What you missed at the latest Zscaler CXO Exchange

February witnessed another amazing CXO Exchange, with Zscaler execs and IT & security leaders coming together in beautiful Fort Lauderdale to cover the latest advancements in the Zscaler platform and how innovative customers are deploying them to advance business goals.

As always, our jam-packed agenda covered too many topics to touch on in one post—and it’s impossible to capture all of the “hallway conversations” and strategizing outside of sessions that always accompany an Exchange—but here are some can’t miss highlights and key themes impacting the industry more broadly.

GenAI security: Risk vs. reward

It’s no surprise that AI featured prominently as an agenda item at the Exchange. In closed-door sessions, CXOs shared their candid experiences of trying to allow employee access to GenAI solutions, while trying to limit the risks of data leakage. ChenMed CISO Janet Heins also shared her experience with AI-driven SSE alongside Zscaler CSO Deepen Desai and Naresh Kumar, VP of Product Management for ZIA.

They described how, while useful assistants, GenAI tools are making it easier to execute attacks at greater speed, sophistication, and scale. Threat actors today are using AI to impersonate C-level executives as part of phishing campaigns lightyears beyond the believability of the Nigerian prince scams of yesteryear.

In addition to attempts to spoof Zscaler's own CEO, a CFO deepfake last year convinced an employee at a Hong Kong multinational firm to wire $25M to an outside account. Zscaler threat researchers are monitoring these attacks worldwide and CXOs should expect an uptick in identity-driven attacks.

Darkweb GPT models—generative AI models that lack security guardrails—are also gaining in popularity among cybercriminals. Often billed as aids to security researchers, they allow for the unfettered creation of malware, ransomware, and other threat types. As security controls strengthen on popular gen AI tools, "dark" versions will likely proliferate on the dark web.

Nevertheless, it was interesting to see how customers are able to enable workforces while still protecting their organizations from threats, as in this example deployment roadmap:

• Step 1: Block all AI and ML domains and applications
• Step 2: Selectively vet and approve generative AI applications that align with the organization's AI-use policies
• Step 3: Create a private ChatGPT server in the corporate/DC environment
• Step 4: Move the LLM behind single sign-on (SSO) with strong multi-factor authentication (MFA)
• Step 5: Configure a DLP engine to prevent data leakages and granular access controls

This simple-to-execute process can act as a template for any organization still seeking an effective approach to GenAI security, without having to resort to self-defeating, blanket bans.

CTEM: Gartner’s rising star

Another key highlight of the Exchange centered around continuous threat exposure management (CTEM), a Gartner-defined category rapidly gaining popularity among security leaders. Ajish George, managing director of cybersecurity & fusion engineering at State Street, joined Zscaler's Raj Krishna, SVP of product management, and CSO Deepen Desai to discuss how CTEM is informing his risk management strategy.

CTEM is a framework (not a product) conceived to address alert fatigue among SOC operators. The dizzying array of available security tools—often effective in only narrow areas—have also led to an explosion in the number of alerts and responses falling on these teams.

In fact, SOC analysts today commonly encounter thousands of daily alerts from their security tools and are stretched thin as a result. They spend an average of a third of their days chasing incidents that pose no real threat.

CTEM is meant to provide a framework for continuously understanding and addressing threats. Zscaler enables CTEM in three main areas:

• Visibility – Zscaler AI capabilities proactively alert administrators of vulnerabilities, misconfigurations, overly permissive settings, code flaws, and other gaps in their IT environments via our Asset Exposure Management and Unified Vulnerability Management solutions.
• Prioritization – Using its data fabric for security, Zscaler is able to correlate and contextualize data from hundreds of independent sources to gauge the criticality, impact, and compounding factors of a potential threat.
• Remediation – Along with prioritizing threats, Zscaler’s AI copilot can also make recommendations on mitigating controls and how to implement them. Reporting tools like Risk360 assist in creating easily digestible reports for reporting risks and remediation actions to business leaders and the board.

Prioritizing these three areas of the CTEM process allows Zscaler to provide more authentic visibility so SOC analysts spend less time chasing down false positives and more time remediating real threats with no wasted effort.

More importantly, it allows security teams to be more proactive in managing cyber risk. This means putting fewer resources in detection and response and more into prediction and preemption, eliminating attack paths before problems occur to reduce risk—and the SOC’s workload.

CXOs are searching for solutions to securely connect with third-party partners

Large, multinational organizations are increasingly reliant on a web of third-party partners to provide critical capabilities and services from contractors, technicians, consultants, and vendors. As a result, according to a Zscaler survey, 92% of IT professionals and cybersecurity experts are concerned about how to grant these necessary partners secure private access.

As Joby Menon, VP of product management at Zscaler explained, the vast majority of respondents worried that doing so using traditional VPNs would grant B2B partners overly permissive access to their networks. Traditionally, IT teams have turned to virtual desktop infrastructure (VDI) to provide access, but these solutions are highly expensive—running anywhere from $200-$400 per user. That's before factoring in subscription costs and time spent managing this virtualized infrastructure.

So-called "enterprise browsers" are another popular alternative for granting secure third-party access. But these typically require another agent, for users to adopt new and unfamiliar browsers, and they don't strictly align with zero trust principles.

What if partners could connect securely to the resources they need—and only the resources they need—directly from their browser of choice? That's the promise of the Zscaler Zero Trust Browser. This alternative is fully integrated with the Zscaler platform, meaning users get the same threat and data protection without costly licenses and management overhead. Because it's agentless, even unmanaged devices are subject to security policies the same as any device with the Zscaler Client Connector installed.

If you’re one of the dozens of CXOs I’ve spoken with in search of a secure, financially sound alternative to VDIs for providing third-party B2B access, you can estimate your potential cost savings with this calculator.

Interested in joining your peers for a high-impact event tailored for fellow IT & security leaders? Browse our upcoming CXO Experiences here.