Notizie e annunci | Feed categoria blog Blog di Zscaler — Le novità e le riflessioni della voce che guida il settore della sicurezza sul cloud. it NIS 2.0 - New Cybersecurity Rules In the EU Back in 2021, the White House issued an executive order compelling federal government agencies to develop a plan for implementing a zero trust architecture. This was followed by a memorandum that mandated federal agencies to achieve specific zero trust security goals by the end of 2024. Last year, as you may have heard, the SEC in the United States issued new rules compelling publicly traded companies to disclose material cybersecurity breaches. As it’s happened, the SEC has wasted no time in showing its regulations have teeth, with the first prosecutions having already taken place. So, there’s a lot going on in the USA, but it’s not the only place in the world where policymakers are pushing for—or even mandating—the adoption of zero trust principles. This year the European Union will be updating and tightening its Network and Information Systems (NIS) directive, and as anyone who experienced the arrival of the GDPR regulations on privacy will tell you, the reach of EU regulations can be great indeed. NIS 2.0 The NIS 2.0 directive comes into force in October 2024, mandating that management bodies within organizations in specific categories implement cybersecurity risk management measures. Impacted categories extend to: Energy Transport Banking Financial market infrastructure Health Drinking water Wastewater Digital infrastructure ICT service management (B2B) Public administrations Space Postal and courier services Waste management Manufacture, production, and distribution of chemicals Food production, processing, and distribution Manufacturing Digital providers Research As you can see, the directive is focused on critical physical and digital infrastructure within EU member states, but it also has reach. It applies not only to organizations within the EU, but also to any organization worldwide that provides services to any of the protected sectors within the EU. As with the SEC regulations, there are strict rules for prompt incident reporting. The stick The picture is abundantly clear at this point. Government bodies in regions covering hundreds of millions of citizens have recognized that the risk of inadequate cybersecurity practices is severe enough to warrant strict regulations and even severe penalties. The carrot has been in place for many years—now comes the stick! The carrot So, what’s the carrot? What are the positive aspects to strengthening your security defenses? Sure, it starts with reducing cyberattack risk and achieving compliance, but what else? Organizations that implement robust cybersecurity practices stand to gain significantly in terms of cost reduction, competitiveness, business continuity, and customer trust. Not just one carrot, but a whole bunch! Help is at hand. The NIS 2.0 directive itself includes clear guidance on how to improve your cybersecurity stance, and you won’t be surprised to learn that the first recommended cyber hygiene practice listed is the adoption of zero trust principles. In fact, as you review these lengthy regulatory and legal requirements, zero trust comes up routinely as the holy grail to aim for. “Users should log into applications, rather than networks” Help is also available from Zscaler, where we’ve been designing and building the foundational pillars of a zero trust architecture since 2007. If you’d like to speak to someone about implementing zero trust and achieving regulatory compliance, whatever your industry, please get in touch. Alternatively, join one of our monthly introductory webinars to learn more and ask questions. Click here and search ‘start here’ to find the next session to sign up for. Tue, 20 Feb 2024 00:00:02 -0800 Simon Tompson Now and Next: How Zscaler is Transforming to Fuel Channel Success Looking back at 2023, it was impossible to escape the constant buzz surrounding cybersecurity incidents in the market. But amid the chaos, one thing became clear: the cybersecurity market was booming and the role of leaders and partners in ensuring customer safety was crucial. The same still rings true in 2024. As the cyber security market continues to evolve, Zscaler is proud to be at the forefront of innovation, and now, we’ve put the programs in place to allow our partners thrive in this digital era alongside us. Both for what’s now… and what’s next. As we step into the second half of Zscaler’s fiscal year, we’re proud to showcase to partners the army of new opportunities we’ve designed to grow their business, maximize earnings, and elevate their skills. This includes a revamped incentive structure and new selling motions that empower partners with more collaborative selling opportunities throughout the sales cycle to deliver the greatest customer experience in their journey to digital transformation. We have transformed our partnering foundation to provide comprehensive support throughout the customer lifecycle. You’ve probably heard me say it before, zero trust is a team sport. In the 1H half of the year, we took on both an internal and external transformation to ensure that we have purposeful alignment, process, and engagement with our partners throughout the customer lifecycle. This means, from the earliest stages of our world-class sales process to the final delivery, our partners are integrated every step of the way, embedding their services and support to help our customers transition from legacy appliances to a true zero trust model. We’re leading the charge with the market-leading platform, and now the most lucrative incentive framework, in the market today. With the most comprehensive platform in the market today, Zscaler leads the charge. And now, we have introduced the most lucrative incentive framework to match. Over the past six months, my team and I hit the road to listen to our partners and understand what they truly desire in a partnership. One thing stood out loud and clear: they want to work with vendors who offer the most comprehensive security platform and drive profitability. That's why we have enhanced our incentives framework and channel-led selling motion, offering larger payouts, increased discount advantages, and performance bonuses. We want our partners to earn more and thrive in the cloud security market, establishing themselves as trusted advisors. As the digital landscape continues to evolve, Zscaler remains dedicated to supporting partners in driving customer success and achieving mutual growth. We’re empowering our partners to thrive in the cloud security market and establish themselves as trusted advisors. We know that for Zscaler and our partners alike, our number one commitment is driving customer success in the ever-evolving digital era. That’s why Zscaler not only continues to innovate its cloud security offerings to address emerging threats and challenges, but in the first half of our year, we simplified our certifications to help our partners become experts and build practices around zero trust. We also launched targeted enablement around Zscaler-powered customer outcomes to help our partners lead the way as trusted advisors to our customers. But our journey is far from over. As we enter the second half of our fiscal year, we have more exciting announcements lined up to fuel partner success. We will introduce new offerings and specializations to help partners seamlessly integrate Zscaler into their practices. We will optimize our collaborative partnering approach and launch industry-leading tools to make Zscaler the easiest to do business with in the industry. We’ll also continue to be in the field with you each and every day, to make sure our valued partners have the support to deliver transformational outcomes to our customers. We have achieved a lot in the first half of the year with your feedback and support throughout this transformative journey. We are fully dedicated to supporting our partners in reaching their maximum potential with Zscaler, both with what’s now and what’s next. Together, we are changing the channel and revolutionizing the cybersecurity market. Thu, 08 Feb 2024 05:00:02 -0800 Karl Soderlund Zscaler Appoints Steve McMahon as New Chief Customer Success Officer In the past year, Zscaler achieved a significant milestone by surpassing $2B in ARR. We take great pride in the fact that we accelerated from $1B to $2B ARR within a span of just seven quarters. Looking ahead, our sights are set on surpassing $5B ARR, a testament to our continuous growth and the trust placed in us by over 40% of Fortune 500 companies for their secure digital transformation. As we embark on this journey, we are diligently ensuring that our organizational structure and leadership are well-equipped to propel us to the next level of success. While Zscaler has many impressive stats about its business, the stat I’m most proud of is the Net Promoter Score (NPS) of over 70 while the average NPS score for SaaS companies is 30. This is driven by our innovative architecture and customer obsession which are part of our key values. The organization that plays a critical role in making sure our customers are delighted is Customer Success. To scale the customer success organization and continue exceeding expectations of our global customers, I’m excited to welcome Steve McMahon to Zscaler as our new Chief Customer Success Officer. This strategic addition to our leadership lineup demonstrates our ongoing commitment to delivering exceptional customer experiences and driving long-term growth. With over 25 years of customer success and services experience at a range of leading technology companies including Cisco, Splunk and, most recently, CrowdStrike, Steve has the expertise and know-how for developing strategies and programs that drive customer satisfaction, retention, and advocacy. His extensive experience in this space will enable us to further optimize our customer engagement model, ensuring that we are providing the right level of support at every stage of the customer journey. The trusted relationship we establish and cultivate with our customers is paramount to our business, which is why customer obsession has always been at the heart of everything we do. I am confident that Steve’s contributions will have a positive impact on our organization and help us maintain our focus on driving customer loyalty and satisfaction. Please join me in extending a warm welcome to Steve and a big thank you to the Zscaler team for your continued support and commitment to making Zscaler the leader in cloud security. Wed, 31 Gen 2024 11:01:44 -0800 Jay Chaudhry Quo Vadis Zero Trust? Il roadshow One True Zero Live di Zscaler fornisce le risposte! Nella tappa di Milano del tour prevista il 12 dicembre 2023, le aziende riceveranno consigli pratici su come sbloccare il pieno potenziale di Zero Trust. Negli ultimi anni è stato svolto un intenso lavoro di formazione sull’approccio Zero Trust alla sicurezza informatica e oggi è giunto il momento dell’adozione di massa. Per rimanere competitive, le aziende stanno trasformando i loro processi IT, riducendo la complessità delle loro infrastrutture e cercando di trarre il massimo beneficio dall'automazione e dalla digitalizzazione. La sicurezza basata su Zero Trust per gli utenti, i workload, gli ambienti IoT e OT e la connettività B2B con i partner esterni contribuiscono a realizzare questi obiettivi di trasformazione. Questo non significa che la discussione sul potenziale dell‘approccio Zero Trust non sia più importante, anzi è più importante che mai. Oggi i responsabili delle decisioni aziendali si trovano di fronte a una marea di offerte Zero Trust e devono scegliere quale approccio - se una soluzione singola o una piattaforma altamente integrata e basata sul cloud - si adatta meglio alla loro strategia di digitalizzazione e supporterà in modo più efficiente il consolidamento della loro infrastruttura IT. Il Roadshow europeo Zscaler One True Zero Live dimostrerà come il giusto framework Zero Trust può aiutare le aziende a superare anche le sfide più complesse: dalla protezione contro le minacce informatiche alla garanzia della sicurezza dei dati, alla possibilità di connettersi senza confini e di sfruttare business analytics. Zero Trust: non più se, ma come! Per dare vita a una strategia olistica basata sull‘approccio Zero Trust, le aziende devono innanzitutto svolgere i compiti a casa. L'implementazione dei principi Zero Trust di accesso con i privilegi più bassi ai dati e alle applicazioni richiede in genere una revisione totale dell'infrastruttura IT esistente. Ciò significa non solo considerare il problema della segmentazione degli ultimi 20 anni, ma anche come gestire la mole di dati e fornire una protezione degli stessi completa e basata sull'identità nel contesto attuale di crescente attività da parte della criminalità informatica. L'attenzione deve essere rivolta a determinare chi ha accesso a cosa. E le aziende hanno spesso bisogno di consigli concreti su come iniziare a rispondere a questa domanda. Infine, ma non meno importante, le aziende devono chiedersi di quali identità ci si possa ancora fidare e come l'intelligenza artificiale (IA) possa essere utilizzata in modo proficuo e sicuro. L'ultima indagine di Zscaler "Occhi puntati sulla sicurezza della GenAI" mette in evidenza il dilemma che le aziende si trovano ad affrontare quando si tratta di una nuova tecnologia come l'IA generativa (GenIA). Il 95% dei responsabili IT intervistati in tutto il mondo ha dichiarato che la propria azienda sta già utilizzando in varia misura gli strumenti di GenIA, ma l'89% considera la tecnologia un potenziale rischio per la sicurezza. In che modo Zero Trust aiuta ad affrontare questa sfida? Implementazione pratica di Zero Trust Durante la tappa di Milano del tour, Zscaler presenterà nuove tecnologie e casi di studio pratici in ambito Zero Trust, mostrando come sia possibile ridurre i rischi aziendali, ottimizzare la produttività e aumentare la flessibilità delle aziende, consentendo loro di implementare tecnologie come GenIA in modo sicuro e controllato. Sono previste tavole rotonde con i clienti che hanno già superato gli ostacoli dell'implementazione di un'architettura Zero Trust, oltre a presentazioni tecniche e dimostrazioni sulle quattro aree fondamentali della sicurezza moderna: Protezione dalle minacce informatiche: come possono le aziende proteggersi efficacemente dai pericoli sempre presenti degli attacchi ransomware utilizzando strumenti basati sull'IA per la prevenzione, la segmentazione e l'isolamento delle minacce? Verrà inoltre trattato il tema del furto d'identità, esaminando come, con l'aiuto delle tecnologie diversive, le aziende possano creare un ambiente di "negative trust" per trarre in inganno i criminali informatici. Protezione dei dati: la classificazione dei dati critici e l’identificazione dei luoghi in cui sono conservati i diversi tipi di dati sono due delle sfide principali per qualsiasi azienda voglia iniziare a lavorare con Zero Trust. Nel corso della tappa milanese del Roadshow Zscaler mostrerà come funzionano il rilevamento e la classificazione automatizzati dei dati, come vengono identificate le vulnerabilità nascoste e come è possibile proteggere i dati in movimento attraverso tutti i canali. Connettività Zero Trust: Zero Trust può essere utilizzato non solo per proteggere i flussi di dati verso Internet, ma anche per la connettività sicura tra utenti, filiali, siti di produzione e dispositivi IoT/OT. Dato il rapido aumento dei workload nel cloud, anche questi flussi di comunicazione devono essere monitorati. Business Analytics: la piattaforma Zscaler Zero Trust Exchange fornisce un potente strumento per la quantificazione e la visualizzazione dei rischi per affrontare i rischi indirizzati dalla cybersecurity. Zscaler Risk360 aiuta i manager a prendere decisioni informate per ridurre i rischi informatici sulla base di una visione olistica della situazione della sicurezza in tempo reale. L'analisi dei flussi di dati basata sull'intelligenza artificiale aiuta anche a ottimizzare l'esperienza digitale degli utenti. Facendo leva sulle loro profonde conoscenze in merito all'implementazione di Zero Trust dal punto di vista dei clienti, gli esperti di Zscaler saranno a disposizione durante l'evento per offrire consigli pratici e assistenza a chi sta impostando i propri progetti, dalla strutturazione del processo alla classificazione dei dati e delle policy come base per soddisfare i requisiti di legge. L'evento incoraggerà anche gli scambi reciproci, dando a chiunque abbia intrapreso il cammino verso una digitalizzazione sicura basata su Zero Trust l'opportunità di condividere preziosi insegnamenti. Saranno presenti anche clienti di Zscaler, che ora agiscono come strateghi della trasformazione, accompagnando le parti interessate nel loro percorso di riprogettazione dell'infrastruttura digitale. Oltre al programma ufficiale, gli specialisti di Zscaler saranno a disposizione per rispondere a domande aperte sull'uso strategico del modello Zero Trust in sessioni "Ask the Expert" durante le pause. La giusta piattaforma Zero Trust può fornire la risposta a tutti i requisiti dell'infrastruttura aziendale e organizzativa di oggi. Dal supporto al lavoro ibrido, alla protezione dei workload nel cloud o all'abilitazione di scenari futuri per la protezione delle applicazioni ai margini, il roadshow mostrerà il potenziale di Zero Trust per portare a una trasformazione veramente olistica. Zero Trust può fare molto di più che rafforzare la sicurezza di un'azienda. È possibile registrarsi alla tappa di Milano del roadshow e consultare l’agenda completa al seguente link. Vi aspettiamo il 12 dicembre 2023 presso Palazzo Parigi, in di Porta Nuova 1 alle ore 14.30! Wed, 29 Nov 2023 12:28:59 -0800 Marco Catino Come proteggere la GenAI L'indagine mostra che le aziende si stanno affrettando a utilizzare strumenti di IA generativa nonostante le significative preoccupazioni in termini di sicurezza Il mondo IT ha la tendenza a ripetere gli errori commessi nel tentativo di adottare le ultime innovazioni tecnologiche. Un esempio lampante è ciò che abbiamo visto di recente con l'adozione degli strumenti di intelligenza artificiale generativa (Generative AI, or GenAI) nel corso dell'ultimo anno grazie alla popolarità di ChatGPT. La proliferazione di nuove applicazioni di GenAI è analoga a ciò a cui abbiamo assistito con il SaaS. Le aziende si sono affrettate a far migrare le proprie applicazioni dai data center agli ambienti cloud e hanno iniziato a preoccuparsi della sicurezza (e delle prestazioni) solo in un secondo momento. Zscaler ha recentemente commissionato una ricerca intitolata "Come proteggere la GenAI", con l'intento di scoprire il modo in cui le aziende di oggi utilizzano gli strumenti di GenAI, le implicazioni di questa rapida adozione sulla sicurezza e le modalità attraverso cui la proprietà intellettuale e i dati dei clienti vengono protetti lungo il percorso. I risultati, che rappresentano le risposte di 900 responsabili IT in 10 mercati globali, suggeriscono che le organizzazioni avvertono la pressione di doversi affrettare a adottare strumenti di GenAI nonostante le significative preoccupazioni in termini di sicurezza. Sono le preoccupazioni legate alla sicurezza a prevalere Secondo la nostra ricerca, addirittura il 95% delle organizzazioni sta già utilizzando in qualche modo strumenti di GenAI nell'ambito delle proprie operazioni di business. Il 57% dei responsabili IT ne consente l'utilizzo senza restrizioni, mentre poco più di un terzo (38%) adotta un approccio più attento. Il restante 5% degli intervistati preferisce aspettare e vedere dove porterà questa tecnologia o ha vietato integralmente l'uso di questi strumenti. Nonostante dati di utilizzo così elevati, un significativo 89% dei responsabili IT intervistati ammette che la