. Targeted ransomware, supply chain attacks, nation-state threats, and other attacks that make headline news all have something in common: a thinking, human adversary. The threat landscape has fundamentally shifted from malware-driven to a hands-on keyboard focus which makes threat detection difficult and all the more crucial. An industry first, integrated deception evolves lateral movement detection for advanced attacks with private app decoys deployed seamlessly through Zscaler Private Access. Think of it as the “easy button” for deception. Watch the demo here. Third, we introduced privileged remote access for Industrial IoT and OT systems. Plant operations teams prioritize plant uptime and people safety, which drives the need to allow third-party vendors and service technicians to access production systems which could potentially introduce risk of ransomware, lateral movement, and downtime.. With our newly launched Privileged Remote Access solution for Industrial IoT and OT, we enable fully isolated, clientless access to RDP and SSH systems for employees, vendors, and contractors connecting from untrusted networks and unmanaged devices. As part of this, we’re also proud to be partnering with one of the world’s premier providers of industrial automation solutions, Siemens, who is making Zscaler Private Access available as a native connectivity option for their industrial devices. Watch the demo here. Zero trust is about a better user experience. Nearly every one of our customer speakers stressed that a great user experience was paramount to their success. With zero trust, they removed the friction that a lot of people experience in their daily lives when accessing resources. “ZPA lets people have literally a bookmark style of access to things that otherwise you'd have to do traditional network merges and IP address deconflicts and change DNS settings. It is months and months and months of work that, literally overnight, I didn't have to worry about.” – Steve Williams, Enterprise CISO, NTT DATA Zero trust is a journey, not a destination Most organizations struggle with where to start. During the event, we touched on the importance of figuring out where you can buy down risk, or at a minimum, solve a painful business problem, whether that's performance, cost, or legacy technology incurring technical debt. Once you tackle that, the next step is to expand strategically. Remember, zero trust is not a monolithic effort! To get an actionable playbook for zero trust transformation, watch our best practices session here. And a heartfelt thank you… To all of our speakers, partners, and attendees for making this one of our most successful events of the year: Andy Abercrombie, CISO, Novelis Chris Kachigian, Sr. Director, Crowdstrike Chris Porter, CISO, Fannie Mae Darin Hurd, CISO, Guaranteed Rate Don Freese, SVP & Global CISO, Digital Realty Herbert Wegmann, General Manager, Siemens James Brodsky, Sr. Director, Okta Jim Alkove, Security Advisor & Former CTO, Salesforce Parthasarathi Chakraborty, AVP, Humana Satyavrat Mishra, AVT, Godrej Industries Steve Williams, Enterprise CISO, NTT DATA Services Join us for Zenith Live 2022 You can look forward to even more at our marquee annual user conference Zenith Live 2022 Wed, 06 Apr 2022 16:35:13 -0700 Linda Park Zero Trust Live: Industry Leaders Less than a week to go for Zero Trust Live! Zero Trust Live is an exclusive virtual event that aims to educate and enlighten IT and security professionals and provide insight into industry best practices for implementing zero trust. In this premier event, we will reveal new innovations for the Zscaler Zero Trust Exchange including the first and only next-gen zero trust network access (ZTNA) offering. We have an incredible lineup of speakers who have led and executed zero trust strategies in some of the most prominent organizations in the world. We’re excited to announce our speakers for Zero Trust Live Jim Alkove is the Security Advisor and former Chief Trust Officer of Salesforce. As Chief Trust Officer, Jim was responsible for enterprise-wide information security and compliance, as well as information management and strategy to deliver the most secure and trusted enterprise cloud. He led a team with strategic focus on information security, including engineering, operations, assurance, training and awareness, communications, governance, and M&A integration. Jim also serves as an Advisory Board member for the World Economic Forum Centre for Cybersecurity and as the site lead for Salesforce in the Pacific Northwest. Jim will have an in-depth discussion with Jay Chaudhry on building an extended zero trust architecture that spans Zscaler, Crowdstrike, and Okta. Darin Hurd CISO, Guaranteed Rate Chris Kachigian Sr. Director, CrowdStrike James Brodsky Sr. Director, Okta Darin Hurd is a security industry leader with over twenty years' experience in information technology, consulting and financial services. Darin is currently the CISO of Guaranteed Rate, leading their information security, privacy and risk. Darin is a zero trust champion and has successfully implemented zero trust architecture within Guaranteed Rate that was driven by their exponential growth in recent years. Chris Kachigian is the Sr. Director, Global Solution Architecture - Technology Alliances at CrowdStrike. Chris helps CrowdStrike partners deliver better outcomes to customers by solving their security challenges with CrowdStrike’s platform. He has a wealth of experience in cybersecurity architecture, global system integrators, and technical integrations. James Brodsky recently joined Okta to lead global cybersecurity efforts within Okta's Solution Engineering. A veteran of the industry for more than 20 years and formerly a leader at Splunk, Tripwire, IBM, and Resolve Systems, he focuses on bringing innovative solutions to customer security and compliance challenges. Hear from Darin, Guaranteed Rate’s success story on implementing zero trust ecosystem with CrowdStrike and Okta. In this session, Chris and James will be discussing why zero trust is a team sport and demonstrate the integrated partnership that forms the zero trust ecosystem. They will lay out strategies to follow to implement end-to-end zero trust and detail how to simplify the adoption of zero trust within your organization. You will also get an exclusive look at the integrated platform that includes Zscaler, CrowdStrike, and Okta. Chris Porter CISO, Fannie Mae Parthasarathi Chakraborty AVP, Humana Steve Williams CISO, NTT Data Chris Porter is the CISO of Fannie Mae. He is a passionate cybersecurity professional with a proven track record in research, intelligence, and consulting. He is globally recognized as a leader in data breach research with Verizon’s Data Breach Report series and for creating the VERIS Framework. He’s a member of the University of Virginia’s McIntire School of Commerce MSMIT Advisory Board. Parthasarathi Chakraborty is a visionary technology leader, inventor, blogger, and speaker with an exceptional track record of implementing transformational cybersecurity initiatives for fortune 50 financial & healthcare organizations. Parthas has a track record in building inhouse patented cybersecurity solutions. Partha is an executive leader with a sharp business mind and is an "engineer at heart". Steve Williams is the CISO at NTT Data in Plano, where he is responsible for the global advancement of NTT Data's security maturity. In addition, Steve is responsible for instilling a cultural change within the company; knowing that enterprise security is most successful when employees are educated and motivated. Steve has more than 30 years of IT experience, mostly focused on large global enterprises and Fortune 500 companies. Join security leaders to learn about how they replaced their old clunky hardware for a modern zero trust approach. Chris, Partha, and Steve share best practices and learnings from their zero trust adoption journey to help you speed up and simplify your journey. Learn about their motivations to get started on their zero trust journey and how they were able to lead their organizations into successfully transitioning from legacy hardware to the modern workplace. We hope you have your calendars marked and look forward to seeing you virtually! Register now. Fri, 18 Mar 2022 14:00:02 -0700 Kanishka Pandit Announcing Zscaler’s New XDR Partnership with SentinelOne Register for our webinar discussion on Thursday, March 3rd to hear directly from customers and product leaders about the Zscaler + SentinelOne integration. Zscaler’s customers rely on us as the leader in zero trust to limit their security risks as they expand their organization’s digital footprints to new globally distributed devices, application stacks, and infrastructures. Anyone who has undergone any level of zero trust deployment knows that the central credo is ‘assume breach.’ Architect your IT and security systems as though there are already malicious actors in your system, then disrupt their ability to operate. Security operations teams play a critical role in zero trust. If we’re ‘assuming breach,’ then we’d better be hunting and investigating those threats. Our new integration with SentinelOne allows SecOps teams to do that with even greater confidence and efficiency. Breaking security silos with XDR Most enterprise security stacks contain an array of disjointed point products that each have their own security controls, and that offer little or no meaningful correlations between them. When security operations teams see something suspicious in their logs, they have to pivot between various tools and manually piece together information to understand the scope of the threat. Remediation is the same: each security control often must be updated individually. The net result is far from ideal. It takes 280 days, on average, to mitigate a threat. And this inefficient pivoting is a waste of analysts’ critical time. Zscaler and SentinelOne are tackling this challenge head-on. With integration into SentinelOne Singularity XDR, logs from the Zscaler Zero Trust Exchange —the world’s largest security cloud—are ingested into SentinelOne's Scalyr back end where they can then be queried and faceted, allowing security operations teams to quickly triage and respond to attacks. This joint solution empowers security operations to take policy-driven actions across platforms that remediate threats automatically before an endpoint compromise results in cloud data exfiltration or other damage. Analysts can trigger automatic and manual response actions from SentinelOne into Zscaler such as revoking access or quarantining users or moving them into a more restrictive group, based on which access policy to selective applications can be applied. This automatically limits an attacker’s ability to infiltrate and launch an attack. Zscaler + SentinelOne integration Key use cases Extended visibility and accelerated remediation SentinelOne consumes both Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) logs for expanded visibility, and enables security analysts to configure flexible response policies right from the SentinelOne console. These logs add context to help triage and investigate threats without needing to pivot from the SentinelOne console, where analysts can also quickly and automatically mitigate threats by limiting user access, quarantining a user, blocking access to one or a group of critical applications, or restricting access to specific applications with browser isolation. Zero trust conditional access SentinelOne continuously checks policy and enforces compliance in accordance with Zscaler policies. When an endpoint attempts to access a corporate application, Zscaler first performs a posture check to ensure that SentinelOne is installed and running before granting access. The SentinelOne and Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) integration enables seamless conditional access, ensuring that the trusted identity on a trusted device can directly access authorized corporate applications without exposing the network. Extending best-of-breed zero trust for faster investigations and better response Extended detection and response (XDR) and zero trust are two sides of the same coin, both fundamentally seeking to simplify and reduce the risk of digital transformation by increasing visibility and reducing the attack surface. Zero trust defines the architecture, policy, and strategy; XDR provides the analytics and drives the SecOps workflows. Zscaler is excited to partner with SentinelOne to take both zero trust and XDR to the next level, extending our platform from the cloud to the endpoint with shared telemetry and coordinated response actions. This powerful integration is only the start of the many benefits we expect to bring to our joint customers. If you’d like to learn more, download our solution brief – or better yet, join us for our upcoming webinar on March 3rd, where you can hear directly from product leaders and customers about this integration and what it means for you. Mon, 14 Feb 2022 06:00:02 -0800 Mark Brozek Zscaler Named a Glassdoor Best Place to Work for Second Year The last two years have been difficult for us all in many ways; individually, professionally, and globally. Zscaler has made a point to address these challenges that may be weighing on our workforce, and has proactively maintained open communication, prioritized the health and safety of employees, and shown compassion, both internally and externally, resulting in a subsequent explosion of growth. Because of these efforts and a focus on an inclusive and supportive workplace culture, Zscaler has been recognized by Glassdoor, for the second year in a row, as one of the 100 Best Places to Work. To determine the award’s winners, Glassdoor evaluates all company reviews shared by employees over the past year. What’s more, Glassdoor ratings are not based on self-nomination or application, but rather compiled solely from feedback shared voluntarily and anonymously by Zscaler employees, so we want to give a heartfelt and sincere thank you to everyone in the Zscaler family who have taken the time to review Zscaler on Glassdoor. Ranking number 38 with an overall company rating of 4.4 in the U.S. and 4.6 worldwide, we at Zscaler do not take this recognition lightly, and are incredibly honored and humbled by the opportunity to be included in this highly-coveted list, and intend to accomplish even more in the coming year. Zscaler is built upon five core values that we believe contribute to our overall success and employee happiness: Teamwork We intentionally build and nurture healthy work relationships. We celebrate together, solve complex problems together, and openly