Multi-cloud, hybrid cloud, and now “the supercloud:” a unified cloud architecture or platform that enables enterprises to more effectively manage multiple clouds; migrate workloads, data, and applications across their cloud ecosystem, and provide on-demand access to these resources.
The promise of the supercloud is that it does its job through a single, consolidated interface. The looming question is: How do you secure the supercloud?
Zscaler Founder, Chairman, and CEO Jay Chaudhry, along with Global CISO Deepen Desai, recently joined Supercloud 3, organized by theCUBE and SiliconANGLE, to explore how zero trust and AI can help.
Here are five key takeaways from their conversation with theCUBE team.
1. Zero trust is ultimately a commitment to three core principles
As Chaudhry pointed out, “Zero trust is a big departure from the network security architecture of 30 years ago. It’s like going from the traditional car to the electric car. In the traditional model, enterprises connected people to the network so they could move around and find applications, and life was wonderful, but it was wonderful for bad guys too.”
Today’s dispersed workforces are demonstrating how network- and VPN-based systems are dated. Enterprises must pivot from thinking about how to protect networks to how to protect users, their devices, and vital data.
Desai explained that zero trust allows companies to reduce their external attack surface and enforce consistent security policies, regardless of their user’s device or location. Zero trust architecture is rooted in three key principles:
- Never trust, always verify
- Enforce least-privileged access
- Assume breach
With that in mind, Desai recommends enterprises ask themselves about their cloud security:
- Does it reduce my attack surface?
- Does it enable me to enforce consistent security policies in-line, with full TLS inspection, whether a user is at home, on the road, or at the office?
- Does it reduce lateral movement from a compromised device with proper user-to-app segmentation and other techniques to keep an incident from becoming a breach?
- Does it inspect your data – regardless of whether it's coming from endpoints, workloads, or servers – to prevent exploitation?
2. Managing the attack surface is essential
Chaudhry pointed out that, with a true zero trust architecture like the Zscaler Zero Trust Exchange, “The attack surface literally disappears because all assets, employees, and services are hidden behind the cloud. Zscaler functions like a switchboard, sitting between all communication for every user to every application and application to application.”
All communication goes through Zscaler first, hiding valuable assets from outside actors. No listening port is exposed to the internet and inbound traffic is continuously scanned for malicious content. Additionally, data from all transactions and signals is collected and analyzed to create stronger security controls and to predict breach scenarios, so future attacks can be prevented rapidly.
3. Security firms must evolve their AI applications
Zscaler is no stranger to AI and machine learning. Like many security vendors, it used predictive analytics for years to identify new polymorphic malware payloads, previously unknown attackers, server destinations, and phishing attacks.
But with the advent of generative AI, which can create new content (text, images, sounds, and more) with various types of input, Zscaler began training its own customer large language model (LLM).
“By merging generative AI with predictive AI, there are several different use cases that we will be able to address. One of them that I'm personally driving is predicting breach scenarios even before they happen by using the telemetry that the product collects,” said Desai.
Chaudhry added that the successful use of AI is dependent on the quality of the data it ingests, an area where Zscaler excels. In a typical breach scenario, for example, bad actors conduct reconnaissance to sniff out vulnerabilities and gather information about their target by scanning ports or pinging certain systems. But Zscaler throws a wrench into these activities by monitoring and logging all communications, which AI can then study to deduce probable intent.
“By processing more than 300 billion transactions a day that provide us logs, along with 500 trillion signals, we can leverage the combination of predictive and generative AI to tell our customers ahead of time about a potential breach so they can take appropriate steps. I'm excited because this couldn't be done before, and now we can put all the great data we collect to use.”
4. Speed is key to AI-enabled security
As the supercloud grows and handles more data, it becomes an attractive target for attackers. Because of the cloud’s expanding nature, the pace of change makes zero trust essential.
At Zscaler, a global team of security experts keeps track of the information collected by the platform around the clock, building a vast repository of past and present data for analysis. The Zscaler platform leverages this information to see several moves ahead. For example, it can spot when attacks are in the reconnaissance phase based on the type of activity being conducted. But enterprises can’t rely on an expansive roster of vendors to operationalize this data.
“If you have best-of-breed point products and you're relying on a third product to correlate and generate a signal or rely on your team to generate a signal, it's game over. That's where having a platform in place that's able to feed the signal and take action at the time the attack is happening becomes critical,” said Desai.
5. Ultimately, defenders benefit the most from AI advancement
The AI revolution is one of data gathering and processing. What used to take days or hours now only takes minutes. While attackers will undoubtedly continue to leverage these capabilities, the power ultimately lies with a defender with broader access to telemetry data.
Zscaler monitors all customer telemetry and synthesizes it with data that has already been gathered. Utilizing broad capabilities to analyze and predict, Zscaler combines external with internal communication data to prevent breaches on a continuous basis. It can spot phishing attacks, see exploitation, malware, payload, and post-infection activity. The platform can see the attackers as they change and evolve their tactics and procedures. AI only makes that process faster and more precise.
“The bad guys may have open-source public data about the attack surface, but they don’t have any of the internal data that belongs to a company. We combine external data with the inside internal communication data to provide better defenses. I think that's our key advantage,” summarized Chaudhry.
And that, says Chaudhry, explains why over 45 percent of Fortune 500 companies trust Zscaler to keep their entire cloud infrastructure secure.
Watch the full interview with Chaudhry and Desai here.
What to read next
Zenith Live ‘23 kicks off with stunning series of innovation announcements
Zero trust connectivity extended plus a massive leap in data protection - Zenith Live ‘23 highlights