propria organizzazione considera la GenAI come un potenziale rischio per la sicurezza, e quasi la metà (48%) concorda sul fatto che la potenziale minaccia potrebbe attualmente superare le opportunità fornite da questi strumenti. Gran parte delle aziende utilizza strumenti di GenAI Dati questi risultati, l'adozione anticipata della GenAI non sembra essere un rischio così calcolato quanto vorremmo credere. Le aziende infatti, prima di spingersi oltre, farebbero bene a prendere in considerazione sia i problemi di sicurezza che quelli relativi alla privacy. La GenAI promette vantaggi considerevoli in termini di produttività e creatività, quindi impedirne integralmente l'utilizzo può porre le organizzazioni in una sostanziale posizione di svantaggio rispetto alla concorrenza. Da questo punto di vista, è incoraggiante vedere che solo una piccola minoranza ha preso questa strada. L'adozione di questi strumenti, però, deve essere affrontata in modo strategico, con un'attenzione alla sicurezza, al fine di garantirne un utilizzo responsabile e sicuro. Da dove provengono le preoccupazioni per la sicurezza? Le principali preoccupazioni indicate dalle aziende che non utilizzano la GenAI sono la potenziale perdita di dati sensibili, l'incapacità di comprenderne pericoli e benefici e la mancanza di risorse per monitorarne l'utilizzo. Dato che il 23% delle aziende che utilizzano strumenti di GenAI non monitora affatto questo aspetto, è chiaro il motivo per cui proprio quest'ultimo punto sia stato considerato una potenziale minaccia. Le organizzazioni non agiscono per risolvere i problemi di sicurezza Quando si introduce una nuova tecnologia, è fondamentale comprendere le sfide specifiche che pone in termini di sicurezza, in modo che queste non ne oscurino il potenziale. La mancata implementazione di misure aggiuntive di sicurezza relative alla GenAI, che è stata ammessa da un terzo delle organizzazioni che la utilizzano, è un'altra mossa rischiosa che potrebbe rendere queste realtà vulnerabili. Sebbene il 31% dello stesso gruppo abbia incluso soluzioni specifiche per la GenAI nel proprio piano d'azione, l'intento è una cosa diversa dall'azione vera e propria, e molte misure temporanee tendono a diventare permanenti. In relazione alla GenAI, la principale sfida per la sicurezza risiede nella fuga dei dati; questo sottolinea l'importanza vitale di adottare solide misure in questo senso. Il primo passo che le aziende devono compiere è quindi quello di garantire la visibilità su chi utilizza le app di IA e su quali sono le app di IA utilizzate, per poi controllarne l'utilizzo. Una volta riacquistata visibilità, possono implementare misure per la protezione dei dati iniziando dalla loro classificazione, al fine di evitare la fuga delle informazioni. Sorprendentemente, solo il 46% degli intervistati ritiene che la propria azienda abbia classificato tutti i dati in base al livello di criticità. Un ulteriore 44% ha iniziato a classificare alcuni dei dati per poi implementare misure di sicurezza. Tutto questo lascia comunque un grande abisso ancora da colmare. Le organizzazioni devono agire subito per riprendere in mano il controllo L'IT deve assumere il controllo dell'uso e della sicurezza della GenAI Con aziende che sembrano così impreparate a proteggere la GenAI, potremmo chiederci cosa stia forzando l'adozione rapida di questa tecnologia. Sorprendentemente, la pressione per il lancio non proviene da dove si penserebbe. Nonostante la diffusa popolarità, non sembrerebbero i dipendenti la forza trainante dell'attuale livello di interesse e utilizzo: solo il 5% degli intervistati ha affermato infatti che la pressione proviene da questo gruppo, e non si tratta neanche dei contatti commerciali (21%). Secondo l'indagine, nel 59% dei casi sono gli stessi responsabili IT a essere i promotori di questa adozione. Se così fosse quindi, il contesto attuale riguarderebbe meno la "pressione" aziendale per l'introduzione di nuove tecnologie e più il "desiderio" dei team IT di stare al passo con l'innovazione tecnologica. Dato l'interesse ancora limitato da parte dei leader aziendali, sembrerebbe che la GenAI, dall'essere un interesse dei team IT, debba ancora diventare un vero e proprio fattore trainante del business in senso più ampio. Il fatto che siano i team IT a promuovere l'adozione anticipata dovrebbe rassicurare sia i responsabili IT che i leader aziendali. Questo significa che c'è spazio per moderare strategicamente il ritmo dell'adozione della GenAI dando all'IT abbastanza tempo per consolidare il controllo sulle proprie misure di sicurezza e privacy prima che i rischi si trasformino in vere e proprie crisi. L'implementazione della GenAI dovrebbe essere accompagnata da una soluzione zero trust come la piattaforma Zscaler Zero Trust Exchange, che garantisce piena autorità e supervisione sull'utilizzo della tecnologia per ogni singolo utente e applicazione e consente alle aziende di preservare la sicurezza e il controllo sull'ambiente. I seguenti passaggi consentiranno ai team IT di riprendere in mano il controllo degli strumenti di GenAI: Condurre valutazioni approfondite dei rischi per la sicurezza e la privacy delle applicazioni di GenAI, al fine di comprenderli e rispondere efficacemente. Implementare un'architettura zero trust olistica per ottenere la massima visibilità e autorizzare solo le applicazioni e gli utenti GenAI approvati Stabilire un sistema di logging completo per tenere traccia di tutti i comandi e le risposte di GenAI Abilitare misure per la prevenzione della perdita dei dati basate sullo zero trust, al fine di proteggere tutte le attività di GenAI e prevenire l'esfiltrazione dei dati Ogni nuova tecnologia porta con sé sia aspetti positivi che negativi. Zscaler è pioniera dell'impiego delle soluzioni zero trust per realizzare in modo sicuro e responsabile l'enorme potenziale della GenAI, guidando l'innovazione con la stessa determinazione con cui ha guidato l'adozione sicura del cloud. Con Zscaler, puoi accelerare drasticamente la tua rivoluzione fondata sull'IA generativa. Tue, 21 Nov 2023 00:43:26 -0800 Sanjay Kalra Reimagine your cloud security with Zscaler at AWS re:Invent 2023 Zscaler will be at AWS re:Invent 2023, running November 27 - December 1 in Las Vegas! This will mark our second year attending AWS’s premier technology conference. If you’re heading to Vegas, be sure to visit us at booth #1259. We’ll be hosting exclusive giveaways (including a raffle for multiple drones), but even better, you’ll have a chance to learn about our latest groundbreaking features and see up close how Zscaler can secure your organization. We also recently revealed several innovative capabilities for Zscaler Workload Communications that will significantly improve your cloud workload security, including: Integration with AWS user-defined tags: This unique capability enables you to create custom security groups based on user-defined tags and native attributes in AWS, eliminating the complexity associated with legacy methods. Auto discovery of cloud resources in real time: Zscaler's native integration with AWS enables real-time automatic discovery of VPCs, subnets, and EC2 resources, along with their associated tags and attributes. Securing multi-session VDI deployed in the public cloud: An industry first, Zscaler inspects all ports and protocols for multi-session, non-persistent VDI deployments in the public cloud. Check out our recent launch blog post for more details. In addition to demonstrating how Zscaler can improve your cloud security, we’re hosting some awesome events in partnership with AWS, Okta, and Splunk. To register for these events, reach out to your Zscaler account team and visit our page! Learn more about our recent innovations in New Zero Trust Innovations Radically Simplify Cloud Workload Security. You can also visit our solution page. To learn more about what Zscaler is doing at AWS re:Invent, click here. And if you haven’t already, to register for AWS re:Invent 2023, visit their homepage. Wed, 15 Nov 2023 08:00:01 -0800 Franklin Nguyen Zscaler partecipa a Cybertech Europe 2023 Dal 3 al 4 ottobre presso il Centro Congressi La Nuvola di Roma, un appuntamento per esplorare le migliori pratiche nella sicurezza Zero Trust Zscaler parteciperà alla conferenza CyberTech Europe, la principale piattaforma mondiale di networking per l’industria della cyber security, che si terrà a Roma, dal 3 al 4 ottobre 2023 al Centro Congressi La Nuvola con la partecipazione di Marco Catino, Sales Engineer Manager, che terrà degli interventi dedicati al potenziale dell’Intelligenza Artificiale nella sicurezza informatica. Le conferenze CyberTech rappresentano un’occasione di dialogo a livello internazionale e un’occasione di dibattito su tecnologia cyber ed innovazione. Insieme ad autorevoli esperti, decision maker, CISO e relatori di prim’ordine provenienti dall’Europa e da tutto il mondo, i partecipanti potranno scoprire trend, innovazioni tecnologiche, sfide e soluzioni di un settore in continua evoluzione come quello della cyber security. Gli esperti approfondiranno i trend europei in materia di cyber security, ma anche Intelligenza artificiale e SuperTech, difesa, FinSec, cloud. In particolare, tema centrale dell’edizione 2023 sarà “Ecosistema su scala globale”. La partecipazione a Cybertech di Zscaler prevede la presenza di Marco Catino, Sales Engineer Manager, ad un discussion panel dedicato al cloud security sul tema dell’intelligenza artificiale nel corso del quale verrà illustrato anche l’approccio Zscaler: l’appuntamento è per il 3 ottobre alle ore 15.15. CyberTech sarà quindi occasione per approfondire una serie di soluzioni di sicurezza avanzate, e recentemente annunciate da Zscaler, progettate per i team IT e di sicurezza per sfruttare tutto il potenziale dell'intelligenza artificiale (IA) generativa, preservando al contempo la sicurezza della proprietà intellettuale delle aziende e dei dati dei loro clienti. Utilizzando il suo vasto pool di dati, Zscaler utilizza intelligenza artificiale/machine learning o l'intelligenza artificiale generativa non solo per prevedere le violazioni, ma anche per consigliare le policy in modo da offrire funzionalità avanzate di rilevamento, prevenzione e risposta alle minacce. Il vantaggio dell'intelligenza artificiale di Zscaler è il risultato di 15 anni di esperienza e leadership nello sviluppo e nella gestione della più grande piattaforma di sicurezza cloud al mondo che elabora oltre 300 miliardi di transazioni giornaliere da utenti, dispositivi IoT/OT, workload e comunicazioni business-to-business. Le innovazioni di Zscaler che aiuteranno i clienti nel loro percorso di trasformazione per un’adozione sicura dell’intelligenza artificiale. I professionisti della sicurezza informatica avranno inoltre l’opportunità di visitare lo stand di Zscaler per ricevere e approfondire tutte le informazioni riguardanti le soluzioni di sicurezza informatica del vendor. È possibile registrarsi alla manifestazione attraverso il link disponibile qui. Wed, 27 Set 2023 05:44:15 -0700 Marco Catino Come semplificare la sicurezza nelle piccole imprese Le piccole imprese potrebbero erroneamente credere di essere al sicuro, ma sono vulnerabili agli attacchi quanto le grandi società. Secondo Statista, nel 2020, in Svizzera, circa un terzo dei dirigenti di piccole imprese considerava molto basso il rischio che la propria azienda potesse subire un attacco informatico di bassa intensità, e solo il 2% riteneva che il rischio di un attacco tanto grave da comportare la cessazione dell'attività fosse elevato o molto elevato. Sebbene abbiano digitalizzato le proprie operazioni aziendali, molti dirigenti di piccole imprese continuano a non dare la priorità alla creazione di misure di difesa appropriate contro gli attacchi informatici. Ciò è dovuto principalmente alla mancanza di competenze e risorse: non dispongono infatti di tempo e personale a sufficienza per riuscire a prendersi cura anche della sicurezza su Internet, oltre alla gestione delle operazioni della loro microimpresa. Si tratta di un approccio che può rivelarsi piuttosto pericoloso in quanto, secondo l'indagine annuale condotta da gfs-Zurich, quasi un terzo (31%) delle piccole imprese svizzere ha subito un attacco informatico almeno una volta nel corso del 2022. Un settore dell'economia a rischio? Le piccole imprese sono un settore economico importante in ogni Paese. In tutta Europa, il 60-70% del prodotto interno lordo è generato da piccole e medie imprese, e oltre 20 milioni di persone sono impiegate in aziende con meno di dieci dipendenti. A prima vista, un attacco contro una grande azienda potrebbe sembrare più redditizio per i criminali informatici, che potrebbero riuscire a estorcere milioni di dollari attraverso ransomware con richiesta di riscatto.Tuttavia, le aziende più piccole sono comunque a rischio, perché rappresentano un bersaglio più facile da colpire. In molti casi, la mancanza di misure difensive per bloccare i malware provenienti da siti web infetti, e-mail di phishing o attacchi man-in-the-middle lascia, di fatto, le porte aperte agli aggressori. Affinché le piccole imprese possano adottare misure più efficaci per proteggere le proprie operazioni, le soluzioni di sicurezza informatica di oggi devono essere adattate al meglio per rispondere alle loro esigenze. E ciò significa rendere queste soluzioni altamente accessibili. I fattori determinanti che guidano il processo di acquisto di un'azienda sono gli stessi che influenzano anche le singole persone. Sono alla ricerca di una soluzione che consenta una distribuzione rapida e semplice e che sia facile da utilizzare. I dirigenti delle piccole imprese non hanno tempo da dedicare a lunghe discussioni contrattuali, né dispongono delle risorse necessarie per la manutenzione e gli aggiornamenti periodici della sicurezza, motivo per cui cercano l'aiuto di altri.In molte aziende è il fornitore dei servizi di telecomunicazione a occuparsi delle esigenze di connettività. Ma oggi, con la trasformazione digitale che sta portando la connettività sul cloud, è logico che i fornitori di servizi di telecomunicazione collaborino con le loro controparti nel campo della sicurezza sul cloud per proteggere in modo efficiente le piccole e medie imprese. La sicurezza visibile Il provider di servizi di telecomunicazione Swisscom, in collaborazione con Zscaler, ha sviluppato una soluzione per gli uffici online pensata per le piccole e medie imprese: InOne SME. Questa soluzione offre alle microimprese con un massimo di dieci dipendenti lo stesso livello di sicurezza su Internet di cui usufruiscono le grandi aziende in tutto il mondo. Prima di iniziare, le piccole e medie imprese possono effettuare un audit della sicurezza online con una valutazione end-to-end del proprio panorama digitale in un semplice clic. L'audit rivela le principali lacune nella protezione, e consente alle aziende di concentrarsi prima su quelle aree, per poi aggiungere eventuali altre funzionalità di sicurezza se e quando il loro budget lo consentirà o al mutare delle loro esigenze. Attraverso il portale self-service di Swisscom, le piccole e medie imprese hanno la possibilità di colmare in modo facile e veloce i punti ciechi identificati nella loro sicurezza, aggiungendo semplicemente il pacchetto scelto come servizio mensile al proprio contratto Internet o di telefonia mobile. Viene quindi fornito un Client Connector, il quale garantisce che tutti i flussi di dati che si connettono all'azienda vengano instradati attraverso il cloud di Zscaler per il controllo di sicurezza. Malware, tentativi di phishing e altre minacce informatiche vengono rilevate e intercettate prima che raggiungano i dispositivi degli utenti. Questa soluzione offre inoltre alle PMI il vantaggio del cosiddetto "effetto cloud". Se in qualsiasi parte del mondo viene rilevata una nuova minaccia informatica emergente nella sandbox di Zscaler, tutti gli utenti vengono automaticamente protetti da questo pericolo. Un servizio di questo tipo è particolarmente vantaggioso per le piccole imprese, che possono lasciare la sicurezza in background con la certezza che le loro difese saranno sempre aggiornate, e che possono così concentrare tutta l'attenzione sulla crescita del proprio business, senza preoccupazioni. Fri, 22 Set 2023 04:13:25 -0700 Markus Breuer Zscaler is Proud to Be One of the Best Workplaces in Technology Today, Zscaler was named one of Fortune’s Best Workplaces in Technology, a significant accomplishment given the highly competitive nature of this ranking which is based on over 162,000 responses from employees at companies across the technology industry. And because this recognition also takes into account feedback provided by Zscaler team members, it’s an especially important endorsement from the very people who know our culture best. Like many iconic technology companies, Zscaler was born out of an original idea, a lot of hard work, and the unwavering belief that this idea had the potential to change the world. Sixteen years later, we’ve seen how cloud security has become an essential component in accelerating digital transformation initiatives and, as I look back over our company’s history, I’m reminded of all we’ve accomplished as we’ve grown Zscaler into the global cybersecurity leader it is today. Images from the early days of Zscaler. (Left) Mapping out a novel approach to cloud security that would later become the Zscaler Zero Trust ExchangeTM Platform. (Right) With a team of founding engineers who helped bring the vision to life. Every milestone adds to the mosaic that makes up who we are as a company and what we stand for. Over the years we’ve been recognized in a number of areas, such as our product innovation (we have over 400 issued and pending patents worldwide) and customer satisfaction (with an NPS of 70+, Zscaler’s score is over 2x the average for SaaS companies). But I firmly believe that our team members are our greatest strength, so as we continue to grow our ranks, it’s extremely important that we continue to invest in creating a positive culture and environment that enables our employees to do their best work and contribute in meaningful ways. This year has been quite eventful with Zscaler being named to a number of “Best Workplaces” lists, including: Fortune’s Best Workplaces in the Bay Area Fortune’s Best Workplaces for Millennials UK’s Best Workplaces for Women UK’s Best Workplaces in Tech Each award serves as further validation that Zscaler has come to be known as an iconic company that’s driving cybersecurity innovation and market growth with a talented and world-class team…fulfilling a dream that started 16 years ago. A big thank you to the Zscaler team for making us a “great place to work” - this award celebrates you and all of your valuable contributions. Congratulations, everyone Tue, 19 Set 2023 07:30:02 -0700 Jay Chaudhry Zenith Live ‘23 EMEA Closes with Customer Calls for Action, Quest for Innovation "Change is uncomfortable. Fear of the unknown leads to inertia. The bold and curious will succeed." – Jay Chaudhry, Zscaler Cybersecurity spending is projected to reach $219 billion in 2023. Nevertheless, researchers predict cybercrime to cost the global economy $10.5 trillion by 2025. How can we bridge the chasm between our mitigation efforts and the results they deliver? That was the question Zscaler CEO, Chairman, and Founder Jay Chaudhry opened Zenith Live 2023 in Berlin last week, and it’s one Zscaler colleagues, customers, and partners spent the rest of the conference trying to answer. It was time well spent with encouraging results. Why? For one, it starts with a refusal to settle for the status quo. Equinix VP of Technical Sales Vaishali Ghiya, who joined Jay on the stage for his opening keynote, summed up the endless possibility of this mindset perfectly when she remarked, “We said bye-bye to that appliance-based VPN, and it's been happily ever after ever since." Now, her