share information. We move as one, with a unified common goal. Open communication When it comes to discussing what’s right, what’s wrong, and what we can do better, nothing is off the table. Although we have and continue to grow at a rapid pace, we continue to foster an environment where our people feel safe sharing their opinions with others. Passion We are fiercely passionate about our work, our company, our colleagues, our customers, and our partners. As an incredibly diverse company, we understand that the passions of our employees may differ, however, this is what continues to make us successful. Innovation We are driven to not only innovate cloud transformation through our products but to also innovate in our jobs, whether as an engineer, marketer, salesperson, or lawyer. Customer obsession We are, above all else, obsessed with the success of our customers. I see us consistently succeeding at this by how we treat customers as partners—not prospects. These key tenets, coupled with a reputation for accountability and following through, have positioned Zscaler as not only a leader in the industry, but also as a great place to work. Interested in joining our team? We’re actively hiring company-wide and are seeking smart, motivated, creative people to join the Zscaler family to help us reach new heights in 2022. Search open job opportunities and learn more by visiting our careers page. Wed, 12 Jan 2022 08:00:01 -0800 Victoria Palmer Zscaler Secures Cloud Workloads with the Zscaler Zero Trust Exchange™ Since its inception, Zscaler has remained dedicated to protecting our customers—it’s at the very core of everything we do. In our first decade, we focused intently on providing users secure access to applications, first to the internet and SaaS with Zscaler Internet Access (ZIA) followed by private applications with Zscaler Private Access (ZPA), both of which are rooted in zero trust. I’m proud to say we’ve been successful on this front and will continue to aggressively innovate to keep users, workloads, devices, and data safe. But zero trust is most effective when approached as a holistic strategy applied not only to users but also across the entire organization, including workloads in the cloud. Our vision for cloud security focuses on protecting any workload—whether traditional VMs or cloud-native applications—with a broad set of solutions powered by the Zero Trust Exchange. These offerings draw from our strengths in cloud posture, entitlements, data loss and threat prevention, and workload communications. With today’s introduction of Workload Communications, we’re delivering on a major component of our commitment to help our customers extend zero trust to secure their public cloud workloads. As organizations increasingly adopt multi-cloud and hybrid-cloud strategies, building multi-cloud networks by simply extending the corporate WAN increases risk and introduces operational complexity. With workloads being deployed in multiple regions of multiple cloud providers, these mesh networks drive up costs and are also difficult to implement, scale, and manage. Many organizations have relied on a castle-and-moat approach to securing the cloud, yet this uses legacy VPN and firewall solutions which increase the attack surface and facilitate lateral threat movement, putting company data and applications at risk. Zero trust security architecture is superior to network security. Instead of relying on a routable network with firewalls, you connect the right entity to the right entity through a secure exchange. Zscaler’s Zero Trust Exchange uses identity and context to directly connect entities such as users, devices, and applications to create a seamless and secure experience. Zscaler pioneered the Zero Trust Exchange by securely connecting users to apps from anywhere. Today, I am happy to announce that Zscaler is extending zero trust to the public cloud with Workload Communications. Enabled by the Zscaler Zero Trust Exchange, Workload Communications extends the capabilities of ZIA and ZPA to clouds, allowing workloads to communicate with other workloads in any region of any cloud provider, over any network. Zscaler has partnered with major cloud providers such as AWS and Microsoft Azure to deliver a network-agnostic zero trust fabric that works over the Internet, Direct Connect, and Express Routes to meet the specific communication needs of cloud workloads in single and multi-cloud environments. We're very excited with the response from our customers who have already implemented Zscaler’s Zero Trust for Cloud Workload solution. I’d like to invite you to learn more about their success as well as the solution by watching our Zero Trust Your Cloud Workloads launch event live in your region or on-demand. To learn more, please also visit the Workload Communications page on our website. Tue, 07 Dec 2021 21:42:42 -0800 Jay Chaudhry Ramping Up Secure Cloud: Zscaler Testimony to Senate Committee At a U.S. Senate Homeland Security and Governmental Affairs Committee roundtable this week, I was honored to be selected to testify on behalf of Zscaler in support of bipartisan legislation to improve the FedRAMP program. FedRAMP promotes cloud adoption across the federal government by providing standardized security and risk assessments for cloud service offerings based on a “certify once, use many times” approach. Zscaler’s FedRAMP authorizations allow agencies to use our cloud security tools with confidence in knowing that they meet federal security requirements. Senator Gary Peters (D-MI) chaired the roundtable and previously introduced bipartisan FedRAMP legislation to “make sure that agencies can procure cloud-based technology quickly, while ensuring these systems – and the information they store – are secure.” Senator Rob Portman (R-OH), the top-ranked Republican on the panel, noted that FedRAMP is “the conduit for a standard approach to assessing the security issues regarding cloud services” and probed participants for suggestions on how to improve the program and efficiencies. David Shive, CIO, General Services Administration (GSA) likewise affirmed the program’s role, “We are relying on FedRAMP to help implement the President's executive order on cybersecurity, to support agencies as they migrate to a zero trust architecture and generally to accelerate the adoption of modern cloud tools that improve agency efficiency, and ultimately the public's experience with their government.” Ashley Mahan, Acting Assistant Commissioner, Technology Transformation Services, GSA also discussed how the FedRAMP program has continued to evolve and progress through the implementation of automation tools and modernizing its processes. In my testimony, I emphasized the importance of FedRAMP, and the role the program played during COVID response by enabling the government to more quickly shift to adopting cloud services, which have already been proven and accredited by Federal security standards. Zscaler supports the Federal Secure Cloud Improvement and Jobs Act (S. 3099) and companion legislation that has already been approved by the U.S. House of Representatives. Importantly for cloud service providers, the legislation encourages reuse and reciprocal treatment by agencies of CSPs’ existing security authorizations. The FedRAMP bill would also boost resources for a small GSA program whose importance for agencies and industry partners has grown significantly as cloud adoption has accelerated across government. Zscaler’s mission is to make the cloud a safe place to do business and empower organizations to realize the full potential of the cloud and mobility by securely connecting users to applications anywhere, from any device. Like the FedRAMP program, Zscaler was born and built for the cloud. Two hundred billion transactions a day run across our platforms, and we make more than 200,000 updates each day to defend against new cyberattacks identified around the world. That is why we view FedRAMP as an important initiative and built our Zero Trust Exchange on two FedRAMP-High and Moderate-authorized platforms, as well as a Department of Defense Impact Level (IL) 5 certification. We are proud to be a champion of the FedRAMP program and are grateful for the opportunity to share our experience and support efforts to move modernization forward securely. Find more information and archived video of the Senate roundtable here. Thu, 02 Dec 2021 17:07:43 -0800 Stephen Kovac Innovation to Protect the World As I reflect on Zscaler’s journey and progress over the last 14 years, it is clear that our solutions, which help organizations become more secure and agile in the cloud world, are having a positive impact on our customers. I know this will continue as we expand our services and customer reach globally, and I believe that our impact will extend beyond customers to benefit our rapidly changing society. Those who have followed our company’s journey are aware of the high standards we set for ourselves to seek out the right solutions. I firmly believe that the way we operate—with deep expertise rooted in the highest levels of integrity and responsibility—will continue to drive innovation that serves our customers, our business, and our society. As Zscaler enters a new stage of growth, it is important to share our approach to managing our environmental, social, and governance (ESG) focus areas with our customers, partners, investors, and broader communities. This transparency will help ensure that we build on our progress and continuously challenge ourselves to make an even greater longer-term impact. At Zscaler, we are passionate about creating meaningful change to address the challenges before us. As our company grows, we are presented with an immense opportunity and responsibility, and we stand committed to delivering value to our customers with digital solutions that allow them to operate more sustainably. The way people work and the way the world does business has been redefined, and our solutions provide customers with the flexibility to design their own modern workplaces by providing their employees with the same world-class cybersecurity protection and digital experience wherever they may be located. Our cloud-delivered solutions optimize computing resources, resulting in unprecedented levels of efficiency. Not only are our customers protected against real-time threats, but they’re also benefiting from an innovative and modern architecture that is an inherently environmentally conscious approach—with fewer servers and appliances, less rack space, and dramatically reduced power and cooling needs—compared to legacy approaches. As we help customers achieve their sustainability goals, we are committed to further minimizing our own impact on the planet with environmental objectives, and we are working towards setting greenhouse gas goals aligned with climate science. Our success is a direct result of the hard work and ingenuity of our employees. I am proud of our collaborative environment in which our employees embrace teamwork and are aligned in achieving our mission. We believe in rolling up our sleeves, acting on our convictions, questioning the status quo, and tackling tough problems head-on. Therefore, it is essential for us to invest in our people, let their passions come through, and encourage open dialogue that can lead to meaningful change. We do our best to attract, train, and elevate the best people possible while embracing diversity in our company and the communities where we live and work. I am deeply thankful to work alongside a team that embraces and champions these values and shares a vision of creating a safer, more sustainable world. I am proud of what we have accomplished so far, and I am eager to continue our shared journey to build a generational company. Additional information on our impact and approach can be found on our new ESG site. Thu, 04 Nov 2021 12:20:48 -0700 Jay Chaudhry Zscaler’s Stephen Kovac Named Vice Chair for Alliance for Digital Innovation Board of Directors Zscaler is honored to announce that Stephen Kovac, Chief Compliance Officer and Head of Global Government Affairs, was named Vice Chair of the Alliance for Digital Innovation (ADI)’s 2021 Board of Directors. Kovac will represent Zscaler alongside board members from EXCELLACORP, Salesforce, Amazon, Palantir Technologies, Splunk, Strongbridge LLC, Johnson Controls, VMware, Google, and NuAxis Innovations. ADI is a non-profit association of commercial companies helping to shape innovation in government and technology and drive IT modernization. ADI members are leaders who focus on innovation and emerging technologies within the government, often in the realm of artificial intelligence, cybersecurity, cloud computing, and mobile technologies. Kovac’s role underscores Zscaler’s commitment to supporting federal modernization. “Zscaler is committed to collaboration to drive modernization progress,” said Kovac. “I look forward to representing Zscaler as a voice for change and am honored to work alongside top industry leaders who share the same goal.” We have believed in the ADI mission since the beginning, and I look forward to driving the agenda and helping to grow ADI membership and impact into the future.” Zscaler is committed to enabling zero trust-based secure access, to keep Federal employees secure and productive. Steps over the past year include: The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) named Zscaler a collaborator on its’ Zero Trust Architecture Project – which focuses on developing approaches to implementing zero trust within government and industry The Pentagon’s Defense Innovation Unit (DIU) issued Zscaler a success memo for completion of Secure Cloud Management (SCM) prototypes The FedRAMP Joint Authorization Board (JAB) prioritized Zscaler Internet Access (ZIA) for authorization at the High Impact Level. ZIA and Zscaler Private Access (JAB authorized at the High Impact Level) are the core of the Zscaler Zero Trust Exchange For more information on ADI and its efforts, visit the website here. Tue, 19 Oct 2021 08:00:02 -0700 Josie Smoot Zscaler Internet Access (ZIA) and CrowdStrike: Zero Trust Access Control Based on Device Security Posture The rise in mobile work is dissolving the traditional security perimeter, and the best way to secure this “new normal” is by adopting a zero trust model. Zero trust is often also called perimeter-less security, as no user or device is granted inherent trust. Every device connecting to the network needs to be authenticated and must have the authorization to gain the required access. Together, CrowdStrike and Zscaler are simplifying the adoption of zero trust. The adoption of zero trust security Image: Zscaler The previous