expectations have reached new heights: "I look forward to getting on an airplane, firing up Zscaler, and getting all my work done on a long flight," she said. Refusing to sacrifice productivity while in the air demonstrates an unwillingness to settle. CompuGroup Medical is another shining example of a company that battled inertia and reaped the rewards. After organizing its IT environment around hub-and-spoke connectivity and castle-and-moat security for years, CompuGroup decided it had other options, as Jochen Klein and Tim Cottin reported to the audience. As one of the world’s leading e-health companies, its cyber and IT operations protect customer data, accelerate business transactions, and secure developers’ access to code databases to insulate the company against supply chain attacks. Following its transition to a zero trust architecture, Jochen and Tim reported that CompuGroup vaulted into the top 2% of companies for security in independent pen testing. It can connect employees productively on day one following M&A deal closures. "Because of Zscaler's ZPA, [third-party pen testers] were unable to penetrate our network and were not able to find any services to try to breach," Jochen said. In addition to a strong bias for action, the willingness to continuously innovate is another key factor contributing to successful digital transformations. Not surprisingly, this urge to improve was also on full display in Berlin last week. E.ON CISO René Rindermann, with whom I had the pleasure of sitting down for a fireside chat, spoke of digital transformation as the impetus for breaking down silos between departments at the European energy provider. By recognizing that digitization was a business priority rather than an IT priority, he said the company became more nimble in all facets, from product rollouts to enabling remote work. While Zenith Live is always an opportunity for Zscaler to showcase the innovations it has been hard at work on, that’s truly something best done by our customers. Few do it better than our longtime collaborators at Siemens Energy. VP of IT Infrastructure Wolfgang Schubert and Head of Threat Intelligence Dusan Vignjevic were on hand to highlight some of the company's efforts. Knowing the company is facing spikes of 30-40% in energy demand within the next 20-30 years, Siemens Energy is committed to innovating to meet this demand sustainably. As Wolfgang put it, “Technology drives decarbonization.” Specifically, he called out Zscaler Digital Experience (ZDX) as a tool the company uses to maximize its resources without sacrificing security. MAN Energy Solutions CISO Elena Furini, who also took to the stage at Zenith Live, has a similar focus. "Through our products, we want to reduce global emissions by 10% by 2030," she said. As one of Zscaler’s first Zscaler Private Access (ZPA) customers, we are proud to have supported Elena and MAN on their mission by providing a means for protecting crown jewels like Active Directory, granting secure access to third parties, and acting as a secure VPN replacement. I could not help but notice the synergies between Man Energy Solutions and Siemens Energy’s efforts and a point made by Jay in his opening keynote that Zscaler can drive a 93% reduction in carbon emissions compared to on-premise solutions. While this is ultimately a small contribution to a significant global problem, I am proud of its alignment between Zsclaler and its partners. Sadly, cybercriminals are as committed to innovation as upstanding technology leaders. For threat actors, data is gold. Protecting that data is critical for Zscaler customers like the staffing firm Randstad, financial services provider Equiniti, and banking conglomerate Absa Group. "For [Equiniti]," said CISO John Meakin, "knowing where the data is and where it's going is core to our business." Enter innovations in data loss prevention (DLP). Because so much of cybersecurity boils down to ensuring data is secure and confidential, this was a major theme running through the innovations unveiled at Zenith Live. Representatives of customers who took to the stage to discuss their DLP efforts highlighted the essential need to capitalize on the advantages offered by the cloud, the risks it introduces, and the high stakes with which they are all playing based on their industry. Knowing this is the case for many Zscaler customers, this year's innovations put a premium on distributed data protection with new features focused on LLM-related data governance issues, AI-powered cloud configuration monitoring, and forthcoming multi-modal DLP capabilities for audio and video file formats. These were a few highlights from two truly incredible and inspiring days with colleagues, customers, and partners. If you could join us, I hope you took away important lessons and fond memories. If you missed us in Berlin, please register to watch the recorded sessions. To hear more customer voices from Zenith Live ‘23, check out the day one and day two recaps from our Las Vegas event. Wed, 05 Lug 2023 13:40:20 -0700 Kavitha Mariappan The Power of Zscaler Intelligence: Generative AI and Holistic View of Risk Zenith Live ‘23 was a resounding success as we brought together a host of experts, industry analysts, and customers to learn, explore and exchange ideas on cybersecurity technology innovation and transformation. Each year, Zscaler announces several industry-changing innovations at this event, and this year was no different. One thing that captured the attention of attendees, however, was generative AI— and for all the right reasons. Your partner in the AI transformation journey At Zscaler, we believe Generative AI as a technology is fundamentally transformational, but delivering impactful AI-powered outcomes requires large volumes of diverse, high-quality data and a sophisticated AI engine to precisely train AI models. Zscaler’s AI advantage is a result of 15 years of expertise and leadership in developing and operating the world’s largest cloud security platform, which processes more than 300 billion daily transactions from users, IoT/OT devices, workloads, and business-to-business communications. The scale of Zscaler’s platform combined with our unique large language models (LLMs) differentiates our AI solutions in the industry. Just as we are helping organizations navigate through security and network transformation, Zscaler is committed to helping customers safely embrace Generative AI and accelerate their AI transformation journey. To that end, we made several notable announcements at Zenith Live ‘23—ranging from advancements in current products that customers love and use every day, to industry-defining new innovations that are coming down the pike. Generative AI is transformational Embracing AI transformation securely Several Zscaler products today leverage the benefits of AI and ML to recommend security policies, segment users and applications, classify data, and identify risks accurately. Recently, we have delivered additional capabilities to give customers more power over access control and protecting sensitive data to ultimately enable them to embrace generative AI more securely. Data protection for AI: Zscaler Data Loss Prevention (DLP) prevents potential data leakage and enables organizations to record and retain content, including prompts to generative AI queries and outputs of publicly available LLMs and AI applications, for security and audit purposes in their own environments. AITotalTM : a comprehensive grouping and risk classification for an exploding number of AI applications, for security and audit purposes in their own environment. AI visibility and access control: A new URL category and cloud application specifically tailored for monitoring AI application usage. This innovative solution offers the versatility to establish a variety of disparate policies for different user sets and groups, granting organizations precise control over access to AI applications. By implementing cloud-based remote browser isolation, Zscaler provides an additional layer of security while restricting potentially hazardous actions, such as uploads, downloads, and cut-and-paste functions, when accessing AI applications. More details about how Zscaler is making it safer for customers to embrace Generative AI tools are covered in this blog by Dhawal Sharma - SVP, Product Management at Zscaler. Patrick Foxhoven talking about Zscaler’s leadership in AI at Zenith Live ‘23, Las Vegas Ground-breaking Generative AI security innovations for the next generation of threats Zscaler is embracing generative AI and using it to develop several industry-leading innovations that were improbable (at least not with precision) even a few years ago. We previewed some of these at Zenith Live ‘23 and will share more soon. Security Autopilot™ with breach prediction: A proactive approach to securing data by enabling AI engines to continuously learn from changing cloud-based policies and logs. Between accurately recommending policies and performing impact analysis effectively, Security Autopilot simplifies security operations while preventing breaches. This is currently piloted by ThreatLabz, Zscaler’s advanced threat research and incident response team. Zscaler Navigator™: A simplified and unified natural language interface to enable customers to interact with Zscaler products and access relevant documentation details using a seamless, secure, and user-friendly approach. Multi-Modal DLP: Zscaler’s revolutionary approach to DLP will operate by integrating generative AI and multi-modal capabilities into its already capable DLP offerings to protect customers’ data from leakage across various media formats beyond text and images, such as video and audio formats. Introducing Zscaler Risk360TM: Holistic view of risk for organizations Zscaler is deeply rooted in solving some of the most complex security challenges for our customers. One thing that comes up in our conversations with CISOs across the globe is the need for them to have a near real-time view into the organizations’ holistic risk. The ever-increasing frequency of cyberattacks and external pressure from regulatory bodies, such as the Securities Exchange Commission (SEC), has made cyber risk quantification and reporting a board-level conversation. However, legacy solutions tend to be manual, static, and difficult to use. Leaning again on the strength of Zscaler intelligence coming from our Zero Trust Exchange and our commitment to solving the most complex security challenges for customers in an elegant fashion, we announced the limited availability of Zscaler Risk360 at Zenith Live ‘23. Zscaler Risk360 is a powerful risk quantification and visualization framework for remediating cybersecurity risk. It ingests data from external sources and your own Zscaler environment to curate a detailed profile of your risk posture across all four stages of a cyberattack - external attack surface, compromise, lateral propagation, and data loss - and all the entities in your environment, including assets, applications, workforce, and third parties. Zscaler Risk Dashboard Zscaler Risk360 gives security practitioners the ability to intuitively visualize holistic risk in real time and to use data-driven recommendations to take prioritized action to prevent breaches. CISOs can lean on Zscaler Risk360 to quickly understand the top risk drivers for the organization, make business decisions intelligently, and communicate simply and broadly to the executive team. Zscaler Risk360 is a game changer for security and risk professionals. You can read more in this blog by Raj Krishna - SVP of Product Management and Kanishka Pandit, Sr. Product Marketing Manager at Zscaler, or request a demo on our website here. I hope many of you joined us at Zenith Live ‘23 in Las Vegas or Berlin where we celebrated innovation, collaboration, and joint success with customers and partners. If you missed it, you can still watch the recording here. Thu, 29 Giu 2023 08:00:02 -0700 Harsha Nagaraju Zero Trust Connectivity Extended, Plus a Massive Leap in Data Protection - Zenith Live ‘23 Highlights Day two of Zenith Live jumped right into our third innovation keynote of the conference, focused on our initiatives to extend zero trust connectivity beyond users to workloads and IoT/OT devices. In the same spirit, I’m diving right into key takeaways from the second half of our main event in Las Vegas. Extending zero trust connectivity beyond the user Dhawal Sharma, Zscaler VP & GM of product management, pivoted in his keynote from a security to a networking focus, taking the audience through the evolution of networks from monolithic, as workforces worked almost exclusively from corporate offices, to gradually more distributed leading up to the pandemic until ultimately taking their current hybrid form. For the past 30 years, Dhawal emphasized, IP-based networking worked well. But the movement of employees from behind the corporate firewall and increasing adoption of cloud-native applications mean routable networks expanded attack surfaces beyond reason. The Zscaler Zero Trust Exchange addresses these shifts, allowing users to be connected to resources without the need for routable networks, effectively hiding both from internet onlookers. Establishing this history is essential to understanding what we mean by extending zero trust connectivity. Many users sit outside the corporate network today, and workloads and IoT/OT devices make up an increasing proportion of corporate traffic. Workloads require a zero trust connectivity framework at the cloud level. Employees and IoT/OT devices need a zero trust connectivity framework wherever they reside. We released Cloud Connector and Branch Connector to cover these use cases. According to Dhawal, it is akin to the shared responsibility model in cloud computing. We aim to shoulder the responsibility for zero trust connectivity to lighten the load on our users. In other words, we are automating how users bring traffic to the Zero Trust Exchange. Cloud Connector innovations Brian Lazear, Zscaler Vice President, Product Management, took over for a deeper dive into the cloud workload innovations. Brian discussed three core challenges facing cloud development and security practitioners: Operational complexity – With hundreds of workloads in existence at any time and new ones being constantly created or retired. Manual segmentation – Unrealistic given the number of existing workloads, which can expose organizations to attacks and data loss. Multi-cloud environments – That often must be managed independently of one another due to nuances between platforms. He then explained how Zscaler helps address these challenges by: Simplify operations through enhanced, near real-time visibility offered by workload discovery-as-a-service, infrastructure-as-code integrations for easy templating and granular configurations. You can tie these to ZIA and ZPA policies. Automate segmentation with the ability to add app-to-app controls and machine learning-backed grouping policies, as well as visibility over which apps talk to which others for true microsegmentation capabilities. Unify multi-cloud environments by introducing Google Cloud Platform support in addition to existing AWS and Azure offerings. New capabilities stemming from our partnership with Equinix allow push-button direct connectivity to the Zscaler Zero Trust Exchange for uniform policy enforcement. Managing a multi-cloud environment was especially taxing for NOV VP of IT Patricia Gonzalez-Clark. "They're very similar, but then they each have their own nuances. That's why we are especially excited about the advances to the Zscaler Cloud Connector, especially policy by tags." Branch Connector innovations Cafe-like connectivity is the gold standard for branch locations, confirmed Zscaler VP of Product Management Naresh Kumar. He took to the stage to explain how Zscaler Branch Connector innovations make it possible to open a laptop and connect to the business from anywhere. To do so securely, we focused on removing the need to connect different office branches using SD-WAN-enabled site-to-site VPNs. These entail a discoverable attack surface and can enable lateral movement if breached. Instead, the Zscaler Branch Connector is a network edge function that forwards traffic via a TLS tunnel with no overlay network required. Essentially the same technology powering ZPA today, Zscaler Branch Connector provides a singular path for traffic from the branch office to the Zscaler security cloud. No attack surface. No opportunity for lateral movement. This innovation keynote ended with Zscaler Sr. Director, Product Management Javier Rodriguez Gonzalez and Sunbelt Rentals EVP, Chief Digital & Technology Officer JP Saini expounding on the benefits of Zscaler Digital Experience (ZDX )and its new feature set. AI enhancements simplify diagnosing performance degradations for customers by automating the discovery of problems with, for example, an internet service provider. This feature pinpoints issues quickly and delivers reporting on which users are affected and possible remediation steps, all at a speed only possible with AI assistance. ZDX "allows our teams to be more proactive in identifying issues and pursuing remediation accordingly," said JP. Taking a digital transformation road trip with CarMax Shamim Mohammad, EVP & Chief Information and Technology Officer at CarMax, walked attendees through a phased digital transformation journey. Founded on the idea that buying a car could be straightforward, CarMax and Shamim were determined to make their zero trust implementation equally easy. Though it broke the mold, CarMax had a more challenging time innovating in IT. Before its transformation, the company was sitting in a massive legacy environment. Hair pinning was causing latency and fragmenting the customer journey. So CarMax established two goals: Strengthening the business by setting the standard for the digital car buying experience Overhauling IT operations by prioritizing cloud-native productivity solutions for its workforce By migrating business applications to the cloud, CarMax could operationalize the massive data sets it had amassed across its roles as a direct-to-consumer car dealer, vehicle wholesaler, and financial institution (as a top-10 auto lender). The migration also shifted mindsets among Shamim’s team from project completion to business enablement, inspired by the feeling they could contribute to the company’s success. Next, CarMax locations switched to local breakouts so users could access the internet directly. The employee experience improved, network-related costs cratered, and security enforcement became more manageable. According to Shamim, CarMax is now confident that the online car buying experience is secure for customers, and the company can provide excellent insights garnered from its large dataset. "One thing I love about Zscaler is they're innovating," he said. "As a company focused on being an industry leader, we need a partner that can innovate." An integrated solution to distributed data protection How can data protection be secure, simple, and productive? For Zscaler SVP Take-Off Teams, Willie Tejada, that is the fundamental question driving his team to dream up innovative ways to keep organizations safe from data loss and theft. To rise to the challenge, Zscaler GM & VP, Data Protection Moinul Kahn said his team has delivered over 70 new features in the past six months. To what end? Comprehensive, fully integrated data protection capabilities with the least burden on Zscaler users. New features advancing this goal include: AI/ML-powered automatic data classification and enforcement – Using sophisticated techniques to automatically classify data on the wire according to categories and enforcing rules based on policy. Improved incident management – Automatically notifying users of data loss prevention (DLP) rule violations and providing the opportunity for justification of that action. Cloud app control – For granular policy control over applications like ChatGPT, which allow rules to allow use but block actions like uploading source code to third-party apps. Data protection for unmanaged devices – By enforcing remote browser isolation to protect against uploading and downloading, copying and pasting, and even watermarks to discourage screenshots. Email DLP – Through SSL/TLS inspection of outbound mail that checks subject lines, body text, and attachments for DLP violations. These capabilities are essential for John Graham, CISO at NetJets. His company possesses data critical to ensure its elite clientele is comfortable and accounted for on private flights. Their privacy is paramount for NetJets. After hiring a red team hacker to prove somebody can steal information belonging to clients from cloud applications, John called in Zscaler. "We utilized the Zscaler team to actually prove that, not only could we see this happening, we could stop it," John said. "It proved itself out right away." For Equinix Deputy CISO Gene Casady, the most valuable data protection capabilities involve a cloud access security broker (CASB) solution. As an administrator of SaaS apps, Gene was looking for a CASB that integrated several functions into a single solution to reduce cost and simplify operations. He looks forward to seeing how the latest product enhancements will increase efficacy. "What I'm most excited about is seeing how Zscaler will apply AI and ML models cross-functionally to my unique data sets to produce more accurate and actionable alerts," he said. Zenith Live 2023 in Las Vegas has wrapped. We look forward to hearing from more customers at Zenith Live EMEA in Berlin on June 26-29. What to read next Zenith Live ‘23 kicks off with stunning series of innovation AI ethics: One more reason to look forward to connecting with fellow women IT leaders at Zenith Live '23 In Their Own Words: Customers in the Spotlight at Zenith Live '23 Fri, 16 Giu 2023 13:14:33 -0700 Kavitha Mariappan Zenith Live ‘23 Kicks Off with Stunning Series of Innovation Announcements We were thrilled to welcome customers, prospective customers, journalists, and industry analysts to the opening day of our annual Zenith Live user conference in Las Vegas yesterday. My fellow Zscaler executives and I were excited to showcase all of the hard work our product and engineering teams engaged in over the past year. These industry-redefining innovations in the arenas of AI-enabled security, data-driven business intelligence insights, and product enhancements promise to further strengthen the platform underpinned by the world’s largest security cloud. Attendees fill the event space at the ARIA Resort & Casino in Las Vegas. Jay Chaudhry sets the table for disruptive innovation with his CEO keynote Zscaler CEO, Chairman, and Founder Jay Chaudhry introduced several new Zscaler innovations by stressing that these capabilities were built on top of the existing platform. A guiding principle for the 15-year-old company has always been to help its customers consolidate vendors and eliminate point products. "Our goal," Jay said, "is to be integrated, comprehensive so you don't have to deal with multiple point products that don't work with each other." New offerings weren’t cobbled together from a string of acquisitions to add functionality in areas that were lacking, he pointed out. They weren’t dreamed up to extend product lines and create additional revenue streams. They were not knee-jerk attempts to capitalize on the buzz surrounding AI. Instead, they capitalize on Zscaler’s massive cloud security data lake for training sophisticated AI models to provide advanced insights to our customers. These insights were always present in the more than 300 billion transactions and 500 trillion daily signals seen by the Zscaler Zero Trust Exchange each day. AI simply allows us to process and serve them to users in scalable, intuitive, and actionable ways. Zscaler CEO Jay Chaudhry opening Zenith Live ‘23 from the main stage. Customers are always central to the Zenith Live agenda, and this year’s features many who were instrumental in conceiving and developing the innovations unveiled at this year’s event. First, Jay welcomed Christopher Porter, SVP & Chief Information Security Officer at Fannie Mae, to the stage to describe how the company jumped out of the gate early to begin its transformation journey. Christopher explained how Fannie Mae’s digital transformation began after they migrated key business applications like ServiceNow and Office 365 to the cloud. The company’s on-premise proxies could not keep up with the scale of traffic headed for the internet. That all changed when they switched to Zscaler Internet Access, allowing users faster and more secure internet access. "[Zscaler] changed the experience to where it's the same whether you're home, whether you're at Starbucks or you're in one of our physical buildings," Christopher said. As with many companies, the pandemic accelerated Fannie Mae’s transformation. It was the impetus for pushing out Zscaler Private Access (ZPA). Porter said it allowed him to sleep better at night since it removed the threat of lateral movement previously introduced by a VPN solution. More data protection capabilities followed: exact data match, index document matching, and integration with Microsoft information protection capabilities. Next, Jay discussed Zscaler's first foray into hardware with Justin Dustzadeh, Chief Technology Officer at Equinix. Equinix is a global digital infrastructure platform with over 240 highly reliable data centers connected by a global software-defined backbone network. A partner for more than a decade, Equinix had a vision of evolving its infrastructure security and interconnection consumption from box-based point solutions to a cloud-native, software-enabled, and customizable platform that could secure any-to-any capabilities for its user while enforcing policies and preserving visibility. The result, Zero Trust Branch Connectivity, is a plug-and-play appliance for securely connecting branches while reducing the cost and security risks associated with VPN-over-SDN-WAN connections. "We are partnering to take friction away and make secure cloud-to-cloud and hybrid multi-cloud interconnection an easy and enjoyable experience for our users," Justin said. To cap off the CEO keynote, Microsoft Chief Security Advisor James Eckart joined Jay and Zscaler EVP, Business and Corporate Development Punit Minocha onstage to explore the partnership between the two companies. "One of the things Zscaler first did with Microsoft, very successfully, was allow us to go straight from the endpoint to Office 365 while crossing Zscaler's complete security stack," James said, "so we could get around all of the hair-pinning and latency issues we were experiencing in our data centers. That was just really a boon for everybody. It created a lot of user delight." How the “strategic imperative” of cybersecurity aligns with Hyatt Hotels’ mission I also had the good fortune of sitting down with my good friend and longtime Zscaler customer Ben Vaughn, SVP & CISO of Hyatt Hotels, for a fireside chat. For Ben and Hyatt, cybersecurity is integral to the company's core purpose: care. "What an amazing purpose for a hospitality company, but what a really amazing purpose to have for a cybersecurity department," Ben remarked. As always when I talk to Ben, our conversation ranged from the idealistic underpinnings of a career in cybersecurity to its tactical implementations like risk transfer via cyber insurance – something for which Hyatt has a very innovative approach – to the importance of turning on SSL inspection to protect guests and employees from those who would try to do them harm online. Ben Vaughn and Kavitha Mariappan in conversation at Zenith Live ‘23 In talking about Hyatt's adoption of zero trust and what it means to the company, Ben acknowledged it has become a loaded term but boiled it down for his team as referring to validating traffic, identity, and security posture at multiple points within its environment. Vaugh also discussed the challenges of securing a highly mobile workforce that often shuffles among the company's more than 1,250 properties. "When we look for security technologies like Zscaler, cloud-based security delivery mechanisms are really important to us because we just can't rely on security to only exist the moments that you're inside our hotel," he explained. Of those 189,000 colleagues Hyatt and Ben rely on Zsclar to help secure, only roughly 40 work in cybersecurity directly. Vaugh attributes this to his team’s willingness to use the full suite of capabilities Zscaler offers to enhance Hyatt’s security posture. "I think we owe it to Zscaler and ourselves to push the buttons you give us because those buttons are the way we seize the initiative from threat actors," he said. “We make the amount of people that are required to respond to incidents that much smaller because we push the buttons” Ben wrapped our conversation with his advice for practitioners looking to stay in the field for the long run. "Find a way to tie what you do every day to what the company does every day," Ben says. "I think you might find that that makes it a lot easier to get permission to push that button." The power of Zscaler intelligence: Generative AI and a holistic view of risk Zscaler EVP & Chief Innovation Officer Patrick Foxhoven fittingly kicked off the Zenith Live innovation deep-dives by introducing many new features and enhancements made possible by AI. "We've been at this for a long time, so AI's not new, but I'll make a statement. We do think it has the potential to change everything," said Patrick. But the technology is not without risk, he noted. Both deepfakes and data loss can be enabled by the same generative AI capabilities we expect will also change the world in more positive ways. As Zscaler VP, Product Management Sanjay Kalra took over to explain, new Zscaler capabilities are focused on advancements in three key areas: Enabling Zscaler customers to use generative AI safely – You can’t protect against what you can’t see, so Zscaler began by adding a new URL category and cloud app for tools like Bard, ChatGPT, and others. This allows admins to finely control who is able to access these tools and enforce browser isolation to protect against sensitive data being uploaded. Zscaler also now provides risk scores for commonly used apps to determine if their AI integrations pose a threat based on the application’s security posture and data retention policies. Building new and enhancing existing products – Zscaler announced it is releasing its own proprietary natural language processor, dubbed Zscaler Navigator, which draws from the company’s own data lake so users can interact with products, request usage statistics, and query support in an intuitive and conversational format. Increasing the efficacy of everything we do – Multi-modal scanning makes data loss prevention (DLP) even more effective by scanning images, videos, and even Zoom calls for sensitive information like intellectual property and preventing them from being uploaded to third parties, assisting security teams with one of the most challenging threats to contain – insider attacks. Zscaler Global CISO Deepen Desai also walked attendees through the typical attack chain from downloading a malicious file to data exfiltration and, eventually, ransomware delivery. He explained how AI insights generated by Zscaler’s new Risk 360 platform can help security prioritize, isolate, and implement policies for preventing future process iterations. "In my opinion, this all ends with AI vs. AI," said Aflac VP, Security Operations & Threat Management DJ Goldsworthy, who joined Desai onstage to discuss the reduced response time necessary to compete with AI-enabled attacks and how he worked with Zscaler to limit his attack surface and automate remediation efforts. As Darin Hurd, Chief Information Security Officer at Guaranteed Rate, who provided feedback on the platform during development, put it, "What Risk 360 does for me is three things: First, it helps me more effectively communicate to my board. Second, it helps to prioritize where we spend our limited security resources. And third, at the end of the day, it inspires confidence because security is difficult and complex." Raj Krishna, SVP, New Initiatives, wrapped by previewing how the forthcoming Zscaler Business Insights will leverage company data to help solve business problems such as understanding licenses purchased versus those deployed or tracking employee usage patterns to understand their return-to-office journeys better. More on that to come… This article originally appeared on CXO REvolutionaries Fri, 16 Giu 2023 13:13:41 -0700 Kavitha Mariappan Introducing Zscaler Risk360™: Measuring Risk Holistically Given the current macroeconomic climate, IT leaders are judiciously re-evaluating their cybersecurity investments. Legacy solutions fail to provide the breadth of visibility into cyber risk and attack exposure necessary to accomplish this. Zscaler is introducing a new approach - a data-driven, real-time solution for managing cybersecurity risk. Cybersecurity is arguably one of the top priorities for organizations everywhere. The current macroeconomic environment and external pressure from regulatory bodies, such as the Securities Exchange Commission (SEC), require IT leaders to quantify and communicate cyber risk to internal stakeholders, business leaders, board members, government regulators, cyber insurance underwriters, and third-party vendors. Legacy solutions fail to meet this requirement for real-time, data-driven cyber risk management. These are often a medley of point solutions, spreadsheets, and manual aggregation of results. They just do not work. A new approach is required. Real-time, data-driven risk management with Zscaler Risk360 Introducing Zscaler Risk360, a powerful risk quantification and visualization framework for remediating cybersecurity risk. Zscaler Risk360 ingests data from external sources and your own Zscaler environment to curate a detailed profile of your risk posture in real time. Leveraging over 100 factors across your entire attack surface, it helps you understand your financial loss estimates, top cyber risk drivers, and the investigative workflows you can follow to remediate your cyber risk. More importantly, Zscaler Risk360 provides a powerful platform for CISOs to evaluate the efficacy of their cybersecurity controls across the four stages of attack - external attack surface, compromise, lateral propagation, and data loss - and all the entities in your environment, including assets, applications, workforce, and third parties. And given the criticality of communicating cybersecurity strategy across the entire enterprise, Zscaler Risk360 also generates CISO Board slides and high-fidelity peer comparison data to facilitate decision making. Zscaler Risk360 Dashboard Powerful risk quantification based on data and research Zscaler Risk360 leverages a highly complex, ThreatLabz-powered framework backed by hundreds of signals and several years of research to calculate risk scores for each of the four stages of breach - External Attack Surface, Prevent Compromise, Lateral Propagation, and Data Loss. Our model ingests data from your Zscaler environment and other external sources to evaluate your risk posture across more than 100 factors based on Zscaler’s unique inline vantage point. Zscaler Risk360 visualizes your cybersecurity risk across four entities - Workforce, Third Parties, Applications, and Assets. This allows enterprises to gain a more accurate picture of their risk exposure, correctly prioritize mitigation efforts, and make informed cybersecurity investment decisions. Intuitively visualize risk across your attack surface, in real time The Zscaler Risk360 web portal displays your organization’s cybersecurity risk in an intuitive, unified dashboard that allows you to quickly access key information. You can easily filter and drill down into the top drivers of your organization’s cybersecurity risk to further analyze and make security decisions. Business leaders, who are increasingly under pressure to demonstrate that their security programs adequately manage cyber risk, can explore financial loss estimates, including straightforward remediation recommendations. Zscaler Risk360 also includes a handy feature called “CISO Board Slides” which allows you to export a PowerPoint format slide deck to facilitate communicating key risk findings and dollar-value estimates of financial exposure consistently across stakeholders including Board, Audit, and IT Risk committees. Data-driven, prioritized actionable recommendations to prevent breaches Zscaler Risk360 surfaces risk insights with drill-down views for specific details and prioritized recommendations to amend policy. Once an enterprise’s risk posture is clearly understood, it’s critical that action is taken to prevent breaches. This is where the power of Zscaler Risk360’s prioritized remediation framework comes to bear. For example, when investigating users uploading sensitive files, Zscaler Risk360 provides guided investigative workflows that allow you to drill into suspicious users and apply critical policy changes to prevent further exposure. With Zscaler Risk360, you get to sit back and relax watching your risk score improve as your risk owners take policy actions over time. Fig: Actionable Recommendations Why Zscaler Risk360? Replace spreadsheets and third-party tools Gain a more accurate picture of your risk exposure along with a data-driven approach to estimated financial impact. Understand your top risk drivers Learn the top drivers of your enterprise’s cybersecurity risk with the ability to drill down into each contributing factor. Actionable recommendations to tune your loss expectancy Leverage Zscaler Risk360’s proprietary, research-backed guided workflows to investigate the most critical issues and prioritize actionable recommendations to remediate them. Board-level reporting and guidance Access curated collateral to share your quantified cybersecurity risk with your board, executive leadership, and other stakeholders. Wrapping up It’s time to put away your growing stockpile of third-party vulnerability management tools, attack surface reports, and spreadsheets. With Zscaler Risk360, signals across all your attack surfaces are aggregated in a single view, altogether with guided investigative workflows and prioritized actions to prevent likely breaches. Start your journey toward a more effective cybersecurity risk management posture today by talking with our team! Zscaler Risk360 is offered today in limited availability and is expected to become generally available soon. Read more and request a demo here. Thu, 29 Giu 2023 21:30:01 -0700 Raj Krishna Introducing Zscaler ITDR™ With identity becoming the next frontier of cyberattacks, Zscaler is introducing identity posture, hygiene management, and threat detection capabilities as the pillars of an identity-first approach to security that extends the tenets of zero trust to help create resilient IT environments. Cyber defense in an identity-centric world The end goal of all adversarial action is to leverage resources to get to the crown jewels. There are a variety of resources that could aid threat actors but the one with the highest effort-to-impact ratio is the identity of the user; and by extension, the credentials, privileges, and access rights associated with the identity. There are two paradigm shifts happening right now. First, EDRs are approaching the tail end of the slope of enlightenment in Gartner's security operations hype cycle, meaning they are pervasive and widely used. As a result, organizations are more successful than ever