integration of Zscaler Private Access (ZPA) and CrowdStrike proved to be immensely valuable to our customers, with capabilities like continuous zero trust checks, conditional access control for endpoints, and granting privileged access to private applications in the data center, or public cloud, based on user identity and endpoint security posture. This provided comprehensive security, from device to application, by only allowing authorized user access and offering device isolation if an appliance was infected with malware. This capability is now extended to internet application access. Achieving zero trust with the Zscaler and CrowdStrike integration Zscaler Internet Access (ZIA) helps secure your internet and SaaS connections by delivering a complete secure stack as a service from the cloud. CrowdStrike Falcon ZTA (Zero Trust Assessment) supports Falcon Zero Trust by providing continuous, real-time security and compliance checks for endpoints. When these two forces come together, they offer a powerful end-to-end security solution. This integration provides the ability to assess the device posture and health status passed down from CrowdStrike before granting access to internet applications. The integrated solution helps joint customers with adaptive, risk-based access control, with enhanced defense by allowing only well-protected devices to connect to these SaaS apps ZIA + CrowdStrike gives organizations the ability to create access controls and policies based on the presence of a CrowdStrike agent in the endpoint and also based on the ZTA health score computed for each device. The health score gives an amplified understanding about the device posture and allows ZIA to leverage this information to allow or block the device from accessing internet applications. The ZTA score is evaluated each time a connection request is made, making the conditional access adaptive to the evolving condition of the device overtime. Organizations can create custom device trust groups based on CrowdStrike posture to provide conditional access like shown below. How does this feature help customers? Joint customers of Zscaler and CrowdStrike will be able to: Assess continuous, real-time security and compliance checks of the endpoints. Ensure only secure devices can access internet applications. Set policies for SaaS applications based on posture and status from the CrowdStrike API. The ZIA and CrowdStrike integration solution allows users to enable safe and seamless access to internet applications from any location, on any device. Tue, 12 Oct 2021 07:26:27 -0700 Ranjani Ramamurthy Siemens and Zscaler Partner to Extend Zero Trust Security to the Industrial Edge for Smart Factories Zscaler is proud to announce a new strategic partnership with Siemens, the global powerhouse in industrial automation and digitalization, to address emerging cyber threats posed to industrial infrastructure and remote collaboration challenges for discrete and process industries. Together, Zscaler and Siemens strengthen cybersecurity for industrial environments by combining Zscaler’s cloud-delivered zero trust network access service with Siemens’s powerful local processing platform. The solution provides fast, seamless, and secure remote access to factory-floor systems and machines for employees and third parties, such as plant operators and maintenance technicians. With cloud-delivered security, you can dynamically expand existing systems by running the Zscaler Private Access App Connector as a Docker container on Siemens’ SCALANCE LPE local processing engine to provide highly secure access to industrial automation environments via a zero trust connectivity method. Deployment of secure remote access has never been easier. Our joint solution extends zero trust to OT and IoT environments and accelerates OT/IT convergence and security maturity for enterprises with critical manufacturing and production environments. This offering is now available to customers through joint Zscaler and Siemens go-to-market efforts. Solving the OT remote access challenge Today, plant operations and OT system owners are modernizing their industrial networks and expanding connectivity for their remote workforce to boost productivity. While interconnecting the factory floor to IT systems unlocks business value, it also creates vulnerabilities and increases the risks of cyber threats critically disrupting your operations – or worse putting workers in danger. In addition, unplanned downtime from cyber security incidents or network outages can cause serious harm to plants and personnel, resulting in revenue loss and reputational impact. Traditionally, employees and third parties are connected to OT environments via virtual private networks (VPN). There are two challenges with this that need to be considered. First, the cumbersome user experience [hop through rendezvous server and jump host]. Second, the expanded attack surface. In the traditional approach, employees and third parties are connected to OT environments via management systems for virtual private networks (VPNs. However, due to the increasing amount of required remote connections for IT/OT collaboration or IIoT, these traditional solutions are being stretched to their limits. The need for zero trust OT environments were once islands, air-gapped from the internet. These air gaps are eroding and no longer enough. Since even VPN solutions widely used in the past will reach their limits, we need a new paradigm for industry cybersecurity. Enter zero trust. As today’s work-from-anywhere society reshapes companies and industries in lasting ways, it is important to modernize security concepts, especially as legacy technology that is unable to support secure remote access in the most secure manner. Our future calls for a zero-trust approach when modernizing OT networks in order to accelerate the move to more secure remote access implementations for OT. Preventing operational disruption and downtime Together, Zscaler and Siemens provide OT security teams with highly secure remote access to their industrial networks for employees and third-party users, maximizing productivity and uptime. With Zscaler Private Access, you can allow employees to continuously and remotely access restricted areas (e.g. manufacturing areas, restricted labs). The connection is limited to the concerned machine network and restricted area, and complies with cybersecurity rules and frameworks. In this way, critical manufacturing and production industries can now empower existing automation networks with Zero Trust principles. Choosing fully cloud-delivered OT zero trust network access solutions provides seamless, easy access from anywhere in the world, while eliminating the attack surface and significantly reducing the risk of a cyberattack. Joint benefits of Zscaler and Siemens SCALANCE device: Connectivity – Control who and what connects to your OT and IoT edge networks for secure, flexible, granular access to distributed operational infrastructure Fast, Reliable – Users get the shortest, frictionless path to the OT network. Zscaler cloud designed for high availability and low latency Simplicity – One software for secure remote access to OT and IT business, production and cloud resources. Reduces cost and complexity – Eliminates the need for VPN infrastructure. Reduced connectivity demands and firewall rules by means of specified internet breakouts. Out of the box – SCALANCE products support Zscaler technology out of the box Legacy integration – authorized and authenticated communication also with legacy devices by means of zero trust gateways IT/OT convergence I am particularly excited about this new innovation in cybersecurity because it is a major step forward in OT/IT convergence, which the industry has been long anticipating. A convergence in controls of the OT and IT networks not only simplifies enterprise IT spend, but it also helps modernize OT security principles, which becomes more critical every day given the ransomware and other mounting threats against manufacturing and production environments. Now, with Zscaler, an enterprise can leverage integrated security concepts between OT and IT domains, leveraging zero trust for all users in all networks to securely and remotely access the data they need to do their jobs, no matter where they are, or what network connection they use. This comprehensive architectural diagram below cleanly depicts the now encompassing solution that enables remote workers, branch office workers, corporate headquarter workers, and third party partners to access applications, systems and devices where they may need to access data to perform employment functions, conduct servicing and maintenance, or other duties: Protect and empower your anywhere workforce. Start with zero today. Introducing Zscaler and Siemens’ joint industrial secure remote access solutions is very exciting for us. We’re working with OT and IT security professionals to help strengthen their arsenal of cyber defenses and accelerate their OT and IT transformation. Take advantage of our experts and tools designed to help you succeed in your zero trust journey. Learn more: Read the Zscaler and Siemens partner brief Set up some time to meet with us Contact us at Take our free attack surface assessment Related Links Webpage: What is OT Security? Webpage: Zscaler Secure Remote Access for OT Systems Press Release: Siemens and Zscaler Partner on Integrated Zero Trust Security Solutions for OT/IT About Siemens Siemens AG (Berlin and Munich) is a technology company focused on industry, infrastructure, transport, and healthcare. From more resource-efficient factories, resilient supply chains, and smarter buildings and grids, to cleaner and more comfortable transportation as well as advanced healthcare, the company creates technology with purpose adding real value for customers. By combining the real and the digital worlds, Siemens empowers its customers to transform their industries and markets, to transform the everyday for billions of people. Siemens also owns a majority stake in the publicly listed company Siemens Healthineers, a globally leading medical technology provider shaping the future of healthcare. In addition, Siemens holds a minority stake in Siemens Energy, a global leader in the transmission and generation of electrical power. In fiscal 2020, which ended on September 30, 2020, the Siemens Group generated revenue of €55.3 billion and net income of €4.2 billion. As of September 30, 2020, the company had around 293,000 employees worldwide. Further information is available on the Internet at Thu, 23 Sep 2021 08:00:01 -0700 Nicole Bucala Zscaler is First and Only Cloud-based SaaS Security Company to Achieve StateRAMP Ready Status This week, Zscaler Private Access (ZPA) and Zscaler Internet Access (ZIA) achieved StateRAMP Ready status, underscoring Zscaler’s commitment to securing state and local government employees and data. The newly announced StateRAMP Authorized Vendor List gives state and local government IT and procurement officials confidence in their cloud service provider’s data security capabilities and provides a central location for sourcing service providers using or offering infrastructure-as-a-service (IaaS), software-as-a-service (SaaS), and/or platform-as-a-service (PaaS) solutions that process, store, and/or transmit government data. The program aims to drive consistent cybersecurity defenses across vulnerable state and local government organizations. It is modeled in part after FedRAMP, and is based on a “certify once, use many” concept that saves time and reduces costs for both service providers and government agencies. Like FedRAMP, StateRAMP relies on independent third-party assessment organizations (3PAOs) to conduct assessments. “StateRAMP will help state and local government agencies improve their cybersecurity posture and drive more consistent cyber defenses. With the ever-increasing cyber threats, attacks, and breaches, participation and expertise from companies including Zscaler is critical to success,” said David Cagigal, Former CIO of Wisconsin. “It is encouraging to see government and industry come together and continually evolve to better serve constituents across the country.” “Zscaler is committed to partnering with government agencies to improve cyber defenses and secure the public sector. We were involved with FedRAMP from the beginning and are very encouraged to see and support the 'certify once use many’ approach that FedRAMP coined being adopted at the state level,” said Stephen Kovac, Chief Compliance Officer at Zscaler. “FedRAMP and now StateRAMP are excellent examples of how policy driver compliance programs can be incredibly efficient, speed up innovation, and build upon the partnerships between private industry and the government.” “Zscaler was a fantastic partner to conduct testing the StateRAMP Fast Track process. Their documentation, system information, and audit results were professional, accurate, and provided in a well organized and easy to review structure,” said Noah Brown, PMO Director, StateRamp. “The PMO thanks the Zscaler team for the communication, attention to detail, and for working diligently to answer our questions as we worked through this process.” As hybrid work continues, state and local governments continue to accelerate digital transformation initiatives. But transformation also increases risk with a dramatically expanded attack surface that must be protected. ZPA and ZIA are the core of the Zscaler Zero Trust Exchange, providing innovations that help customers accelerate digitalization with confidence. “We’ve completely changed the cybersecurity posture of the State of Oklahoma, with Zscaler playing an integral part of our transformation,” said Matt Singleton, CISO, Office of Management and Enterprise Services, State of Oklahoma. “We now have unprecedented visibility into the environment. We can respond faster and forecast where we may have issues and address those areas before they become a problem.” ZPA is a zero trust solution that connects authorized users directly to agency-approved private applications without being placed on the network, which dramatically reduces cyber risk. This approach significantly improves application performance and the user experience and reduces the attack surface and the associated risk of malware, ransomware, and other threats. The experience is identical whether the agency application is hosted in the government data center, or in destination clouds such as AWS GovCloud, Azure Government, or the Google Cloud Platform. ZIA is a cloud security service that transforms networks by delivering cloud-based internet and web security that scales to all users, whether they