in detecting malicious tools and code execution. The second paradigm shift is the transition to zero trust. Gartner projects that at least 70% of new remote access deployments will be served mainly by ZTNA instead of VPN services by 2025—up from less than 10% at the end of 2021. As evidenced by Zscaler's 7000+ customers, organizations are adopting a zero trust architecture that minimizes their external attack surface, limits resource access, and verifies every user. These two paradigm shifts have forced the hand of threat actors; as a result, they're now going after Identities. If the modus operandi of a threat operation is to get to the crown jewels, then what better way to do it than by assuming the identity of a legitimate user? By compromising users and leveraging valid credentials, attackers can circumvent traditional detection controls and zero trust policies and instead leverage access rights and privileges to move laterally. In terms of the effort-to-impact ratio of an attack operation, network and host artifacts that comprise identity provider configuration, role-based access controls, and Windows credential stores sit in the middle of the Pyramid of Pain – annoying but not challenging or difficult. As a result, identity-based attacks that use valid credentials have quickly become the preferred strategy of not just organized threat actors (Lapsus$/Nobelium/BlackMatter/Vice Society), but have also been widely embraced by the cybercriminal community in general (80% of attacks in 2022 were identity-centric, 5/10 organizations suffered an Active Directory attack, and 90% of Mandiant IR engagements involved the use of Active Directory). Current approaches are ineffective Organizations typically use traditional threat detection and identity management approaches to mitigate the risk of identity attacks. However, these approaches often fall short because they were not built to deal with identity threats. Detection controls to identify the use of malicious credentials have existed for ages (UEBA / SIEM analytics), however, they are prone to false positives, and invariably lack the context to allow threat detection teams to make decisions (e.g. is random user X actually allowed to change Y permission?). Attacks such as 2FA MiTM, 2FA spamming, SIM cloning, session token hijacking/cookie stealing, etc. target IAM/PAM preventive controls, bypass MFA, and often rely on users to make smart decisions (historically, never a winning proposition). Furthermore, many internal forms of identity and credentials do not lend themselves well to multifactor authentication, this includes service accounts, applications that don’t support multifactor authentication, certificates, session tokens, and keys. These paradigm shifts, combined with the limited efficacy of existing solutions, necessitate an identity-centric approach to security. Zscaler Identity Threat Detection and Response (ITDR) – Bringing identity-first security to zero trust Zscaler’s vision for identity-first security is based on three fundamental pillars: Identity attack surface visibility The first step toward securing identities is to audit your identity infrastructure thoroughly. Zscaler ITDR provides the ability to assess your on-prem Active Directory (support for additional identity stores coming soon) and get a comprehensive view of your identity posture, risky users and computers, misconfigurations and vulnerabilities that exist in Active Directory, and a MITRE ATT&CK mapping that helps you locate blind spots and prioritize where to focus. Identity hygiene management Once you have visibility into your Identity Attack Surface, the second step is to build identity hygiene. Zscaler ITDR provides real-time monitoring of critical changes in the Active Directory that introduce new risks and open up pathways for attackers to escalate privileges and move laterally. In addition to real-time alerting, you also get remediation guidance in the form of video tutorials, commands, and scripts that can be used to resolve issues. Identity threat detection and response Not all identity issues and misconfigurations can be remediated. Some are business-critical and leave organizations open to exploitation in the event of a compromise. The last step is to be able to detect identity attacks that bypass existing defenses and leverage these misconfigurations to escalate privileges and move laterally. Zscaler ITDR provides high-fidelity detection for attacks like DCSync, DCShadow, LDAP enumeration, and more. How it works Zscaler ITDR takes a low-touch and operationally simple approach to identity security. It’s built into Zscaler Client Connector, our unified agent that securely brokers connections between users and applications/resources. Attack surface visibility Zscaler ITDR audits the Active Directory by running LDAP queries to build a map of schema, users, computers, OUs, and other objects in your identity store. It then runs checks against these objects to find misconfigurations and vulnerabilities that exist in your Active Directory. For assessing the Active Directory, Zscaler ITDR needs to run on a Client Connector installed on a domain-joined Windows machine. The security team sets up a scan by specifying the Active Directory domain they wish to access and selecting the Client Connector installed machine from which to run the scan. Depending on the size of the Active Directory, it takes anywhere between 15-30 minutes to complete the assessment. Once the assessment is complete, the results are available in the Dashboard. The assessment includes a domain risk score, focus areas to prioritize remediation, a list of the riskiest users and computers, a basic analysis of severity and risk categorizations, MITRE ATT&CK kill chain mapping, and a complete list of misconfigurations discovered. For each misconfiguration, the solution provides the following: Risk categorization Severity Remediation effort MITRE ATT&CK ID and tactic Explanation of the issue Potential impact List of users, computers, and objects affected Remediation guidance Video tutorials Scripts Commands Identity change detection Once an assessment has been configured, security teams can turn on change detection for the Active Directory domain. Change detection surfaces configuration changes that affect the security posture of Active Directory in near real-time, allowing security teams and directory admins to quickly respond and remediate. Zscaler ITDR runs a series of high-priority configuration checks against Active Directory. The scope of these checks targets the discovery of issues that have the highest possibility of abuse by adversaries. These checks run every 15 minutes from the Client Connector installed endpoint for the given domain. Changes are marked as having a good or bad impact. A good impact indicates that an issue has been resolved. A bad impact indicates a potential issue has been introduced. Identity threat detection Zscaler ITDR has a threat detection capability that alerts SOC teams and threat hunters of malicious activities directed toward potentially malicious misuse and theft of identities. Identity threat detection can be turned on as an endpoint policy on designated Client Connector-installed machines. Available detectors include DCSync, DCShadow, Kerberoasting, session enumeration, privileged account access, LDAP enumeration, and more. Security teams can choose to turn on all or a combination of detectors on designated endpoints. If a pattern is noticed, Client Connector signals to Zscaler ITDR that a threat has been detected. Zscaler ITDR will enrich the threat signal with information relevant to the security team to perform an investigation. The security team can configure orchestration capabilities in Zscaler ITDR to take automated actions from alerting to forwarding, to remediation. Why Zscaler ITDR? No additional agents / VMs required Built into the Zscaler Client Connector, Zscaler ITDR unlocks new capabilities and protections out-of-the-box. Integrated with access policy The Zscaler Zero Trust Exchange can dynamically apply access policy controls to block compromised users when an identity attack is detected. SOC integrations Strengthen investigation and response with Integrations that include leading EDRs and SIEMs. Our telemetry is OpenAPI compliant. Benefits Identity protection strengthens your zero trust posture by mitigating the risk of user compromise and privilege exploitation. Quantify identity risk Know where, how, and why you are at risk. An identity security assessment generates a risk score to quantify and track the posture of your identity attack surface. Find misconfigurations Uncover issues that allow attackers to gain the upper hand. Discover risky configurations like GPP password exposure, unconstrained delegation, and stale passwords that open up new attack paths. Remediate issues Build strong identity hygiene with remediation guidance. Understand the issue, impact, and who is affected. Leverage step-by-step remediation guidance along with video tutorials, scripts, and commands. Monitor in real-time Get alerts when configuration changes introduce risk. Identity stores are in constant flux with configuration and permission changes. Monitor in real-time and get alerted to new risks and issues. Detect identity attacks Stop privilege escalation with identity threat detection. Not all misconfigurations can be remediated. Detect and stop attacks like DCSync, DCShadow, kerberoasting, and more in case of a compromise. In closing Zscaler ITDR is a new class of Identity-centric security control that provides visibility into the identity attack surface, detects attacks against identities and identity systems, and mitigates risk by closing the loop on hygiene, containment, and remediation. With attackers using identity compromise as the preferred route to a breach, Zscaler ITDR provides a pragmatic approach to identity-first security to mitigate the risk of threats that bypass existing defenses. Tue, 13 Giu 2023 21:30:01 -0700 Amir Moin Announcing New Zscaler Platform Capabilities to Identify, Mitigate, and Manage Large-Scale Attacks We’re excited to unveil new platform innovations on the Zero Trust Exchange during Zenith Live 2023. These new services transform secure branch connectivity and provide continuous monitoring and threat detection, including quantifying risks and delivering a seamless IT experience. We’re proud to announce new innovations to our customers to help them identify, mitigate, and manage large-scale attacks. These new innovations are: Zscaler Risk360™ Zero Trust Branch Connectivity Zscaler ITDR™ ZSLogin™ Join us virtually at Zenith Live 2023 to see the latest innovations firsthand! Zscaler Risk360: a powerful risk quantification and visualization framework Zscaler Risk360 helps CISOs make informed and expedited business decisions that help reduce cyber risk. By leveraging a rich set of signals from internal and external sources within the Zscaler platform, CISOs gain unparalleled visibility and actionable intelligence from more than 100 data-driven factors to enable the following: Powerful Risk Quantification Delivers real-time risk scores for all stages of cyber breaches, as well as risk visualized across four entities, including workforce, third parties, applications, and assets. Intuitive Visualization and Reporting Filters top drivers for cyber risk and anticipates financial exposure estimates, including financial remediation recommendations, with the ability to create concise board-level presentation materials. Actionable Remediation Prioritizes actionable recommendations with guided workflows to investigate and remediate the most critical issues to keep an organization secure and operations running non-stop. Zero Trust Branch Connectivity: Redefining branch connectivity for superior security and simplified management. Zero Trust Branch Connectivity delivers simplicity, scale, and superior security, dramatically reducing recurring overhead costs associated with MPLS connections for branch locations. This fundamentally new approach to securely connecting branch offices helps eliminate risky site-to-site VPNs over SD-WANs resulting in improved user, application, and data security, lowered costs, and reduced operational complexity, all while being able to significantly accelerate M&A. A new plug-and-play branch appliance will be an optional offer featuring zero touch provisioning, making installs effortless. Zero Trust Branch Connectivity enables CISOs to: Replace Site-to-Site VPNs and Costly MPLS Connections with Zero Trust Securely connecting users, services, and IoT/OT devices between branches and their application stack. Simplify Branch IT Operations Direct-to-internet connectivity to reach cloud-based applications eliminates the need to maintain complex legacy routing and reduces infrastructure. Seamlessly Integrate Collaborating Workforces Reducing time to productivity for organizations by bringing people and business applications together. Zscaler ITDR: Mitigating identity attacks with continuous visibility, risk monitoring, and threat detection Cybercriminals are increasingly targeting users for their identities and credentials. The Zscaler ThreatLabz annual Phishing Report found that most modern phishing attacks rely on stolen credentials. Zscaler ITDR strengthens the business’s security posture with continuous visibility into identity misconfigurations and risky permissions. With Zscaler ITDR, CISOs can: Quantify Identity Risk By generating a risk score to quantify and track the posture of the identity attack surface. Find Misconfigurations Discover risky configurations like GPP password exposure, unconstrained delegation, and stale passwords that open up new attack paths. Remediate Issues Understand the issue, impact, and user affected. Leverage step-by-step remediation guidance along with video tutorials, scripts, and commands. Real-Time Monitoring Get alerted to new risks and issues when configurations change. Stop Privilege Escalation Detect and stop attacks like DCSync, DCShadow, kerberoasting, and more in the event of a compromise. ZSLogin feature: Centralized login dashboard with streamlined authentication for IT processes Zscaler makes IT administrators' lives easier while elevating their effectiveness by providing the following: Centralized Authentication Ability to authenticate directly to Zscaler one time to seamlessly access all admin consoles. Centralized Entitlement Management A simple way to review all entitlements across the platform and ensure administrators receive the appropriate permissions. Passwordless Multi-Factor Authentication Support for passwordless, multi-factor authentication, increasing the strength of admin authentication that is easier to use and phishing resistant. Automated Administrator Identity Management Administrator identities can be managed using SCIM to automate the creation, entitlement assignment, and revocation of administrators based on the identity data from customer identity providers. For more information join Zenith Live virtually to hear about the latest Zero Trust Exchange platform innovations. Tue, 13 Giu 2023 21:30:01 -0700 Simon Tompson It’s Time to Reimagine Branch Connectivity Introduction So much has changed in the world of IT over the past two decades. There was a time when almost all of us did our jobs at a place of work where IT resources were provided from an onsite data center. In larger organizations, branch locations were often connected back to headquarters over a private circuit or leased line, accessing IT resources from a centralized data center. As the 2010s came along, two displacement trends started to accelerate the pace of digital transformation. First, public and private cloud applications began gaining significant traction, displacing locally installed and licensed monolithic apps. Second, software-defined wide area networking (SD-WAN) emerged, taking advantage of a more robust and performant internet to displace expensive MPLS circuits and complex traditional WAN routing. SD-WAN networks are typically built using lower-cost commodity hardware, are managed via a cloud-hosted GUI instead of CLI, and use site-to-site VPNs over the internet to create virtual private circuits. Unsurprisingly, SD-WAN took off and rapidly became the de facto means of connecting sites together, and users to their apps and services. Service providers followed the trend, placing more emphasis on selling business-grade direct internet access (DIA) services over which to run mission-critical services. Challenges with SD-WAN Extending the network using SD-WAN facilitates connectivity, but in typical deployments, it can create security challenges. Every SD-WAN appliance using the internet for transport must have a public IP address, opening up an attack surface that can be easily discovered. Then, if a breach occurs, it is easier for an attacker to move laterally through the network and between sites. Addressing these risks means deploying traditional network-based security like firewalls, intrusion detection and prevention, malware protection, and so on. What looked like a simpler, more cost-effective solution turned out to retain a lot of the cost and complexity from previous WAN solutions. Reimagining branch connectivity Fortunately, the underlying trends that helped SD-WAN gain its foothold also provide for a fresh approach to branch connectivity. Zscaler has spent the past 15 years developing its Zero Trust Exchange platform to securely connect users and workloads to their applications and services, creating session-based encrypted tunnels that can run on top of any network. This approach has made the use of client VPNs redundant, and is perfect for home workers, smaller café style branch offices, or co-working spaces where non-user devices are the concern of the building owner. Larger branch offices are more likely to be owned or leased by the organization, with a mix of in-house IT resources, as well as reliance on services at other offices, or HQ. They’re also more likely to have devices unable to run the necessary client connector, like servers, printers, and IoT/OT devices. To meet the needs of branch connectivity without relying on VPNs, Zscaler has developed the Branch Connector, a forwarder for all traffic emanating from, or bound for, branch sites, which eliminates VPNs and provides secure access via the Zscaler Zero Trust Exchange for users, servers, and devices within branch sites. Benefits Zero Trust Branch Connectivity delivers three key benefits: By eliminating VPNs, the risk of attack surface discovery/exploit and lateral threat movement is removed. A direct-to-cloud architecture removes the need to maintain complex legacy routable networks and reduces infrastructure, helping to reduce costs. A low barrier for new branch sites, M&A, and B2B. It’s now easier to seamlessly integrate collaborating workforces, reducing time to productivity for organizations bringing people and business applications together. Deploying Zero Trust Branch Connectivity The Branch Connector is deployed on-premises as either a lightweight virtual machine or – later in 2023 – a plug-and-play appliance. Its role is to manage all traffic forwarding for the branch location, using any router to relay traffic over the internet to the Zero Trust Exchange. The Branch Connector is managed out-of-band and all security policies are managed from the Zscaler portal. This makes it easy for security and IT admins to not only have the visibility they need into what’s running in the branch, but also ensure that appropriate policies are consistently applied to all users, servers, and devices at branch locations. Interested in seeing whether Zscaler Zero Trust Branch Connectivity can replace your site-to-site VPN infrastructure? Click here to learn more in the data sheet, and reach out to your Zscaler representative to ask for a demo. Tue, 13 Giu 2023 21:30:01 -0700 Simon Tompson Join us at AWS re: Inforce The next AWS re: Inforce 2023 is just around the corner, taking place June 13-14 at the Anaheim Convention Center in California. For the second consecutive year, Zscaler will sponsor this two-day security conference, where cloud security leaders and practitioners will network and learn about the latest cloud security innovations from AWS and its partners. Zscaler plans to unveil several innovations at AWS re:Inforce that will help you foster secure digital transformation and achieve cloud security. We invite you to visit our booth #776 at AWS re: Inforce to learn how Zscaler innovations can help your organization be more agile, innovative, and secure in AWS environments while maintaining compliance and optimizing ROI. Additionally, you can: Discuss your AWS security roadmap with Zscaler security experts. Work with our experts to discover how Zscaler can solve your security challenges with a comprehensive platform approach. The Zscaler team is offering mini speakers and some exciting swag just for meeting with the on-ground team during the event and booking a personalized on-site Zscaler Posture Control demo. Experience Posture Control Freemium version Secure up to 250 AWS Workloads with Zscaler Posture Control for Free with the industry’s most comprehensive CNAPP - Posture Control, free of charge as we announce the launch of the Zscaler Posture Control Freemium version. Explore the Zscaler Posture Control platform With our free, no-obligation Cloud Security Risk Assessment, you can kick-start your cloud security program. Experience the power of Posture Control, simply connect cloud accounts to Posture Control for immediate onboarding and complete monitoring. Take advantage of exclusive offers AWS customers can also visit AWS Marketplace and check out Zscaler Posture Control procurement information, offerings, and exclusive offers. Discuss and finalize exclusive offers and deals on Posture Control. Learn about Posture Control Dive into Posture Control—learn about its functionality and modules, and discover how it gives you 360-degree visibility to protect all your cloud resources. Register for the Posture Control self-guided workshop We look forward to seeing you at AWS re: Inforce! To learn more about the conference and to register visit Tue, 06 Giu 2023 08:00:01 -0700 Mahesh Nawale Reinforce Your Security Strategy with Zscaler at AWS re:Inforce 2023 For the second year, Zscaler will be at AWS re:Inforce – AWS’s primary conference focused on cybersecurity. This year, the conference will be located in sunny Anaheim, California and will run from June 13 - 14. If you plan to attend, make sure you swing by booth #766 to speak with our product experts and learn how Zscaler is best positioned to properly secure your AWS cloud environment and workloads. We’ll be providing live demos of Zscaler Workload Communications and Posture Control (CNAPP) and giving out some great swag for you to take home. We’ve also partnered with AWS, Deloitte, and Crowdstrike to host an exciting invite-only networking event at Disney California Adventure Park! You’ll be able to enjoy top-notch cocktails and gourmet bites while taking in the amazing sights and sounds of the park. Reach out to your Zscaler account team for an exclusive invitation! Additional Information Before the conference, if you want to test out Workload Communications, we have a free self-guided lab you try out in a live AWS environment. We also provide a complimentary security assessment of your AWS environment which you can sign up for here. To learn more about the conference and to register, visit We hope to see you there! Mon, 22 Maggio 2023 08:00:01 -0700 Franklin Nguyen Zscaler at Microsoft Build Conference Overview Microsoft Build is an annual developer conference (hybrid format event with on-the-ground and digital presence) that provides excellent insight into various Microsoft cutting-edge technologies. This event is designed to help developers, students, engineers, and technology professionals to learn more about Microsoft products, associated technologies, and Microsoft partner ecosystems. Taking place at the Seattle Convention Center, Washington, the Microsoft build event is scheduled for May 23rd and will end on May 25th. Pre-day workshops will begin on the 22nd. Zscaler at Microsoft Build 2023 We are proud to sponsor the Microsoft Build conference. Our theme for the Microsoft Build event this year is ‘Build, Deploy and Run Secure apps with Zscaler Posture Control’ We plan to showcase several new innovations at the Microsoft Build event. Technology Showcase We invite you to our booth #321 (third floor) and interact with leaders and experts to learn how we help to manage cyber-risks in the ever-increasing threat landscape with a platform approach. We offer exciting swag just for meeting with the on-ground team during the event and booking a personalized on-site Zscaler Posture Control demo. You may also explore Microsoft Build online. Breakout and Demo session: You can watch the Zscaler Posture Control breakout session plus demos or talk to our experts onsite Breakout session Level-Up Your Cloud-native Security - In this session, Matt Barrett and David Glading from Zscaler will explain how CNAPP with advanced risk correlation can help security teams effortlessly identify and fix critical incidents. Posture Control demos Shift-left with Posture Control: Learn about Zscaler Posture Controls' integrated approach to embed security across the development lifecycle Prioritize risk with Posture Control: Learn how to eliminate noise, uncover, and prioritize hidden risks and accelerate remediation with Posture Control Not attending Microsoft Build this year? Explore Posture Control to see how it gives you 360-degree visibility and control to protect all your cloud resources. You can also start your Free security assessment here. If you haven’t yet registered for the event you can register here. We look forward to seeing you at Microsoft Build. Fri, 19 Maggio 2023 07:07:02 -0700 Mahesh Nawale Expert Labs and Free Certification at Zenith Live ’23 Zenith Live ’23 is an unbeatable opportunity to sharpen your professional skills, build your expertise, and accelerate your career with focused in-person technical training and certification sessions. Best of all, this year, all half-day sessions and certifications are completely free with registration! Take a look at our full lineup: Free Half-Day Sessions Data Protection Workshop Develop the hands-on skills and knowledge you need to operate Zscaler solutions to protect sensitive and distributed data. SSE for Workloads in Zero Trust Environments Get hands-on experience deploying workloads to the cloud and locking them down to operate securely through the Zscaler Zero Trust Exchange. Zero Trust Architecture Certification Training Understand the need to transform to a true zero trust architecture, and discover the seven elements of an effective zero trust architecture. Prepare for the Zero Trust Certified Architect (ZTCA) exam. Zscaler Cybersecurity Services Certification Learn how Zscaler provides state of the art security to stop threats and reduce business risk for today’s hybrid workforce with a proactive, intelligent, and radically simple security architecture. Paid Full-Day Training Ready to take it to the next level? Check out our only full-day training to learn the ins and outs of our zero trust platform. SSE for Users Workshop In this instructor-led lab, learn how to deploy and configure ZIA, ZPA, ZDX, and Zscaler Client Connector (ZCC). Seats are filling up fast—save yours now Register today for these can't-miss certifications, labs, and training sessions at Zenith Live ’23! Zenith Live ’23 | Las Vegas, Nevada Register now Zenith Live ’23 | Berlin, Germany Register now Tue, 16 Maggio 2023 10:18:11 -0700 Ben Powell What's New with Zscaler Digital Experience: Greater Insights, Deeper Intelligence, Broader Enterprise Support First, a quick recap Before we unpack what’s new with Zscaler Digital Experience (ZDX), let’s quickly review how we got here. Apps, data, and employees are distributed Did you know that organizations with 250+ employees typically use more than 100 SaaS apps? And with workloads migrating to the cloud, by 2024, most enterprises aspire to have $8 out of every $10 for IT hosting go toward the cloud. As apps and data disperse to the cloud, IT teams have added additional performance monitoring telemetry to their arsenal to gain visibility across all their assets on and off the cloud. In the meantime, the workplace as we know it has changed. Today’s hybrid workforce relies on home Wi-Fi networks and local ISPs to directly access SaaS and cloud-based services. More than 63% of employees prefer hybrid or remote work. Broad cloud adoption and hybrid workplaces have put pressure on network operations, service desk and security teams. They’ve seen a 35% increase in support ticket volumes and a rise of more than 30% in service cost per ticket. Point monitoring tools leave IT teams poorly prepared Device, network, and application monitoring tools leave blind spots between the user’s device and the app, and require IT operations and service desk teams to manually export and correlate data from each tool. This lack of end-to-end visibility into digital experience forces IT teams into firefighting problems after they have been reported, versus proactively finding and fixing them. Additionally, each of these tools send numerous alerts that are often not actionable and frequently misguide teams when uncovering the root cause. Zscaler Digital Experience (ZDX) unifies monitoring silos As part of the Zscaler Zero Trust Exchange, ZDX helps IT teams monitor digital experiences from the end user perspective to optimize performance and rapidly fix offending application, network, and device issues. By securely monitoring your business’s SaaS, public cloud, and data center-based applications right from within your end user devices, Zscaler is able to present user experience insights across your organization, along with an end-to-end view on performance and availability across the entire application delivery chain. Armed with these insights: Network Operations teams can review digital experience health, detect bottlenecks across all their enterprise applications in real time, and rapidly resolve service degradation before users complain. Service desk teams have readily available root cause analysis for every user complaint, helping them quickly triage and efficiently resolve problems, and get employees back to work faster. Unveiling new capabilities for Zscaler Digital Experience As a product of continued efforts to empower network operations and service desk teams to deliver flawless digital experiences and support workforce productivity—especially within businesses where applications, data, and their users are widely distributed—we are delighted to announce the Industry’s Most Intelligent Digital Experience Monitoring solution that enables IT teams to amplify the impact of doing business anywhere. Let’s unpack the details. Maximize digital dexterity a.k.a usage with global insights Businesses thrive when employees fully and willingly use digital tools and data to collaborate and get work done efficiently. ZDX now gives you more insights to help ensure optimize performance of digital services and everything they rely on. 1. Monitor the quality of Webex meetings: Presently, you can use ZDX to monitor the quality of MS Teams and Zoom meetings to instantly isolate root causes of poor experiences, and thus ensure uninterrupted and productive meetings. With this release, we have extended these capabilities to Webex! 2. Get quarterly insights for productivity reviews: While insights that help us keep the lights on day-to-day are incredibly valuable, IT teams need to be able to review their impact periodically to celebrate successes and seek opportunities for optimization. With quarterly business review (QBR) reports, you can do just that, on a monthly or quarterly basis, and share your teams’ impact with all stakeholders. Achieve faster IT resolutions using AI Digital-first businesses, complex environments, and remote workers’ devices, when monitored for performance, generate vast amounts of data. With AI, this can produce valuable insights. 1. Automate root cause analysis: ZDX uses machine learning to accurately expose root cause by garnering information from past experiences, ensuring that IT addresses the core issues causing poor user experience, instead of just remedying the symptoms. 2. Perform AI-powered analysis: IT teams can also review what factors changed, between when user experience was optimal and when it was degraded, or a fixed point in time. 3. Automate alerts using built-in intelligence: With the multiple factors that can impact user experience, it is close to impossible to create alerts and set meaningful thresholds for every scenario. ZDX has greatly simplified alert configuration. By observing what “normal” looks like for specific users, regions, applications, devices, or networks, ZDX is automatically able to identify when anomalies occur and triggers precise alerts. No longer do admins need to routinely configure and maintain alerts. Effortlessly scale global enterprises A growing business is a healthy business. And they need to scale quickly. IT can help by quickly onboarding employees and ensure that they have great user experiences no matter their location, device, or the applications they rely on to be productive. IT environments are complex. With this release, we introduce capabilities that help implement digital experience monitoring practices more broadly. 1. Get endpoint performance insights: Desktop support teams often struggle with resolving device issues for remote workers and employees in other regions. This release adds a range of key metrics including device health, active processes for ChromeOS and Android (Windows and MacOS are already supported), and Windows OS metrics drawn from Microsoft Intune that are critical to troubleshooting device issues. Device health metrics CPU, memory, battery, disk I/O and usage, network I/O and bandwidth, Wi-Fi Process metrics Top processes and utilization across CPU, memory, disk I/O, network I/O Windows OS metrics Focus time, boot up time, crash reports, software events 2. Capture packets remotely: With 80% of performance issues in hybrid workplaces being largely caused by network problems, this gives IT teams critical information to isolate and fix these issues. 3. Monitor private apps without causing denial of service: For applications protected by Zscaler Private Access (ZPA), this release introduces web caching within the app connector thereby reducing the load on applications without impacting monitoring fidelity. 4. Get end-to-end visibility when using third-party proxies: Adopting zero trust is a journey, one where firewalls, VPNs, and Zscaler ZIA/ZPA co-exist. Now, ZDX can provide you with end-to-end cloud path performance insights across these complex network architectures and help you expose root causes for latency with confidence. See how you can use ZDX With these new capabilities, ZDX presents an even more powerful digital experience monitoring solution that can help IT teams positively impact employee experience, morale, and productivity, and as a result, business performance. To learn more about these innovations, watch our webinar, and read our technical deep dive, or request a demo! Tue, 09 Maggio 2023 04:00:02 -0700 Krishnan Badrinarayanan The Top 5 Reasons to Attend Zenith Live ’23 Join us at Zenith Live ’23 to experience the latest zero trust security innovations, hear firsthand from industry thought leaders, and take part in exclusive technical sessions. Register by May 31 to save $50 on your Full Conference Pass! Let’s count down the top 5 reasons to attend: Reason #5 Learn best practices for the latest cloud security and connectivity tools, tactics, and playbooks. Elevate your skills and knowledge to keep your organization secure and productive. Reason #4 Connect with peers, innovators, and leaders sharing real-world zero trust use cases and approaches. Plus, learn all about Zenith Community, a collaborative knowledge base for Zscaler users. Reason #3 Discover effective, concrete strategies to increase economic value, optimize technology costs, enhance user productivity, and improve your security posture—directly from real Zscaler customers. Reason #2 Take technical deep dives in expert-led training, hands-on labs and demos, and 60+ focused breakout sessions built for security, networking, and IT practitioners and leaders. Reason #1 Get certified on-site at no cost, including the new exclusive Zscaler for Users - Essentials credential. Spots are limited, so get a jump on your development before they run out: reserve your seat! With free certification training and more best practices, practical insights, and technical sessions than ever before, Zenith Live ’23 is set to be the best yet. See you there! Las Vegas, Nevada | June 13-15 Register now Berlin, Germany | June 27-29 Register now Mon, 08 Maggio 2023 08:00:02 -0700 Ben Powell Top 5 Reasons Zscaler Partners Can’t Miss Zenith Live ’23 Zenith Live is back, better than ever! As a Zscaler partner, you’ll find all the latest tools and strategies you need to stay competitive. Plus, you’ll have the opportunity to hear directly from new Zscaler Channel Chief Karl Soderlund on how we’re taking partnerships to the next level. Check out the top 5 reasons partners should attend Zenith Live ’23: Hear from visionary leaders, including Zscaler executives and guest CISOs, sharing innovations and use cases to help you accelerate your business, no matter the size of your team or the shape of our partnership. Attend our Partner Summit to learn how we're investing in your long-term growth in FY24, plus dive into the transformative power of partnership with Zscaler Channel Chief Karl Soderlund. Train with the experts in partner-specific workshops, hands-on labs, and certification sessions to elevate your Zscaler knowledge—check out AMS sessions here, and EMEA sessions here. Explore the Innovations Expo to meet other partners and sponsors in our global ecosystem, as well as discover powerful cross-sell opportunities and added-value solutions for your customers. Celebrate with Partner Awards, where our leaders and a special guest will recognize partners who have gone above and beyond in their partnership to become our Zero Trust Heroes. Register by April 30 to save $150 on Full Conference Passes with our Super Early Bird pricing. On top of that, we’re running a special partner-exclusive promotion: Enter code ZL23_EB to save an additional $100, for a total discount of $250 Zenith Live ’23 at the ARIA Resort & Casino | Las Vegas, Nevada (June 13-15, with Partner Summit on the 15th) Register now Zenith Live ’23 at the InterContinental Berlin | Berlin, Germany (June 27-29, with Partner Summit on the 28th) Register now See you at Zenith Live! Mon, 03 Apr 2023 08:00:01 -0700 Elorie Widmer Zscaler Named a Leader in the 2023 Gartner Magic Quadrant for Security Service Edge (SSE) The 2023 Gartner Magic Quadrant for Security Service Edge (SSE) has just been published and Zscaler has once again been named as a Leader in this report. SSE is the modern approach to cybersecurity that integrates Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), and Cloud Access Security Broker (CASB) into a single platform. This is the 12th consecutive year Zscaler has been named a Leader in a Gartner Magic Quadrant*. When combined with Zscaler’s recognition as a Customers’ Choice for 2022 in the Gartner Peer Insights™ “Voice of the Customer” Report for SSE (based on 411 reviews as of May 31, 2022 which yielded a 4.6 out of 5-star rating) and the only vendor to be Customers’ Choice across all eight segments of the report, this recognition further validates how we continue to raise the bar for SSE-based Zero Trust architecture. Zscaler was named as a Customers’ Choice in the 2022 Gartner Peer Insights “Voice of the Customer” report for SSE - the only vendor to receive this recognition across all eight segments We believe that our placement in the Leaders Quadrant in this report reinforces our strength in SSE. The services that make up SSE form the foundation of the Zscaler Zero Trust Exchange™, where we pioneered the first cloud-native multi-tenant, proxy-based architecture which now processes over 300B transactions daily. With the introduction of Zscaler for Users - which combines secure access to the internet, SaaS applications, private applications and CASB for users and their devices - Zscaler has led the industry by building foundational security services that make up the SSE for Users category. The SSE category has undoubtedly become more critical with the rise in sophisticated cyberattacks and as organizations and employees transition towards hybrid or fully remote work models. Kudos to Gartner for helping to guide the market evolution from point products to a platform approach for SSE for Users. With a track record of driving innovation for new markets, Zscaler has already extended SSE beyond just users. Extending SSE Beyond Users Based on 15 years of cybersecurity innovation and feedback from thousands of CIOs and CISOs, our vision is to extend SSE capabilities beyond protecting users to also include securing these three additional critical areas: SSE for Workloads - Protects workload-to-internet traffic, provides Zero Trust workload-to-workload communications, and secures cloud workload posture (CNAPP) SSE for IoT/OT - Secures IoT/OT access to the internet, and provides Zero Trust connections to and from IoT/OT systems SSE for B2B - Provides customers and suppliers with fast, seamless Zero Trust access to apps By extending the SSE platform beyond users, Zscaler has provided organizations the ability to simplify their IT operations with a comprehensive, cloud-native SSE-based platform that can protect their entire organization. In keeping with Zscaler’s overarching vision - to create a world in which the exchange of information is always secure and seamless - we’ve continued our innovation path to advance our integrated and comprehensive SSE-based Zero Trust platform. Customers Have Voted with their Wallets We believe that a key measure of success stems from the value we deliver to our customers and the trust they have in us to support them as they progress on their digital transformation journeys. We’re proud of Zscaler’s recognition and advancements in the industry, which are validated by the following proof points: 40% of Fortune 500 companies rely on Zscaler technology to protect their operations A global reach that balances our business with approximately 50% of our revenue in North America and 50% internationally An NPS score of 80+, versus an average of 30 for SaaS organizations Since the close of the SSE MQ evaluation period, we have added 300+ cutting-edge SSE innovations Empowering organizations to implement an SSE-based Zero Trust platform is what fuels our commitment to innovation. We’ve already begun adding new capabilities to protect cloud workload communications, IoT/OT access and B2B access to the Zero Trust Exchange to stay ahead of customers’ escalating security requirements. To receive a complimentary copy of the 2023 Gartner Magic Quadrant Report for SSE and see why Zscaler was recognized, please click here. *Zscaler has been named a Leader for two consecutive years in the Gartner Magic Quadrant for SSE following 10 consecutive years in the Gartner Magic Quadrant for SWG. Gartner Disclaimer Gartner, Magic Quadrant for Security Service Edge, 10 April 2023, Charlie Winckless, et al. Gartner, Gartner Peer Insights ‘Voice of the Customer’: Security Service Edge, Peer Contributors, 3 August 2022. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, MAGIC QUADRANT and PEER INSIGHTS are registered trademarks of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved. Thu, 13 Apr 2023 08:31:01 -0700 Jay Chaudhry Cybersecurity e trasformazione digitale: allineare gli sforzi per ottimizzare i risultati In un ambiente incerto e in continua evoluzione, clienti, dipendenti e investitori puntano a relazionarsi su chi sanno di poter contare, la fiducia è quindi più importante che mai. Costruire e proteggere questa fiducia richiede che tutta l’organizzazione collabori nell’offrire una visione coerente e unitaria: ma qual è oggi il valore attribuito dal Top Management al tema della cybersecurity? La cybersecurity è un processo, si compone di vari elementi, policy, processi, procedure, misure tecnologiche. Non solo chi si occupa di cybersecurity in azienda deve occuparsene, ogni persona deve essere coinvolta nel rafforzamento della sicurezza. Come viene sempre più spesso ricordato, le organizzazioni si dividono in due, chi è stato oggetto di un attacco e chi lo sarà: valutare i rischi significa tener conto sia delle vulnerabilità, sia della capacità di reazione agli incidenti. Quello che è importante fare è quindi misurare la propria resilienza e sviluppare una capacità di ripartenza dell’organizzazione per tutto quanto riguarda, in via prioritaria, i suoi servizi più critici. Per fare il punto su questi temi, si è svolta a Milano nei giorni scorsi l’undicesima edizione del CYBERSECURITY SUMMIT di The Innovation Group, il più importante appuntamento annuale dedicato ai Leader e ai professionisti della sicurezza. Un momento unico di scambio, incontro, condivisione sulle tendenze e sulle tecnologie innovative per far fronte al crescente volume di attacchi cyber. Basato sull’agenda dei decision maker e dei professionisti della cybersecurity, il CYBERSECURITY SUMMIT 2023, edizione milanese, ha affrontato quest’anno temi critici come: ripensare l’architettura di sicurezza alla luce della Trasformazione Digitale; collaborare con il Business per impostare una Risposta efficace; gestire il rischio delle terze parti e della Software Supply Chain; impostare una Security-by-design nell’organizzazione a livello di processi, persone, misure, strumenti, automazione, sapendo quali aree di resistenza sono ancora da superare. Zscaler in qualità di sponsor dell’evento, è intervenuta sul tema “Cybersecurity e trasformazione digitale: allineare gli sforzi per ottimizzare i risultati”. Il primo intervento si è focalizzato sul fatto che non esista più un perimetro ben definito per la sicurezza. Ma questo cosa significa nel concreto per le aziende che comunque devono continuare a proteggere i propri dati? Cosa cambia per il CISO o per chi in azienda si occupa di sicurezza? Nel rispondere a questa domanda è necessario considerare una duplice prospettiva: da un lato è bene considerare come l’obiettivo continui a rimanere sempre lo stesso, ovvero garantire la confidenzialità, integrità e disponibilità del dato, dall’altro però cambia il contesto in cui tutto questo viene realizzato. Non è più possibile contare su certi aspetti di sicurezza o presupporti su cui in passato si è sempre fatto affidamento, cioè una rete implicitamente sicura in grado di proteggere dati e utenti. Gartner definendo il modello SASE ci dice che occorre dematerializzare la security per portarla più vicina all’utente: il traffico proveniente dai dispositivi degli utenti viene ispezionato in un punto di presenza nelle vicinanze e da lì viene inviato alla rispettiva destinazione. In questo modo si ottiene un accesso più efficiente alle applicazioni e ai dati, il che rende questo approccio la soluzione migliore per proteggere la forza lavoro distribuita e i dati nel cloud. Tutto ciò rappresenta un cambiamento rispetto al passato quando la sicurezza ruotava intorno alla rete. Un altro grande cambiamento riguarda le policy di sicurezza elaborate ora intorno all’utente, al dispositivo e al dato secondo tre dei cinque pilastri del framework Zero Trust. Cosa cambia quindi in definitiva? Non cambia la mission ma cambia il contesto, gli obiettivi da perseguire sono gli stessi ma in modo diverso adeguato al contesto. Il secondo intervento si è invece focalizzato su cosa significhi nella realtà trasformare i concetti SASE e Zero Trust in tecnologie a protezione del business, operazione dopo tutto non cosí complessa come sembra. In quest’ottica gli aspetti da tenere presente sono tre, è opportuno infatti: preoccuparsi dell’autenticazione dell’utente garantire che il traffico passi dal servizio SASE che implica gestire: il traffico degli utenti roaming il traffico che deve andare verso Zero Trust dagli uffici definire le policy Grazie all’utilizzo di soluzioni Zero trust la rete torna a fare routing, mentre la sicurezza è garantita dal framework SASE e Zero Trust abbattendo così complicazioni non più necessarie. Fri, 24 Mar 2023 07:01:10 -0700 Marco Catino Zscaler, NACD Partner to Advance Boards’ Cyber Understanding The SEC’s intent to standardize cybersecurity reporting rules for public companies has caused business leaders to reevaluate their board communications. Board members are increasingly eager to better understand cyber risk threats to their organizations and best practices for mitigating them. Boards of directors act as fiduciaries on behalf of organizations and their shareholders, which includes the responsibility to inform and offer appropriate guidance on critical business matters. Cyber risk today falls squarely within this category. Unfortunately, there is a significant gap in cybersecurity domain knowledge. One study recently found that 90% of organizations lack even one board member with cyber expertise. This widespread need for further education is one reason I am excited to announce a new partnership between Zscaler and the National Association of Corporate Directors (NACD). Our collaboration will focus on helping board members build foundational cyber and zero trust knowledge, advance effective cybersecurity discussions between executives and boards, and promote a deeper understanding of overall cyber risk exposure. Cybersecurity risk demands increased vigilance Zscaler’s ThreatLabz team documented a 20% jump in encrypted attacks, which make up the majority of all cyberattacks, between 2021 and 2022. Hacks make headlines daily, and investors are watching. Now demand is growing for greater transparency regarding how companies mitigate this risk. The proposed SEC rule would enforce disclosure of governance methods, risk analysis, and management processes in SEC filings. Enterprise boards that were comfortable in the traditional areas of financial performance, strategy, business risk, talent, and governance are expected to expand their scope to areas such as environmental, social, and governance (ESG); diversity, equity, and inclusion (DEI); and cybersecurity risk oversight practices. This is on top of persistent macro issues like economic downturns, climate change, social unrest, and war. To guide their organization appropriately, boards now require high-level oversight on cyber risk management and threats. This represents a significant opportunity for both board members and growth-oriented IT and security leaders to step in and become trusted board advisors on such topics. Applying risk-cost-benefit analyses to cybersecurity Only a quarter of organizations today could accurately assess the financial impact of a cyber incident, a Deloitte poll recently found. This haziness about the possible consequences of a cyber incident undermines a core responsibility of boards: managing organizational risk. In cybersecurity, there is always a balancing act between absorbed, assumed, mitigated, and transferred risk. To better gauge risk exposure, board members should consider questions including: What is an appropriate level of risk exposure and tolerance? How can the board best work with executives to evaluate the cybersecurity investment balance between risk, controls, and related costs? How do I determine whether new cyber-related initiatives can provide a return on investment? Board governance of cyber risk Zscaler and the NACD have partnered to help boards build the knowledge required to lead their enterprises into the cloud-first future. Without the proper cybersecurity strategy and solutions in place, CISOs and their teams spend too much time on reactive security – plugging gaps in risk mitigation or minimizing the impact of cyber events – rather than developing strategic, comprehensive risk reduction regimes to address current and future threats. To improve outcomes, when in front of boards security leaders must stress: Cyber risk is business risk. No longer an IT-specific concern, the risk from disruptions and breaches threatens brands and their reputations, with major financial implications for organizations and their shareholders. Cybersecurity is a never-ending job. Especially given the current threat landscape, leadership must continually re-assess cyber risk. For many organizations, cyber risks are only re-assessed in case of a trigger incident (i.e., breach, disaster recovery, during M&A, a review of tech budgets). Your adversaries only need to succeed once. Cybercrime is ever-growing and ever-changing, at an unprecedented rate. Criminal groups are now well-funded. Nation-state actors (whether tacitly or explicitly government-supported) are growing in sophistication and capability, with many attacks tailored to target and harm a specific organization. These individuals only need to identify one small, exploitable weakness in an organization to gain access. Security should be proactive. CISOs and security teams must expand beyond continuous tactical defense mode to developing a whole-of-organization, strategic cyber risk solution to properly address root solutions to current and future threats. Everyone must step up. Security, privacy, risk, and compliance do not fall under specific roles in the organization; everyone must share responsibility for organization-wide reduced risk. The time to act is now Whether focused on strategy or governance, a board’s role is responsive to crisis levels. Managing cyber risk, on the other hand, requires a constant and proactive fine tuning of threat detection capabilities, risk exposure, and acceptable levels of risk. Attackers target corporations as much as they do governments, and the risks, along with the loss of a competitive edge, are too critical to leave unaddressed. Boards and CXOs must: Understand their cybersecurity strategy and how the organization’s data, users, and customers are protected in order to ensure the executive team is making decisions inline with the organization’s risk tolerance. Articulate cyber risk exposure based on data and the economic impact For boards to meet their fiduciary responsibility to their organizations, cyber risk should be a top-of-mind, continual conversation with their executive team. Zscaler believes in educating all business leaders on cybersecurity risks and taking steps to help their organizations become more secure. We are proud to partner with the NACD in advancing that aim. While we won’t be able to inject cybersecurity expertise into every board overnight, we can advance top-down cyber risk literacy through initiatives like NACD advocacy and the CXO REvolutionaries. What to read next: Navigating the New Cyber-Threat Landscape: Zero Trust Risk Measurement and Mitigation Best Practices Challenge everything, trust nothing: What boards should know about zero trust Digital architecture risk is a fiduciary responsibility of the board Cybersecurity, governance, and the implications of oversight: How your board of directors could be at risk Wed, 22 Mar 2023 10:10:47 -0700 Kavitha Mariappan Zscaler experiences no impact from SVB closure As most of you have seen in the news, Silicon Valley Bank (SVB) was closed by regulators over concerns about its solvency. While this failure has affected SVB clients, many of whom are venture capitalists and tech companies, Zscaler has not experienced any negative impact to our business operations or ability to service our customers. To provide some added context, SVB was put into receivership with the Federal Deposit Insurance Corporation on Friday, one day after its stock declined precipitously and the bank experienced a run on deposits by its customers. In simple terms, this means that a large number of SVB depositors, fearing that the bank will be unable to repay their deposits in full and on time, simultaneously withdrew their funds. Those events were triggered by SVB’s report of a $1.8 billion loss from the sale of investments and plans to raise $2.25 billion in equity capital. Although SVB had been our banking partner in the past, our current banking partners are among the largest, most stable global banks, and our deposits at SVB currently represent less than 0.1% of our $1.9 billion of cash and investments. In fact, the vast majority of our $1.9 billion is not held in bank deposits at all, but rather in extremely safe and liquid investments like short-term US Treasuries or government money market funds. Fortunately for those impacted, the US government just announced it will step in to backstop SVB depositors, with depositors having full access to their cash as early as Monday. Sun, 12 Mar 2023 18:55:13 -0700 Jay Chaudhry Take Cloud Native Security to the Next Level with Integrated DLP and Threat Intel Securing public cloud environments with tools like Cloud Native Application Protection Platforms (CNAPP) has become a top priority for InfoSec leaders. In fact, cloud security spending has increased (statistics show that the market is growing at a rate of 25.1% year over year, from $10.98 billion in 2021 to 13.73 billion in 2022¹), but unfortunately, so has the number of data breaches, with the 2021 Data Breach Investigations Report from Verizon finding that 90% of data breaches target the public cloud.² The whole point of this increased spend is to protect sensitive data in the cloud, so what’s wrong? One of the things I hear from customers several times per week is that they don’t know what sensitive data they have in the cloud and they certainly don’t know where that sensitive data resides. Unfortunately, the CNAPP solutions that they’ve invested in can’t help. While these solutions do a great job of characterizing the likelihood of an incident by correlating weaknesses and visualizing attack paths, they don’t understand the impact of the potential incident because they don’t know whether it would result in sensitive data being exposed to the attacker. In other words, most CNAPP solutions are unable to differentiate between a “critical” severity event with no sensitive data exposure versus a “high” severity event with millions of records of PII at risk. At Zscaler, our customers have repeatedly asked us to solve this problem, and that’s what is so exciting about today’s announcement. We are combining the capabilities of our comprehensive CNAPP solution, Zscaler Posture Control, with the time-tested data protection capabilities that are already trusted by thousands of organizations. Growing pains in the public cloud Cloud services like Amazon S3 Buckets, Azure Blob, and Google Storage have been widely adopted across enterprise cloud deployments and approximately 90% of enterprises³ use multiple clouds for data storage. However, data’s exponential growth poses a risk: the more data stored in the public cloud without proper controls, the easier it is for bad actors to steal them. As a result, the top challenges of securing sensitive data are now because of: CNAPP solutions that lack visibility into sensitive data: With data distributed across cloud applications and services, organizations are experiencing 10K data loss events annually.