are on or off network. ZIA leverages a cloud-native proxy to allow organizations to secure all online and SSL traffic. By securely following all users, applications, and devices, regardless of location, ZIA enables a zero trust approach to SaaS application and website access that helps reduce risk and restore compliance. For more information on StateRAMP, visit Tue, 14 Sep 2021 09:30:59 -0700 Ian Milligan-Pate Zscaler Launches Partner Demand Center to Support Partner Demand Gen Efforts Did you know that Partner co-marketing efforts that leverage digital channels see four times the pipeline of non-digital partnerships? But digital marketing is often easier said than done, right? At Zscaler, our Global Partner Marketing team wants to make it as easy as possible for you to generate quality leads through digital co-marketing and build brand affinity online with your customers, no matter your marketing skillset, organization, or budget size. That's why today we are excited to announce the launch of the Partner Demand Center (PDC), a self-service and easy-to-use platform designed to help our Partners execute turn-key digital marketing activities at no cost. The PDC enables you to: Create demand and build pipeline with ready-to-launch email campaigns around zero trust, cyber threats, ransomware, and more! Launch microsites and website syndication with the latest zero trust content–no coding experience required. Strengthen your social selling skills through one-click social syndication on your personal or company pages Easily access searchable, diverse, and co-brandable Zscaler content Access valuable lead details, campaign measurement, and analytics tools We are excited to help our Partners achieve their digital co-marketing goals with the Partner Demand Center. To learn more, please join us for Partner RevUp LIVE next week where we will go into more detail and share a live demo of the platform. Date: Sep 22, 2021 07:00 AM PST Register Here To explore the PDC today, log in to the Partner Portal and click the “Marketing” tab in the toolbar. If you do not have an existing Partner Portal account you can easily apply here. For help logging in to the Partner Portal, please contact for assistance. Thu, 16 Sep 2021 07:00:01 -0700 Elorie Widmer Zscaler Executives Honored to Receive Federal 100 Awards Zscaler is honored to share that Stephen Kovac, Vice President of Global Government and Head of Corporate Compliance, and Drew Schnabel, Vice President, Federal, were honored as Federal 100 Awards winners at a ceremony on August 27—celebrating both 2020 and 2021 awardees. The Federal 100 Awards are the most prestigious awards in the federal IT industry, celebrating government and industry leaders who have gone above and beyond to demonstrate the innovative ways technology is transforming government—something both Kovac and Schnabel continue to exemplify. Drew Schnabel, a 2021 winner, was selected for his tireless efforts as a vocal advocate for zero trust security. Schnabel understands the value of industry/government collaboration and has been instrumental in bringing the Department of Defense (DoD) SkillBridge program to Zscaler, which gives military service members the opportunity to participate in industry-sponsored positions, gaining experience and training as they transition into the civilian workforce. Stephen Kovac, a 2020 winner, was honored for his relentless work to remove roadblocks to Federal cloud adoption, raising awareness, and educating policymakers and Federal IT leaders about opportunities for progress. He is the industry’s most vocal advocate for Trusted Internet Connection (TIC) reform, a significant barrier to cloud in government, in addition to supporting Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) reform efforts. Zscaler is committed to improving the nation’s cybersecurity posture and helping federal IT leaders embrace a cloud-delivered approach to enabling zero trust and delivering fast, seamless, and secure access across the entire ecosystem. Over the past year, Zscaler has taken a series of important steps, moving us closer to this goal: Zscaler was named a collaborator on the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) by implementing a zero trust architecture project which brings government and industry together to demonstrate various approaches to building a zero trust architecture. Zscaler joins 17 other technology companies on the project, underscoring the critical importance of collaboration between the public and private sectors. Zscaler received a success memo from the Pentagon’s Defense Innovation Unit (DIU) for successfully completing Secure Cloud Management (SCM) prototypes as part of a year-long process where the DIU evaluated service offerings that deliver fast, secure, and controlled access by DIU users to software-as-a-service (SaaS) apps directly over the internet. Zscaler Prioritized Joint Authorization Board (JAB) and FedRAMP certification for Zscaler Internet Access (ZIA) at the High Impact Level through the FedRAMP Connect program. ZIA, combined with Zscaler Private Access (ZPA), are the core of the Zscaler Zero Trust Exchange. ZPA is JAB authorized at the High Impact Level. The full list of 2020 winners is here and 2021 winners are here. Tue, 07 Sep 2021 12:21:49 -0700 Josie Smoot For Australian Enterprises of All Sizes, the Future Starts with Zero I am thrilled to announce that Zscaler has selected Orca Tech to be our exclusive distributor for Australia and New Zealand (ANZ). Orca Tech is the only value-added distributor in the region solely focused on cybersecurity and analytics, and, like Zscaler, the company has been a disruptor since its founding. As a result of the company’s security focus and the expertise of its dedicated teams, Orca has grown by a staggering 1,059 percent over the past three years. To help companies in the ANZ region transform securely for the modern, cloud-enabled world, Orca is exactly the right kind of partner for Zscaler. Customers across the region are looking for innovative solutions to help them secure all their connections, regardless of where employees may be working or where the applications and data may be hosted. Zscaler has many enterprise customers in the region who are relying on our technology to securely connect users, devices, and applications. For some, Zscaler has played a central role in their ability to support a 100 percent remote workforce early in the pandemic, including National Australia Bank (NAB). But the new partnership with Orca will enable Zscaler to expand its ability to meet the needs of the region’s small to medium enterprise prospects. We’re particularly excited to be able to support ANZ partners that are more aligned to businesses with fewer than 1,000 users. Now, through Orca Tech's partner network, those partners will be able to offer small and medium companies the capabilities of the Zscaler Zero Trust Exchange, the platform on which all Zscaler services are built. These companies, like enterprises of all sizes around the world, need to modernize their infrastructures and security to enable today’s mobile and hybrid workforce and cloud workloads. The Zscaler platform, built on the principles of zero trust, is the unified solution to meet modern business needs. Zscaler’s disruptive cloud-native architecture enables enterprises to break free from legacy approaches to networking and security that are as costly as they are complex and replace them with a zero trust approach that provides a great experience for users while blocking cyberattacks and preventing data loss. Unlike legacy, disjointed, on-premises security products, Zscaler’s proxy-based architecture unifies all security and access control services, with end-to-end visibility so that any performance issues can be spotted and remediated immediately. Our internal team will be working closely with Orca Tech to support customers throughout Australia and New Zealand with their secure digital transformation initiatives. Additional resources: Case study: Kubota Australia Website: Orca Tech Case study: Salmat Case study: GHD Case study: Cenitex Thu, 02 Sep 2021 09:28:05 -0700 Foad Farrokhnia National Cybersecurity Center of Excellence (NCCoE) Selects Zscaler as Technology Collaborator for Implementing a Zero Trust Architecture Project Strengthening the nation’s cybersecurity requires more — and better — collaboration between the public and private sectors. That’s why we are honored to announce that the National Institute of Standards and Technology (NIST)’s National Cybersecurity Center of Excellence (NCCoE) has selected Zscaler as one of its partners in a new Zero Trust Architecture Project. Zscaler will work alongside the NCCoE and other top Federal IT vendors on different approaches for implementing zero trust architectures. “We received an overwhelming response from the vendor community on this important project,” said Natalia Martin, acting director of the NCCoE, in the announcement. “Implementing a zero trust architecture has become a Federal cybersecurity mandate and a business imperative.” Top industry leaders will come together to demonstrate various approaches to implementing a zero trust architecture. These approaches will use a diverse mix of products and capabilities — and the effort will provide valuable "how to" guidance and lessons learned. As Federal employees continue to work from anywhere, and more and more applications move from inside the data center to outside the network perimeter, network and security teams are shifting their focus from securing the network to protecting users, devices, and business resources. As we like to say at Zscaler, zero trust is a team sport — and the NIST NCCoE is taking the initiative to bring together best-of-breed zero trust leaders. We’re committed to collaborating with customers and partners to demonstrate different, practical approaches to implement a zero trust architecture. As we know, no one solution fits every situation. Zscaler is honored to be a part of this coalition working side by side to realize the opportunity for zero trust to strengthen every agency’s cyber defenses. For more information, see NCCoE’s press release. Tue, 27 Jul 2021 07:00:02 -0700 Stephen Kovac Zscaler Partners with Nozomi Networks to Extend Zero Trust Security to the Industrial Edge Zscaler is proud to announce a new partnership with OT/IoT security leader Nozomi Networks to address the emerging cyber threats to industrial infrastructure and remote connectivity challenges for the manufacturing, pharmaceutical, and energy industries. Our joint solutions extend zero trust to OT and IoT environments with a complete set of industrial cybersecurity controls, including network visibility, threat detection, remote access, and operational insights. Solving the OT remote access challenge Today, plant operations and OT system owners are transforming their networks to modernize operations and provide seamless and secure connectivity for their remote workforce. In the traditional approach, employees and third parties are connected to OT environments via virtual private networks (VPNs), which introduce significant security risks and complexity. In addition, unplanned downtime from cyber security incidents or network outages can cause serious harm to plants and personnel, resulting in revenue loss and reputational impact. As today’s work-from-anywhere world reshapes companies and industries in lasting ways, the old paradigm of building castle walls and a moat around your resources with legacy technology will soon become obsolete. Our new reality calls for a zero-trust approach when modernizing cybersecurity and accelerating the move to more secure remote access implementations for OT. Preventing operational disruption and downtime Together, Zscaler and Nozomi Networks provide OT security teams with highly secure remote access to their industrial networks for employees and third-party users, maximizing productivity and uptime. With Zscaler Private Access, you can remotely access the full Nozomi Networks solution including Guardian sensors and Vantage cloud-based management console. Choosing fully cloud-delivered OT security monitoring and zero trust network access solutions provides seamless, easy access from anywhere in the world, while eliminating the attack surface and significantly reducing the risk of a cyberattack. Sample Nozomi and Zscaler deployment architecture Joint benefits of Zscaler and Nozomi Networks: Connectivity – Control who and what connects to your OT and IoT edge networks for fast, seamless, and secure access to distributed operational infrastructure Visibility – See all assets and behavior on your OT and IoT networks, yielding unmatched contextual awareness ]Inspection – Detect cyber threats, vulnerabilities, risks, and anomalies with actionable analytics for faster response Integration – Unify security, visibility, and monitoring across all your assets for improved resiliency Protect and empower your anywhere workforce. Start with zero today. Introducing Zscaler and Nozomi Networks' joint industrial security solutions is very exciting for us. We’re working with OT and IT security professionals to help strengthen their cyber defenses and accelerate their digital transformation. Take advantage of our experts and tools designed to help you succeed in your zero trust journey. Read the partner brief Set up some time to meet with us Take our free attack surface assessment Related Links Webpage: What is OT Security? Webpage: Zscaler Secure Third Party Access for OT Systems Webpage: Nozomi Networks Solution Overview Blog: Nozomi Networks and Zscaler Deliver Zero Trust Remote Access Solution About Nozomi Networks Nozomi Networks accelerates digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments. Customers rely on us to minimize risk and complexity while maximizing operational resilience. Tue, 10 Aug 2021 06:00:01 -0700 Nicole Bucala Defense Innovation Unit Issues Success Memo to Zscaler Today, we are proud to share that the Department of Defense (DoD) Defense Innovation Unit (DIU) announced that Zscaler successfully completed a Secure Cloud Management (SCM) prototype. The project launched in May 2020, and the evaluation confirms Zscaler can deliver fast, secure, and controlled access to SaaS cloud services directly over the Internet, simplifying DIU’s ability to engage with non-traditional technology vendors. A third party assessed the prototype using Defense Information Systems Agency (DISA)-developed criteria. DIU then issued a success memo to Zscaler, enabling Department of Defense (DoD) organizations to contract with vendors without needing to re-compete. “These solutions simplify engagement with non-traditional technology vendors by allowing DIU users to collaborate in real time. The solutions provide equivalent security and control to the DoD’s Cloud Access Point (CAP) while delivering real-time performance, which is critical for such things as videoconferencing and file sharing,” said John Chen, interim CIO for DIU. Zscaler is focused on giving customers access to modern, mission-critical applications, including those that require the most stringent security and work in some of the world’s most remote and challenging environments. “The DoD is working to strengthen cyber defenses on many fronts. DIU is exploring and testing new innovative approaches in security architecture. CMMC is in its final stages to improve security consistency to all contractors working with the federal government," said Patrick Perry, Director of Emerging Technology, Zscaler. "But, we have to approach things differently than in the past. Government as a whole can transform security by taking a user-centric approach, where the first priority is to protect the data, then provide secure access once contextual validation occurs, and finally applying appropriate security based on risk scoring – whether accessing the internet or applications that reside in an on-prem data center or using a cloud service." The Zscaler Zero Trust Exchange is consistent with the May 2021 Executive Order on Improving the Nation’s Cybersecurity, and with DISA’s recently published Zero Trust Reference Architecture. The DIU anticipates the project’s results will help inform DoD entities as they formulate their own zero trust plans. The Zero Trust Exchange platform includes Zscaler Private Access (ZPA), a FedRAMP-High JAB authorized network access service that connects trusted users directly to trusted cloud applications; and Zscaler Internet Access (ZIA), the first secure internet gateway solution to earn FedRAMP certification. ZIA is currently prioritized for FedRAMP-High JAB authorization. Benefits include: Zero attack surface – apps are never exposed to the internet; you can’t attack what you can’t see Direct connections to an app, not a network – segment of one, no exposure of any additional resources or data, no ability to move laterally or connect to C&C servers Proxy architecture, not passthrough – full content inspection including SSL; holds and inspects unknown files before reaching the endpoint Multitenant architecture – cloud-native, multi-tenant design; continuous security updates Secure Access Service Edge (SASE) – policy enforced at the edge in 150 DCs (SASE), peering in internet exchanges, hundreds of apps This project underscores the Pentagon’s continued modernization commitment. Maximum telework accelerated change and today, workforce expectations and needs continue to evolve. Cyber-adversaries continue to seek new ways to take advantage of vulnerabilities. Zero trust-based secure cloud access is core to the foundation for mission success. For more information, see the DIU’s press release here. Thu, 01 Jul 2021 17:22:54 -0700 Drew Schnabel The Asia-Pacific Region is Moving Full Cloud Ahead Zenith Live APJ marks the end of what I believe was our most extensive and possibly our best Zenith Live to date. First of all, thank you to all our attendees, customers, partners, and speakers across the Asia-Pacific region whose enthusiasm and insights made this event as successful as it was. Zenith Live APJ featured two days of real-world accounts of business transformation, with keynotes, panels, demos, and training, leaving us all with a lot to explore further as we move forward together on our transformation journeys. With that in mind, I wanted to share a quick summary of this year's Zenith Live APJ so you can catch up on anything you may have missed. Let's begin with day one. Day one highlights Kicking things off was Zscaler CEO Jay Chaudhry, who started the conference by acknowledging how challenging last year was for IT teams around the globe. Yet, perseverance and quick thinking kept organizations running and employees working. He also touched on how the pandemic expedited the need to build modern infrastructures around zero trust. In Jay's words, "IT has proven time and again its resilience in not just adapting to change but being the catalyst for change." Continuing, he detailed how our cloud-native platform, the Zscaler Zero Trust Exchange, assisted countless customers in quickly transitioning to work-from-anywhere, while enabling new capabilities for the returning hybrid workforce. He highlighted the three ways the Zscaler platform is helping businesses transform. They include modernizing the workplace to enable work from anywhere, eliminating the attack surface to reduce risk by transforming security so that it can be everywhere, blocking cyberattacks, preventing data loss, and stopping lateral threat movement. You can watch Jay's keynote and many of the other sessions on-demand: Insights from APJ CXO panel Following Jay's opening remarks, I took the digital stage with top APJ CXOs, including Mohit Kapoor of Mahindra Group and Lucious Lubo of Tech Mahindra. During this CXO panel, I had the pleasure of chatting with both leaders about how they securely leveraged the power of the cloud to modernize their businesses, offer more products and services, and drive innovation, all while streamlining their digital footprints. Mohit and Lucious both cited security built around zero trust as a critical factor in their ability to modernize at the speed they did, allowing them to quickly scale secure app access for employees, partners, and customers. Moreover, both Mohit and Lucious spoke to me about the very real threats to their supply chain, factories, and manufacturing processes with the recent uptick in these sorts of attacks. With Zscaler, not only can they better protect these systems, but they can also identify and recover from threats in real time. Leading change: Women in IT Also, on day one was our fireside chat, Women in IT: Expanding Influence and Leading Change. Tanya Graham, Executive General Manager of Strategic Programs at Healthscope, joined Zscaler's Kavitha Mariappan for a candid conversation about C-level attainment and making an industry-wide impact by leveraging emotional intelligence, mentoring others, and conviction. During this session, both leaders touched on how you can advocate for inclusion by using your career story to inspire a new generation of leaders—and how all leaders can champion the creation of supportive and equitable workplace communities. Day two highlights Day two began with part two of "Innovating at the Speed of Cloud," with Amit Sinha, Steve House, and Tony Paterra. This session covered enhancements across the Zscaler platform, including inline and out-of-band CASB for better data protection and compliance. Moreover, they shared insight into security innovations, including more robust threat protection and expanded Cloud Browser Isolation capabilities in ZIA and ZPA services to isolate users and devices from potentially risky content. Customers provided powerful insights The morning continued with insights from Rasik Vekaria of BP, David Branik of DHL, and Andrew Baker of Absa group. During these inspiring sessions, all three leaders addressed how they improved business agility and resiliency despite the pandemic.. Each customer exec shared how they are using zero trust to successfully modernize their companies and deliver enhanced user experiences and improved security to their employees—regardless of location. All of us here in APJ are grateful to all the customers who joined us and spoke at Zenith Live in keynote sessions, panels, and technical breakout sessions. Thank you! ThreatLabZ keynote: Insights from the front lines of the world's largest security cloud Zscaler ThreatLabZ experts presented research into emerging attacks discovered and analyzed with our world's largest security cloud. The panel dissected recent attacks while sharing best practices on securing your enterprise from sophisticated threats targeting your software, supply chain, Microsoft Exchange servers, and more. That said, this session wasn't all doom and gloom. Deepen Desai detailed how Zscaler's disruptive protection suite unifies our industry-leading threat intelligence, world-class experts, and innovative technology to give you peace of mind from the most advanced attackers. Partners highlighted their commitment to secure transformation Creating a robust ecosystem of partners whose technologies complement the Zscaler Zero Trust Exchange is critical for successfully helping customers become more secure, agile, and resilient in the APJ region. Today's partner summit celebrated precisely that—a group of technology evangelists and leaders joining forces to continue the digital transformation momentum over the next year and beyond. This concludes Zenith Live APJ 2021 and what an event it was. On behalf of Zscaler, I would like to thank you for making this our best Zenith Live yet! We hope you found our speaker sessions, training, panels, and workshops informative and relevant as you continue moving full cloud ahead. If you missed Zenith Live, be sure to view sessions on demand: We hope to see you next year! Wed, 23 Jun 2021 13:32:28 -0700 Scott Robertson Introducing New Partner Certifications and Learning Formats! Introducing New Partner Certifications Zscaler is pleased to announce new pre-sales certifications featuring all-new content and interactive learning opportunities. These courses were specifically designed to give partners the chance to roll up their sleeves and uncover new ways to grow their business with Zscaler. At Zscaler, we believe our partners are crucial to our success. We recognize we must work in conjunction with our partners to spread the word about the possibilities of adopting a zero trust security model. Zscaler Certified Associate (ZCA) Zscaler Certified Associate overviews the goals and vision of Zscaler, including what we do, the value we offer customers, and our mission for future network and security transformation. Partners will learn how Zscaler is uniquely positioned to disrupt the status quo of hub-and-spoke network security and how to join us on the incredible journey. ZCA serves as a prerequisite for both the Zscaler Certified Sales Professional (ZCSP) and the Zscaler Certified Sales Engineer (ZCSE) certifications and replaces the existing Zscaler Certified Sales Specialist (ZCSS) certification. Zscaler Certified Sales Professional (ZCSP) Zscaler Certified Sales Professional is designed to familiarize partner sellers with how to best position Zscaler as the market’s leading network and cloud security solution. In this certification, partners will learn how to identify and qualify opportunities as well as the technical integrations we have in place to help you position Zscaler as part of a holistic solution. Partners will also dive into the four core product areas for the Zero Trust Exchange platform. The new ZCSP certification is valid for two years upon completion. Zscaler Certified Sales Engineer (ZCSE) This certification is built for those in pre-sales technical roles, specifically designed to get participants up to speed on how to best showcase Zscaler’s technical value and differentiation. In this certification, partners will take a deep dive into Zscaler’s core product offerings to understand the key capabilities of the zero trust platform and how customers can realize the benefits in their unique environments. Participants will also catch a glimpse into a security administrator’s experience, including policies, reporting tools, technical integrations, and the end-user experience. The new ZCSE certification is valid for two years upon completion. What are the Benefits of Becoming Zscaler Certified? Zscaler certifications are designed to arm partners with the most up-to-date information about our products, strategies, and thought leadership so they can effectively communicate the value of our end-to-end zero trust security platform. By becoming Zscaler certified, partners will increase their credibility with customers by helping them accelerate their highest priority IT initiatives, all while reducing cost and simplifying their environments. With Zscaler, partners can expect to expand their book of business by providing the holistic and integrated solution packages their customers want and need. If you are a partner looking to enroll in Zscaler Training & Certifications, log in to our Partner Portal at and click on the Enablement tab. Tue, 22 Jun 2021 07:00:01 -0700 Rick Kickert We’re Pleased to Announce our 2021 Partner Award Winners This year we’re celebrating our very first Zscaler Partner Awards, honoring our “zero trust heroes” who’ve gone above and beyond in their partnership with Zscaler to help our mutual customers embrace digital transformation. Who’ll be taking home the trophies? Let’s find out! Americas Partner of the Year Like all of the awards announced, selecting a winner is the result of in-depth deliberation. With that said, the Americas Partner of the Year winner leads with transformation and leverages this principle to build strong customer relationships with advisory consulting. This partner also is being recognized for approaching zero trust with a focus on identity-based security policies rather than network. Therefore, we’re happy to announce that OPTIV is the Zscaler Americas Partner of the Year. APJ Partner of the Year Our APJ Partner of the Year winner signed a global contract with Zscaler in 2018, and the level of executive and field engagement continues to be outstanding, significantly contributing to Zscaler’s reach and success in this region. With the highest number of Zscaler certifications globally, this partner delivers strong partner-sourced performance in Japan by landing both domestic and global accounts. Our APJ Partner of the Year is NTT Communications Corporation. EMEA Partner of the Year Our EMEA Partner of the Year was entirely self-sufficient from pipeline generation through proof-of-value. By investing in Zscaler Certifications to up-level their technical expertise, and by hosting quarterly webinar campaigns yielding an average of ten new leads per quarter, Avantec AG has been selected as our EMEA Partner of the Year. Public Sector Partner of the Year With a focus on new business meetings and consistently executing interlocks and integrated field engagements, our Public Sector Partner of the Year consistently exceeds business objectives—especially when delivering Zscaler services to key strategic accounts. Our Public Sector Partner of the Year is ThunderCat Technology. Global Solution Integrator Partner of the Year As one of our most prominent end-user customers, this partner leverages ZIA and ZPA to enable their employees to work securely from anywhere. In addition, Zscaler is this partner’s exclusive GTM partner for web security and zero trust, and closed several large new logos across several verticals last year. As an outstanding partner in Central Europe with expansion plans to other regions, Zscaler’s Global System Integrator Partner of the Year is Tata Consultancy Services. Services Partner of the Year Over the last year, this partner has subcontracted and delivered on a large number of projects and offers a robust set of U.S. federal and commercial expertise. More notable is that most of this partner’s deployments are completed in 90 days or less, with consistently high customer satisfaction ratings. Our Services Partner of the Year is Ridge IT. Service Provider Partner of the Year This year’s winner is our second-largest global partner for new sourced business, growing even more in 2020 and delivering balanced performance across all regions. This partner also landed two of our five largest sourced ZIA deals. Our Service Provider Partner of the Year is Verizon. Zero Trust Technology Partner of the Year Microsoft has been out in front of the industry in its call for the adoption of zero trust to enable the modern workplace, close security gaps, and accelerate digital transformation. It is closely aligned with Zscaler in the belief that zero trust isn’t a single solution, but rather a strategy that should extend across a company’s digital estate. Microsoft is on its own zero trust journey, applying the principles of least-privileged access, explicit authentication, and the prevention of lateral movement across its ecosystem, while educating customers about these key requirements to help them improve their security postures as they move to the cloud and support a mobile workforce. Congratulations to Microsoft, our Zero Trust Technology Partner of the Year. The Go-to-Market Technology Partner of the Year One of our top GTM Technology Partners, this partner helps us deliver incredible value to large global organizations. This award recognizes our relentless focus on securing work beyond the perimeter and co-developed innovations, enabling our customers to seamlessly and securely shift to remote and hybrid work. Congratulations to our Go-to-Market Partner of the Year, CrowdStrike. Customer-Centric Technology Partner of the Year This award recognizes our shared commitment to customer obsession and improving customer experiences, which is reimagining how businesses can drive successful outcomes and reduce costs, while balancing security with user experience. Congratulations to the team at AWS. Congratulations to all of our winners! Thank you for your continued partnership and driving success with our joint customers. For more information on our Summit partner program visit and watch the replay of Partner Summit at Zenith Live. Mon, 21 Jun 2021 08:40:53 -0700 Punit Minocha Zenith Live EMEA is a Wrap! Another Zenith Live is in the books, and we’re proud to say this was our biggest event and arguably our best one yet. While we wish we could have gathered together in person, the sense of community, engagement, and enthusiasm displayed by attendees, customers, partners, and speakers brought this event together. Two days of real-life transformation stories, keynotes, panels, demos, and training leave us all with a lot to unpack and take with us as we move forward together on our transformation journeys. With that in mind, we wanted to share a quick summary of this year’s Zenith Live so you can catch up on anything you may have missed. (Many sessions are available on demand here.) Day one highlights Zscaler CEO Jay Chaudhry opened the conference by congratulating the entire IT community for its heroic work last year, keeping their organizations operating and employees working, while highlighting how the pandemic accelerated the need for a modern digital infrastructure based on zero trust. In Jay's words, "IT has proven time and again its resilience in not just adapting to change but being the catalyst for change." He explained how the Zscaler Zero Trust Exchange, our cloud-native platform that powers all Zscaler services, helped many customers through the transition to work from home and is now enabling new capabilities. The Zero Trust Exchange is helping customers accelerate transformation in three ways: by modernizing the workplace to enable work from anywhere, by eliminating the attack surface to reduce risk, and by transforming security so that it can be everywhere, blocking cyberattacks, preventing data loss, and eliminating lateral threat movement. You can watch Jay’s keynote and many of the other sessions on demand: Following his opening remarks, Jay was joined by Karl Hoods, Chief Digital Information Officer at the UK’s department for business, energy, and industrial strategy, for the CIO Perspective Panel. They discussed how CIOs are tasked with transforming all aspects of the business and are now empowered to lead a range of initiatives. Karl also explained some of the challenges his organization faced when tasked with quickly and securely providing efficient work-from-anywhere experiences. In another illuminating discussion, Gulay Stelzmullner of Allianz Technology, Petek Ergul of HSBC, and Alissa Choong of Shell joined Zscaler EVP Kavitha Mariappan for the Women in IT panel. In this fireside chat, they discussed what truly lies beyond C-level attainment, including creating and mentoring tech leaders, championing diversity and inclusion, and making an industry-wide impact. All four leaders shared personal stories of how they used their conviction to succeed in the transformative roles they hold today. Day two highlights Day two opened with the second installment of “Innovating at the Speed of Cloud," with Amit Sinha, Steve House, and Tony Paterra describing enhancements across the Zscaler platform. Some of them included inline and out-of-band CASB for better data protection and compliance. Security innovations include the first zero trust solution to include active defense, an exciting approach to cybercrime prevention, and we have expanded Cloud Browser Isolation capabilities in both the ZIA and ZPA services to isolate users and devices from potentially risky content. Customers provided powerful insights The morning continued with a CISO panel featuring Andrew Vautier of Accenture and Angelique Grado of Technip FMC, who joined Zscaler’s Yogi Chandiramani to address how today’s new hybrid work model may continue indefinitely, and what this means for security teams. In an enlightening discussion, the CISO panel cited the alignment of security and business objectives as a must—in other words, the role of the CISO needs to evolve to straddle both the technical and operational aspects of leveraging zero trust to support new business initiatives and deliver tangible success. The conversation around elevating IT as a key business enabler continued with the CTO panel. An underlying theme of this year's Zenith Live was embracing zero trust to improve business agility and resiliency to support the needs of today's hybrid workforces. According to our expert panel, including Zscaler's Nathan Howe, Mondi Group's Thomas Vavra, and Richemont International's Eduardo Grilo, the CTO's job is to create a fast, secure user experience for employees both returning to the office and working remotely. Our customer keynotes included four leaders whose companies have built resilience and agility within their businesses despite COVID-19 setbacks. Claude Pierre of Engie, Alain Delava, also of Engie, Sebastian Kemi of Sandvik, and Andrew Baker of Absa Group shared differing stories but their insights were similar, particularly when it came to the use of zero trust to successfully modernize their companies to enable modern workforce with a great user experience and enhanced security. We are grateful to all the customers who joined us and spoke at Zenith Live in keynote sessions, in panels, and in our technical breakout sessions. Thank you! Dear partners, Zenith Live wouldn’t be Zenith Live without you By joining with technology leaders whose services are complementary to the Zscaler Zero Trust Exchange, we can provide customers with integrated solutions that enable them to become more secure, resilient, and agile. With our partners, we have formed a strong ecosystem of future-forward thought leadership, strategy, and technology. Today’s partner summit celebrated exactly that—a group of technology evangelists and leaders joining forces to continue the digital transformation momentum over the next year and beyond. That’s all folks, see you at Zenith Live 2022! This concludes Zenith Live EMEA 2021, and what an event it was. Zscaler thanks you for making this our best Zenith Live yet! We hope you found our speaker sessions, training, panels, and workshops informative and relevant as you move full cloud ahead. If you missed Zenith Live, be sure to view its illuminating sessions on demand. We hope to see you next year! Thu, 17 Jun 2021 12:43:27 -0700 Ismail Elmas What our Latest Glassdoor Award Means to Zscaler I just learned that Zscaler’s CEO, Jay Chaudhry, has been named one of the Top 100 CEOs by Glassdoor. The award is based on a rating system submitted by employees and, for that reason, above all, I am thrilled for Jay. But I’m not all that surprised. This company has grown a lot, especially in the last year, but the company’s culture and its values that were defined by Jay more than a dozen years ago continue to inform our practices every day. What I’ve found inspiring about these values is that they are dynamic, helping us grow during changing times while staying true to our corporate ethos. As it can be said for most companies, these past 15 months have provided a case study in change. There was the rapid switch to remote work, of course, but between March 2020 and now, we also doubled our staff size, welcoming more than 1,500 new employees to the company. And while things were moving fast on multiple levels—especially supporting our customers as they transitioned their employees to remote work—Zscaler leaders paid close attention to our employees—connecting, listening, and learning about how they were feeling. We developed a range of programs to support them, help them engage with others through resource groups, and take breaks for exercise, games, or meditation. And we instituted occasional company-wide days off. We have also developed a self-service management microsite with training and skills development in partnership with Coursera and other platforms. This program, Leading at Z, is well underway, helping managers at any stage of their careers enhance their skills and develop new ones. Another program is under development for all Zscaler employees, called Succeeding at Z, to support everyone in their professional growth, so they can achieve their own definition of success. We’ve learned a lot from employees and we’ve tried to introduce programs and practices that address their concerns about work-life balance, mental and physical health, and the importance of family time and time off, and the benefit of upward mobility. It’s gratifying to see the company’s efforts reflected in employees’ reviews of Jay as the company’s leader. I’m coming up on my first-year anniversary at Zscaler and, even in this timeframe, I can see a more mature company emerging. It has a lot to do with growth, but I believe it has even more to do with the leadership team, which has always been closely aligned on the vision of building a great and lasting company. Realizing this vision requires the hiring and retention of exceptional people across the company who are excited to be here and are passionate about what we are all trying to achieve on behalf of our customers. Though the company is changing, its founding values have never changed. I believe that is why Jay is being recognized now as a top CEO, and why Zscaler will, indeed, become a great and lasting company. Here are those values: Teamwork: We celebrate together. We openly share information. We move as one. We value serving others over personal prestige. We value humility over ego by showing respect and recognizing the truth in all situations. Humble leadership empowers our employees to speak their mind and innovate. Open communication (candor over politics): We have open discussions about what’s right and what’s wrong. Put another way, we don’t enable politics. We value real feedback and relationships built upon honesty and trust. Passion (over self-interest): We are fiercely passionate about our work, our company, our colleagues, our customers, and our partners. We put grit over image, that unique combination of passion, courage, and long-term perseverance over innate talent and intelligence. Innovation: We are driven to not only innovate cloud transformation through our products but to also innovate in our jobs, whether an engineer, marketer, salesperson, or lawyer. Customer obsession: We are, above all else, obsessed about our customers’ success. Everything we do is about helping our customers succeed in their business transformation to the cloud. Part of this, too, is valuing results over activity. Join us! Zscaler continues to seek people who share these values. Please visit our careers page to learn more. Thu, 17 Jun 2021 08:01:08 -0700 Sandi Lurie Zscaler Customers Are Moving Full Cloud Ahead What an incredible conclusion to day one of our fourth annual Zenith Live virtual conference! It was an honor to share the stage with my colleagues, guest luminaries, and our marquee multinational customers, BP and DHL. We reached a new record with more than 15,000 registrants committing two days to learn how organizations globally are adopting zero trust to rapidly secure work-from-anywhere, prevent cyberthreats and data loss, and improve the digital experience for users everywhere. Zero trust is accelerating transformation The cloud and mobility have been agents of change, empowering organizations to harness the speed and agility they need to remain competitive. The pandemic didn’t change this trajectory, but it did accelerate it. As organizations scaled remote access for most of their employees, those that had the greatest success had already begun their zero trust journeys. It was inspiring to hear customers describe how zero trust helped them through the crisis, and is now empowering their businesses to speed the development of new products and services, become more productive and collaborative, and protect their data, all in a way that simplifies IT. That, to me, is the definition of a modern organization. In my keynote, I described how the Zscaler Zero Trust Exchange, our cloud-native platform that powers all Zscaler services, is helping customers accelerate transformation in three critical ways. The first is by enabling workplace modernization, which means that employees can work from anywhere, securely, with a fast, streamlined user experience. The Zero Trust Exchange also enables network transformation with fast, secure, direct-to-cloud connections that simplify branch connectivity and eliminate costly wide area networks. And it powers security transformation to prevent cyberthreats, prevent data loss, and eliminate the risk of lateral threat movement. Customers provided the most inspiring moments at Zenith Live When customers get up and talk about their experiences, we know that’s when audience members pay especially close attention. Our customers can speak to the types of challenges each attendee is likely to face at one point or another. I am so grateful for all the customers who are participating this year in Zenith Live keynotes, CXO panels, our Women in IT exchange, and the many who joined in our technical breakouts to discuss their Zscaler implementations and experiences with our services. For BP, IT is building a more agile company This morning I spoke with Rasik Vekaria of BP, a company with 70,000 employees and operations in 120 countries. He described BP’s journey to zero trust. “For me, a zero trust architecture was critical to what we do from a security standpoint. This means, I don't care if you're on the network, in the network, around the network, over the network—we treat everything as if it’s compromised.” That approach, that mindset, is the crux of zero trust. If you assume that everything is compromised, you won’t let anything on your network. You inspect all traffic, coming and going, even if it’s encrypted, to prevent attacks and data loss. And you make your applications invisible to the internet to eliminate the attack surface. DHL is making every connection fast, simple, and secure Later in the morning, Zscaler’s VP of Emerging Technology, Nathan Howe, spoke with DHL’s VP and Head of Telecoms, David Branik. DHL has operations in almost every country, with third-party partners around the world, remote employees using a range of devices, customers accessing their data in real time, creating an incredibly complex task for the IT team. David spoke of the need to make access fast and simple for every type of user: “It's almost like...when you go and plug in something into the wall circuit, you expect that the electricity is there. You don't want to think about what's behind it. And I think, from a network perspective, it's virtually the same thing.” At Zscaler, we agree that the experience for any type of user should be frictionless, and it should be the same no matter where the user is connecting. User experience must be a business imperative. See you tomorrow for more announcements, demos, and customer stories Tomorrow, I look forward to hearing from Bruce Lee of Centene, a company that has grown tenfold—from 8,000 employees to 80,000—in ten years. With much of that growth through mergers and acquisitions, I know that Bruce will touch on the complexity the company faced, and how zero trust is enabling them to accelerate M&As from years to months to weeks. In case you missed any of today’s sessions, we will make recordings available soon. And Zenith Live 2021 (Americas) continues tomorrow at 8:30 AM PDT, while day one of Zenith Live in the European (EMEA) region kicks off at 8:30 BST. There is much more in store for Zenith Live day two. In addition to Wednesday’s keynotes, customer panels, executive panels, and guest speakers, the virtual conference continues with architecture workshops, technical deep dives, and countless other opportunities to roll up your sleeves and go full cloud ahead. I hope to see you there. Tue, 15 Jun 2021 20:13:46 -0700 Jay Chaudhry A Powerful Combination: Active Defense, the Bridge to Zero Trust The end of May marked a monumental juncture for Zscaler as we continued to extend the company’s cybersecurity reach with our intent to acquire Smokescreen Technologies, a leader in active defense technology. This week, I am excited to report that the Smokescreen deal has closed, and we are proceeding to integrate its leading-edge active defense capabilities into the Zscaler Zero Trust Exchange. In contrast to traditional network traffic analysis tools, which are noisy and prone to false positives, active defense uses elaborate decoys and honeytraps to block the most sophisticated threats with high accuracy as attackers attempt to traverse corporate networks. The appeal of active defense is how it turns the tables on would-be attackers. Security teams don’t have to hunt for network threats, rather the bad actors are lured to honeytraps, dramatically slowing their progression in order for security teams to quarantine the threats. While the ultimate answer is to migrate to a zero trust architecture, thus eliminating the risk of network access, active defense is founded on the similar concept of trusting nothing and assumes that the network is already breached. This offers organizations a pragmatic path to zero trust and provides a simple yet effective way for them to identify and remove attackers who may already be expanding laterally and compromising resources on the corporate network. I invite you to learn more about Smokescreen’s active defense technology at Zenith Live 2021. The Zscaler ThreatLabZ experts will also share in-depth research into emerging attacks, dissect recent attack chains, and provide clear guidance on how to better secure your enterprise from sophisticated threats targeting your software supply chain. You’ll also get an exclusive preview into Zscaler’s protection suite, which unifies our threat intelligence, cybersecurity experts, and innovative technology to help defend your organization against the most advanced attackers. Forward-Looking Statements Blog posts on this site may contain forward-looking statements that are based on beliefs, assumptions and on information currently available to our management. These statements, including but not limited to statements relating to our products, customers, business development activities and business results, are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. You can identify these forward-looking statements by terminology such as “will,” “expects,” “believes,” “anticipates,” “intends,” “estimates” and similar statements. A significant number of factors could cause actual results to differ materially from statements made in blog posts on this site. Additional risks and uncertainties are set forth in our filings made with the Securities and Exchange Commission (“SEC”), which are available on our website at and on the SEC's website at Any forward-looking statements in these blogs are based on the limited information currently available to Zscaler as of the date thereof, which is subject to change, and Zscaler will not necessarily update the information, even if new information becomes available in the future. Mon, 07 Jun 2021 12:44:09 -0700 Jay Chaudhry Zscaler is the 2021 Zero Trust Champion at Microsoft’s 20/20 Partner Awards Ceremony In my previous blog, I was proud to share that Zscaler was nominated for two awards from the Microsoft community, including the Zero Trust Champion of the year. On May 12, Microsoft announced the award winners at its 20/20 Partner Awards ceremony, a prestigious event recognizing industry excellence in a number of key areas. I couldn’t be more grateful to the Microsoft community to announce that Zscaler has won the Zero Trust Champion of the Year award, beating out a strong field of competitors. This award validates our forward-looking vision and the significant innovation behind our zero trust architecture, which is reimagining how leading enterprises safeguard their digital business in today’s mobile and cloud-first world. This recognition comes on the heels of the landmark Executive Order on Federal Cybersecurity from the Biden Administration that puts zero trust at the forefront of both public and private efforts to transform security to become more agile, resilient, and significantly reduce risk. We believe wholeheartedly in three fundamental principles of zero trust: Zero trust has generated a massive amount of noise across the industry for good reason—it’s the only way to disrupt the attack equation and get ahead of highly intelligent, rapidly evolving adversaries. With users, data, and applications everywhere, there needs to be a different approach; one that is cloud-native, optimized for the needs of the modern enterprise, and adaptable to the ever-changing threat landscape. Zscaler believes a true zero trust architecture must be built on the following three tenets: Zero network access: connect users to apps, not corporate networks to prevent lateral movement. Zero attack surface: make apps invisible so they can’t be attacked. Zero passthrough connections: deny all privileges; utilize a proxy architecture for better cyberthreat prevention and data protection. It has become evident that legacy network security architectures can’t deliver on the promise of zero trust, as adapting traditional solutions to this new era introduces massive complexity and cost without improving security. The Microsoft Zero Trust Champion of the Year award recognizes Zscaler’s approach to delivering a comprehensive zero trust architecture, one made all the more meaningful by being selected by the Microsoft Intelligent Security Association (MISA) members who were solely responsible for voting on this year’s winners. Together with Microsoft, we will continue to deliver exceptional security outcomes to our customers, built on a foundation of the industry’s leading zero trust architecture, the Zscaler Zero Trust Exchange. Thank you to the MISA members and Microsoft for this honor. Recognition amongst our peers in the industry is humbling, and we are grateful for your confidence in our strategy and execution of providing zero trust to our customers. Don’t miss our joint breakout session at Zenith Live In a few weeks, Zscaler will be hosting its virtual Zenith Live conference, with this year’s theme being Full Cloud Ahead. In our joint session, you will hear from experts at Zscaler and Microsoft about actionable cloud-based zero trust solutions and crucial strategies to stay ahead of today’s most advanced threats. Our experts will discuss the strategies and technologies required for a true zero trust architecture and how you can make zero trust a reality for your organization. Register for Zenith Live here: We hope to see you there! Thank you again to Microsoft and the Microsoft Intelligent Security Association for this opportunity and recognition. Mon, 17 May 2021 15:07:00 -0700 Punit Minocha The New Cybersecurity Executive Order The Biden Administration’s new Executive Order on Federal Cybersecurity underscores a growing understanding of cyber vulnerabilities and IT’s vital role in every Federal program and mission. The EO outlines a number of actions, including a significant directive for the Department of Homeland Security to develop a federal cloud security strategy that moves the federal government closer to a true centralized enterprise model based on the principles of zero trust. We had Cloud First, and then Cloud Smart. The new Executive Order moves us into the era of Cloud Secure. Under the new EO, CISA will develop a federal cloud service governance framework; CISA and FedRAMP will together establish a framework to coordinate and collaborate on cybersecurity and incident response activity related to cloud services. And, the new EO includes steps to ensure new levels of software supply chain security -- requirements Zscaler already meets -- that collectively will reduce risks to federal programs, infrastructure, and national security. We are encouraged to see the focus on developing cloud security strategies, technical reference architectures, cloud governance security frameworks. Additionally, we strongly agree that zero trust is a critical and urgent need for effective cybersecurity in the face of evolving threats. It is also critical that we embrace the important cloud security frameworks that FedRAMP and CISA have built, including the Trusted Internet Connection (TIC) 3.0 guidance, as they will shepherd us into the new Cloud Secure era. Zscaler’s Zero Trust Exchange is a powerful tool for agencies as they move forward with their zero trust plans, supporting efforts to work-from-anywhere and access data from anywhere, whether in a sanctioned or unsanctioned environment by securely connecting users, devices, and applications. Core components currently supporting more than 100 federal agencies and federal integration partners include: Zscaler Private Access (ZPA™) which has achieved FedRAMP-High JAB Authorization Zscaler Internet Access (ZIA™) which has achieved FedRAMP “In Process” status at the High Impact level, sponsored by a U.S. Department of Defense (DoD) Command and prioritized for Joint Authorization Board (JAB) authorization currently (authorized at the Moderate Impact Level) Zscaler’s Zero Trust Exchange enables dynamic, context-based access controls to secure cloud transformation and change how agencies defend against modern attacks. Unlike legacy network security approaches that expose applications and open the door for lateral movement, Zscaler: Connects users and devices to apps, not networks, to eliminate lateral threat movement. Makes applications and users invisible to the internet, thus reducing the attack surface. Uses a proxy architecture, not a passthrough firewall, enabling full content inspection and security, including encrypted traffic. We are also encouraged to see the call for improved endpoint detection and response. You can’t manage what you can’t see, and this step is a critical foundation to enabling improved threat information sharing. Zscaler partners with Crowdstrike, a leader in cloud-delivered endpoint protection. CrowdStrike’s AI-powered Threat Graph integrates with Zscaler’s cloud security platform to provide customers with real-time threat detection and automated policy enforcement. Over the past ten years, private industry has spent billions of dollars securing the cloud. And, we’ve seen CISA and FedRAMP take advantage of industry partners and knowledge. The public sector can build on this foundation (rather than re-creating the wheel on programs like TIC 3.0, CMMC, etc.) -- it’s great to see the focus on collaboration. Federal digital transformation dramatically accelerated through the pandemic, and we now have an urgent need to accelerate cybersecurity modernization, including industry best practices like Zero Trust Security. The goals set forth in the EO are ambitious, but we can meet them with strong public/private collaboration and coordination across government as we enter this new Cloud Secure era. We applaud the Administration for launching this all-of-America effort. Join us for our webinar “Strategies for Creating Your Agency’s Zero Trust Playbook” on Wednesday, May 19th to learn actionable steps that you can take to advance your organization’s Zero Trust strategy and deployment. We’ll also be sharing several frameworks to help achieve the targets of the executive order at Zscaler’s upcoming virtual Zenith Live event - register for free today. Thu, 13 May 2021 08:22:19 -0700 Stephen Kovac Partnership with Steel Root to Support CMMC Requirements for Defense Contractors In an effort to strengthen federal supply chain security, it will be necessary for more than 300,000 defense contractors to meet Cybersecurity Maturity Model Certification (CMMC) requirements over the next five years, demonstrating they can protect Controlled Unclassified Information (CUI). While CMMC launched prior to the SolarWinds attack, the massive breach underscores the hard requirement to improve and normalize cyber requirements for the organizations that support federal missions. Not only will CMMC be required on all new DoD contracts, but the DoD will also leverage third-party assessments and certifications to ensure these requirements are being met. This contrasts with the status quo, in which contractors are expected to protect CUI on their own accord, meeting their own internal compliance standards. Steel Root, a leading cybersecurity services firm specializing in compliance for the U.S. Defense Industrial Base, and Zscaler recently announced a partnership to help defense contractors prepare for CMMC certification. Commenting on this partnership, Steel Root Managing Partner Mike Nestor says, “Zscaler is a disruptive force in cloud-based security and has been validated year over year as the only leader in Gartner’s Magic Quadrant for Secure Web Gateways.” He continued, “When the FedRAMP authorization for Zscaler Internet Access was announced in 2020, we immediately recognized the solution as a required component in the cloud-native systems we design and implement. It’s the only zero trust secure access solution in the market that can meet our clients’ compliance requirements.” As the only SASE solution provider to meet the defense industry's most stringent security requirements (FIPS 140-2, validated cryptography, and FedRAMP authorization for cloud services), Zscaler is focused on bringing the most secure cloud-based security services to DoD organizations and the larger defense industrial base community. Steel Root understands the importance of a cloud-first, future-ready strategy, and provides highly effective guidance and implementation services supporting defense contractors as they prepare for CMMC—which is why our partnership with Steel Root furthers our commitment to helping federal organizations improve their cybersecurity posture. As DoD contractors proactively consider how their organizations can achieve the highest level of cloud accreditation through CMMC, they should look to leverage cloud security platforms that have already achieved FedRAMP-High authorization, such as Zscaler’s FedRAMP-High Zero Trust Exchange. Together, Zscaler and Steel Root provide both guidance and implementation services for defense contractors as they prepare for CMMC. As, a result, contractors can focus on supporting DoD missions—and together, the defense community can take steps forward to mature cyber defenses. Mon, 26 Apr 2021 08:00:01 -0700 Drew Schnabel Achieve True Zero Trust with Zscaler and Splunk Zscaler is proud to announce our zero trust partnership with Splunk, giving security analysts more ways to incorporate telemetry from our world-class Zero Trust Exchange into their workflows and strategies. Together, our tightly integrated, best-of-breed cloud security and security analytics platforms deliver unmatched zero trust capabilities for the modern, cloud-first enterprise. Zero trust is based on the notion that a breach is inevitable or has likely already occurred, and therefore any and all access to resources should be limited to the least amount possible for users to be able to do their jobs. This involves segmentation, risk-based access controls, continuous authentication and monitoring, and dynamic coordination between security controls. Citing guidance from the National Security Agency (NSA), “to be fully effective to minimize risk and enable robust and timely responses, zero trust principles and concepts must permeate most aspects of the network and its operations ecosystem.” Zscaler and Splunk work together to do just that. Zscaler’s cloud-native proxy architecture eliminates unnecessary exposure and provides rich data and increased visibility for the SecOps team. With a direct-to-cloud architecture, security teams can ensure that policy is being applied across every transaction; meanwhile, they get boosted insight into users, data, and apps. The zero trust benefits of Zscaler include: Zero attack surface – apps are never exposed to the internet; you can’t attack what you can’t see Direct connections to an app, not a network – segment of one, no exposure of any additional resources or data, no ability to move laterally or connect to C&C servers Proxy architecture, not pass-through – full content inspection including SSL; holds and inspects unknown files before reaching the endpoint Multi-tenant architecture – cloud-native, multi-tenant design; continuous security updates Secure Access Service Edge (SASE) – policy enforced at the edge in 150 DCs (SASE), peering in internet exchanges, hundreds of apps Splunk, meanwhile, provides SecOps teams with centralized log ingestion and analytics to monitor and correlate activities across the entire security environment – including a direct cloud-to-cloud streaming ingestion of Zscaler logs and dashboards – and provides visibility into zero trust with a zero trust analytics dashboard. Further, Splunk Phantom can orchestrate policy, allowlist/denylist, and remediation actions using Zscaler’s API. Splunk delivers: Logging, normalization, correlation, and enrichment of data from your entire security infrastructure in Splunk including a direct cloud-to-cloud streaming ingestion of Zscaler logs and dashboards Robust analytics including Risk Based Alerting (RBA) and User and Entity Behavior Analysis (UEBA) to identify suspicious/malicious behaviors A centralized single pane of glass to remediate incidents Zero trust analytics dashboards that incorporate data from multiple sources, including Zscaler, to provide end-to-end visibility Automation and orchestration of triage, investigation, and response to stop threat actors before they can do damage Centralized security controls and policy management, which can be used to enact changes to the Zscaler platform in addition to other tools Accelerate time-to-value with Cloud NSS log streaming Cloud NSS is Zscaler's innovative new cloud-to-cloud data streaming service that makes it even faster and easier to deploy, manage, and scale log ingestion from Zscaler to Splunk Cloud. This service enables native ingestion of Zscaler’s rich cloud security telemetry to enrich investigation and threat hunting for cloud-first organizations – and is configurable in a matter of clicks. Splunk Cloud correlates the Zscaler telemetry with an organization’s other high-value data sources, providing full visibility into actionable data for investigations within one centralized console. Zscaler’s cloud-native security architecture dramatically reduces the attack surface and provides full inline scanning and analytics, and sends high-resolution telemetry logs directly to Splunk using the cloud-to-cloud log streaming service. The Zscaler app for Splunk further allows for SecOps teams to visualize Zscaler’s threat protection with detailed dashboards and prebuilt queries. Customers benefit from: Fast, reliable integration: Get immediate visibility with pre-built integrations. Splunk and Zscaler work together seamlessly, with high-resolution telemetry data normalized and ingested directly into Splunk. Increase reliability and scalability by sending all logs directly to Splunk via the Splunk HTTP Event Collector with no middleware. Simplified Management: No additional appliances to manage for logging. Direct cloud-to-cloud integration is managed by Zscaler and Splunk. Let your analysts spend more time on preventing, investigating, and mitigating threats and less time on administering logging pipelines. We are extremely excited to offer our customers the benefits of this partnership with Splunk, and look forward to continued collaboration on zero trust. To learn more, check out the Zscaler + Splunk solution brief. If you're already a Zscaler and Splunk customer, download the Zscaler App for Splunk from Splunkbase today. Mon, 26 Apr 2021 09:00:01 -0700 Mark Brozek Best-selling Author Ben Mezrich Joins Zenith Live as Keynote Speaker Zenith Live, the world’s largest cloud transformation conference, is right around the corner—but that hasn’t stopped us from adding to our impressive list of executive and future-forward keynote speakers. Today, we’re excited to announce our latest addition to this year’s event: Ben Mezrich. In his keynote, An Interview with Ben Mezrich: A Glimpse Inside the Rise of Bitcoin and the Modern Tech World, Mezrich will walk through the story behind his latest book, Bitcoin Billionaires, while sharing his unique view on the future of cryptocurrency, the world’s economic future, and, of course, the real story behind the infamous Winklevoss brothers—the world’s first Bitcoin billionaires. From the twins’ falling-out with Mark Zuckerberg, to a beach in Ibiza, to the emergence of the Silk Road—and subsequent SEC hearings—Bitcoin Billionaires exposes the true story behind the brothers’ attempts for redemption and revenge in the wake of their epic legal battle with Facebook. Not only is this story wildly entertaining, Mezrich uses it as a springboard to comment on the future of currency and digital economics, weaving together the complexities of emerging technology and humanity. Mezrich will be recounting this story and sharing his perspective on the ways that cloud computing is reshaping the world as we know it—all in a candid interview with Zscaler CMO, Chris Kozup at Zenith Live. You won’t want to miss this! Here’s how to register. What you can expect at Zenith Live 21 Zenith Live is a virtual conference focused on secure digital transformation, showcasing what’s possible with the flexibility of true zero trust. With over fifty breakout sessions across six tracks, hands-on training, executive forums, and architecture workshops, Zenith Live is designed to show IT leaders across all disciplines how to lead an organization securely into the modern era, where you can innovate faster, reduce risk, and work smarter—all at the speed of cloud. In addition to Mezrich’s keynote, here’s what else you can expect at this year’s event: Expert speakers Hear visionary predictions for the future of the digital world and how CIO, CTO, and CISO pioneers from Fortune 500 companies successfully enacted their secure digital transformation initiatives. In-depth breakout sessions Select from over 50 sessions in six tracks: Foundations Zscaler Expert CloudOps/DevSecOps Network Professional Security Professional Public Sector Architecture Workshops Zscaler experts teach an interactive session on how a zero trust architecture can free you from past constraints so you can move securely to the digital future—at cloud speed. Women in IT Exchange A fireside chat with IT leaders on professional directions and practical approaches to breaking down the barriers to individual success. Live Q&A/Demos Zscaler professionals lead hands-on interactive training sessions on Zscaler’s Zero Trust Exchange Technology. Training Zscaler cloud operations and cybersecurity experts will lead detailed hands-on technical training and certification programs. Register now for this one-of-a-kind, two-day immersive experience. Wed, 21 Apr 2021 20:31:25 -0700 Jessica Hofmann Announcing REvolutionaries, the Revolutionary New CXO Community, and the Zero Trust Academy Digital transformation requires zero trust. But successfully adopting zero trust requires not only getting the right platform but driving the entire organization to adopt a new cultural mindset. Roadmaps must be shared, business and IT priorities must align, and silos must be torn down. The new CXO must be both an innovator and a strategist, applying technology and architecture to drive measurable outcomes for the business. The Customer Experience and Transformation team at Zscaler comprises former CIOs, CISOs, CTOs, and heads of network, security, and architecture from prominent global organizations. These former practitioners bring their own real-world zero trust experience and expertise to their roles. They partner closely with Zscaler customer CXOs and future customers who are embarking on their own digital transformation journeys. Today, I'm proud to announce the launch of two key programs, The Zero Trust Academy and the REvolutionaries CXO Community. First, we all share a collective mission to advance the skills of the security-practitioner community. To that end, Zscaler has created the Zero Trust Academy, a certification training program focused on securing connectivity to private apps, SaaS applications, and the internet with the Zscaler Zero Trust Exchange. Second, digital transformation requires buy-in from and deep engagement with the C-suite and IT leadership. To empower, foster, and connect these leaders, we’re launching the Zscaler REvolutionaries Community. Zero Trust REvolutionaries are true pioneers. The REvolutionaries forum brings together visionary tech leaders to showcase zero trust success stories, share digital transformation best practices, participate in CXO-driven industry events, and connect with like-minded innovators. Featured media will include practical and actionable thought leadership content, industry case studies, news, as well as the latest cybersecurity research from the Zscaler ThreatLabZ team. Through highlighting successful thought leadership, events, insights, and community, we can help other enterprise leaders, we can push forward new technology architectures that will allow businesses to excel at their mission, and we can set standards for a new digital future that lives securely in the cloud. It's time to seize the zero trust moment. Join me and other CXO REvolutionaries at Tue, 20 Apr 2021 05:00:01 -0700 Kavitha Mariappan