⁴ Without a deep integration of data exposure into the correlation and prioritization engine, enterprises are unable to really understand which risks are most important. Additionally, most solutions focus only on object storage, such as S3 and Azure Storage Blobs, but sensitive data, malware, secrets, and more can be found across the cloud, including in VM and container images. Too many alerts, not enough resources or context: Siloed security policies from point products yield thousands of isolated alerts, but approximately 30% of alerts go uninvestigated⁵ due to volume, context, and talent scarcity without helping the organization understand and prioritize true risk. Insecure configurations: Cloud service configurations are complex—especially in multicloud environments that lead to configuration errors or excessive permissions—and can result in high-profile exposures and compliance penalties. With these challenges in mind, here at Zscaler, we believe a new approach is needed. Introducing the industry’s most comprehensive CNAPP solution with integrated DLP and threat intel Zscaler Posture Control addresses these challenges so organizations can take advantage of the cloud without compromising on security or productivity. With the latest release, we are excited to share that we will be strengthening our Posture Control, Cloud Native Application Protection Platform (CNAPP) solution by natively integrating our best-in-class Data Loss Protection (DLP) solution and ThreatLabz threat intelligence which is powered by the world’s largest security cloud. Deep understanding of how incidents will occur and the resulting data exposure gives DevOps and security teams an unprecedented sense of where to focus their limited resources. The result? Increased security AND increased efficiency. Get the biggest return on your investments By bringing these capabilities together, security teams can get rid of siloed point products and more accurately correlate hidden risks caused by the combination of misconfigurations, threats, and vulnerabilities across the entire cloud stack. With this precision, you can eliminate alert fatigue and enable security teams to prioritize risks more effectively, allowing faster response time and greater security while being more resource- and cost-effective. In addition, embedding DLP and threat intelligence into Posture Control makes it easier for security and cross-functional teams to understand who is doing what with your sensitive data and implement tighter controls when and where needed. This tighter integration of components also allows for better cross-team cooperation across the entire application lifecycle. Key benefits: Resource and cost reduction with point product consolidation: A single, easy-to-deploy agentless solution that eliminates point products by unifying CSPM, CIEM, CWPP, and DLP, continuously securing every stage of the application lifecycle. More accurate risk identification, correlation, and prioritization: Integrated DLP and threat intelligence that identifies attack paths and detects ongoing attacks by automatically correlating seemingly low-risk signals when viewed individually but can be considered great risks when viewed holistically. Efficiency at scale: An integrated graph-based correlation and prioritization engine that expedites remediation and reduces alert fatigue by focusing on the risks that matter most. Native, end-to-end solution without silos: A solution that reduces security and DevOps silos with 360-degree in-depth visibility of risks across the entire multi-cloud footprint – including virtual machines (VMs), containers, and serverless workloads – from build to run. Summary Data breaches and sophisticated threats will continue to rise. As a result, organizations undergoing digital transformation or building new cloud apps must streamline security processes. Zscaler is committed to helping organizations address the digital transformation challenges they face in an ever-changing cloud native environment. Bringing CNAPP, DLP, and threat intelligence components together is part of that commitment. A unified, cloud native security solution like Zscaler Posture Control is designed to identify, prioritize, and remediate the most critical cloud security risks. For more information please watch the on-demand launch webinar or sign up for a free security risk assessment. 1: 2: 3: 4: 5: Wed, 15 Mar 2023 04:00:01 -0700 Rich Campagna Zscaler Announces Industry-First Cloud Resilience Capabilities The last decade has seen a massive shift in the way organizations—both big and small—have adopted cloud technologies to drive innovation and efficiency. Today, 94% of organizations use cloud services, including some mission-critical services such as user identity, security, and productivity. As the cloud security leader, Zscaler secures the traffic and data for more than 40% of Fortune 500 companies, making Zscaler a critical component of the technology stack. Organizations risk costly interruptions The benefits of cloud computing are profound, but they are not without concerns over the resilience of these mission-critical services as evidenced by the recent Interxion data center outages in London or the internet cable cuts in France. In fact, 80% of organizations have experienced some form of cloud outage in the last three years with losses to revenue, productivity, and reputation. These outages could be a result of a variety of different factors, ranging from power cuts and software issues to natural disasters or nation-state attacks. Regardless of what the cause may be, disrupting an organization's operations is unthinkable and calls for stronger cloud resilience to manage blackouts, brownouts, or catastrophic failures. Introducing Zscaler Resilience At Zscaler, we strive to delight our customers with innovations that make organizations more agile, efficient, and secure. We also understand how critical Zscaler is to our customers and make the reliability, availability, and serviceability (RAS) of our products a top priority for the company. Zscaler products have a long history of near-perfect uptime and are backed by industry-leading service level agreements (SLAs)—but we don’t want to stop there. Today, we are excited to announce the availability of Zscaler Resilience. Zscaler Resilience is a complete set of resilience capabilities that ensures uninterrupted business continuity for customers during blackouts, brownouts, and catastrophic events. It is built on the platform’s advanced architecture and enhanced by operational excellence to offer high availability and serviceability to customers at all times. Zscaler’s customer-controlled disaster recovery capabilities, in combination with a robust set of failover options, support customers’ business continuity planning efforts in all failure scenarios, making Zscaler’s security cloud the industry’s most resilient. Resilient by design Hardware systems that are designed from the ground up with over-provisioning of processing capacity and redundancy provide the foundation for high resilience. This, combined with our cloud-native, multi-tenant data center architecture and carrier-neutral connectivity, ensures that the Zscaler cloud stays resilient in the face of network or workload stresses. In addition to our resilient infrastructure, Zscaler has perfected a set of equally resilient operational processes through our experience operating our inline security cloud—the world’s largest—for over 12 years of service and counting. Agile software development, purpose-built deployment infrastructure, proactive cloud monitoring, and incident management round out a comprehensive set of operational processes to continuously innovate in the cloud. Ensuring resilience across all failure scenarios Not all failures originate in the cloud, however, and interconnections leading up to the cloud can sometimes deteriorate and degrade performance for customers. These failures can lead to other failures as simple as disk or data center outages to complete outages of the cloud in which end users have no access to applications. Fig 1: End-to-end resilience capabilities from Zscaler Many minor failures are typically invisible to the customers since Zscaler’s robust architecture and operations will autonomously handle them in the background offering uninterrupted continuity for customers. Zscaler’s resilient infrastructure can dynamically and automatically take several measures when a blackout or brownout is detected. When access to a certain data center is impacted, Zscaler mitigation efforts could be as straightforward as switching to an alternate carrier or data center provider to mitigate network issues or leaning on the over-provisioned capacity of the data center itself to support additional transient load. When using Zscaler Client Connector, automatic failover kicks in and switches traffic to the secondary gateway. An unintentional or unexpected drop in network service quality due to the brownout however can prove costly - both in terms of lost productivity and revenue, if not managed properly. When Zscaler CloudOps discovers that an upstream ISP gives suboptimal routing, we can reroute traffic through a secondary ISP while we work with the primary one to resolve the issue. In each of these cases, Zscaler’s digital monitoring solution, called Zscaler Digital Experience, has an important role to play. A drop in performance experienced by users is continuously monitored at each and every internet and network hop between the user and the application giving admins a precise idea about the problem. This then helps them intervene appropriately to select the optional routing for the traffic in a particular geo or region to ensure optimal performance for all users. Fig 2: Zscaler Digital Experience provides detailed views into network performance New industry-first capabilities enhance Zscaler Resilience Today, we are announcing three new capabilities that add to the already robust set of capabilities that are intrinsic to the Zscaler platform and make the Zscaler cloud the most resilient security cloud. Dynamic performance-based service edge selection Customers can now quickly recover from brownout scenarios that can cause performance degradation between users and applications by continuously probing the gateways for HTTP latency and autonomously establishing tunnels that choose the most optimal path for traffic. An end-to-end HTTP connection calculates the latency by continuously pinging both gateways and then making a determination. This powerful capability is now in beta and is expected to become widely available soon. Fig 3: Client Connector continuously monitors & automatically switches gateways for optimal performance Customer-controlled data center exclusion With this capability, customers have additional control to customize sub-clouds to temporarily exclude data centers that are experiencing connectivity issues and automatically regain services once it is resolved. When a customer experiences capability issues in a data center, such as a SaaS application peering issue in LAX (which could take hours to fix), that data center can be excluded from the subcloud in the admin portal. Zscaler Client Connector then fetches the new primary and secondary gateway and establishes a Z-tunnel to a new data center. Fig 4: Customers can manually exclude data centers to create custom sub clouds Disaster recovery (DR) With DR capabilities, customers can now continue to access critical internet, SaaS, and private apps even during black swan events that may lead to a cloud outage. When operating in DR mode, direct access to the internet can be restricted to only critical business apps with localized content filtering leveraging Client Connector. For private apps, customers can connect to Zscaler Private Service Edge residing in the customers’ local data center or in a public cloud, where the most updated security policies are still applied without disrupting the business Fig 5: Zscaler DR mode ensures easy switchover and uninterrupted continuity even during catastrophic failures Upon restoration of the Zscaler Cloud functionality, the product returns back to normal operation and takes full advantage of the Zscaler Zero Trust Exchange to enable the best of zero trust security and connectivity. The flexibility for the customer to determine what applications are accessed in the DR mode, combined with the ease with which the Zscaler platform switches between the DR mode and normal operations, gives the best security and user experience that is bar none in the industry. Getting started with Zscaler Resilience Cloud resilience is a topic we discuss with customers consistently, and we care about uninterrupted business continuity for all our customers. Zscaler’s complete list of resilience capabilities including one pair of Private Service Edges is included in Business (and above) Editions of Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler for Users products today, making it easy for most customers to get started now. Additionally, you can work with one of our Technical Account Managers and Customer Success managers to perform a Zscaler Resilience AuditTM of your infrastructure to identify areas for improvement and for closing gaps before unforeseen events can cause disruptions. You can read more about Zscaler Resilience on our website or in the solution brief. Wed, 01 Feb 2023 07:14:07 -0800 Harsha Nagaraju Securing a World of Possibility When I started Zscaler 15 years ago, it was founded on the vision to create a world where the exchange of information is completely seamless and secure. I set out to create an iconic company that would become a leader in its category. As part of this quest, sustainability and reducing the environmental impact has always been a part of the equation and a top consideration. I firmly believe that Zscaler is in a position to deliver immense value to society by not only protecting our customers' data and making access to the internet safer, but also by making the world a better place. I am inspired by the value we deliver every day when I meet with customers, partners, investors, and employees, which further reinforces our commitment to operate our business with honesty, integrity, and accountability. Whether it be a contribution of technology, time, funding, or expertise - we can each contribute to creating a sustainable future. I also believe that it’s within a leader’s charter to grow their business responsibly, ensuring the adherence to ethical practices and values. The importance of this commitment cannot be understated; today’s enterprises want to engage with vendors who share the same values as they do. As Zscaler continues to grow, we are committed to doing so while taking our ESG priorities into account. As a critical partner to over 6,700 global organizations, we understand first-hand that being a strong partner means holding fast to sound business practices that cultivate trust and confidence. In an effort to foster accountability and support a shared responsibility model, I’m pleased to announce that Zscaler has published its 2022 ESG Report, which details programs across the company’s global operations that impact the following areas: Environment: Efficiency has always been at the heart of our business; it’s one of the inherent benefits of the cloud-native Zscaler Zero Trust Exchange. Powered by 100% renewable energy, the Zero Trust Exchange eliminates the need for expensive and inefficient legacy architecture. In 2022, we achieved carbon neutrality for relevant greenhouse gas emissions categories, and we have set our ambitions to further reduce our impacts on the environment through a goal to reach net zero carbon emissions by 2025. Social: We are passionate about making the internet a safe place because digital security is the foundation for a more inclusive, connected, and empowered society. In parallel, our greatest asset is our people. We have grown our global team while maintaining a culture that has contributed to our success and our giving-back program supports community engagement efforts that are meaningful to our employees. Governance: We have built effective governance structures, management, and ethical business practices to create the foundation for trust and foster a culture of integrity, excellence, and innovation. Our customers rely on us to protect their business - a responsibility we take very seriously - and they need to know that we have the processes, certifications, frameworks, and accountability structures in place to deliver that level of security. Now available, Zscaler’s 2022 ESG Report provides a comprehensive update on the company’s environmental, social and governance initiatives. Click the image above to learn more. This inaugural report builds on Zscaler’s legacy of operating with strong business ethics and values, which have guided our company’s approach since the beginning. As we continue to make responsible decisions today for the betterment of our collective future, I’m excited to share this update with you. To stay up-to-date on our latest ESG initiatives, please visit our Corporate Responsibility page, and to access the full report, please click here. Tue, 20 Dic 2022 15:20:18 -0800 Jay Chaudhry One True Zero Live arriva in Europa con la prima tappa di Milano: grande successo di presenze per un evento all’insegna dell’incontro e del confronto per conoscere il vero modello Zero Trust con i professionisti di Zscaler e i loro clienti. Grande successo di presenze per la prima tappa europea del roadshow internazionale One True Zero Live che si è svolta a Milano, con l’obiettivo di educare e sensibilizzare i professionisti IT e della sicurezza alla conoscenza del modello Zero Trust. Una coinvolgente occasione di incontro ma anche di confronto per conoscere le storie di successo dei clienti, ottenere approfondimenti tecnici, ascoltare interventi e approfittare di straordinarie opportunità di networking con l’obiettivo di mostrare in che modo un vero approccio Zero Trust è in grado di trasformare la sicurezza e la connettività. La nostra visione di Zero Trust è quella di creare un mondo in cui lo scambio di informazioni avvenga sempre senza interruzioni e in piena sicurezza. Parlando con i nostri 7.000 clienti di tutti i settori, ci siamo resi conto che la globalizzazione, il lavoro ibrido e il cloud stanno portando a un'iperdistribuzione delle risorse, in cui persone, applicazioni, dati e dispositivi possono essere praticamente ovunque. Diventa quindi indispensabile in questo contesto capire che i modelli tradizionali di sicurezza della rete, come firewall e VPN, che facevano affidamento alla protezione del data center all’interno del perimetro aziendale non sono più sufficienti. Oggi le aziende, nel loro percorso di trasformazione digitale, stanno adottando diverse tecnologie - cloud, mobilità, AI, IOT e OT - per rendere l'azienda più agile e competitiva. Affinché l'azienda abbia successo, l'IT deve guidare questa trasformazione completandola con la trasformazione della rete e della sicurezza per il mondo iperconnesso, con il modello Zero Trust. Nell’architettura Zero Trust, di cui Zscaler è stato il pioniere, il concetto alla base è che tutto deve essere verificato, nulla deve essere ritenuto implicitamente attendibile; l’architettura Zero Trust verifica l’identità dell‘utente e il contesto, controlla e valuta il rischio associato alla richiesta di connessione e ispeziona il traffico alla ricerca di minacce informatiche e dati sensibili e in seguito applica policy di accesso prima di connettersi all'applicazione interna o esterna. In questo modo, si possono bloccare gli accessi inappropriati e il movimento laterale all'interno di un ambiente. Dopo un’excursus iniziale per conoscere il vero significato di Zero Trust, l’evento è stata occasione per conoscere le caratteristiche della piattaforma cloud native Zero Trust Exchange di Zscaler che assicura protezione agli utenti, ai workload e agli ambienti OT/IoT: Zscaler per gli utenti: protegge il lavoro da qualsiasi luogo offrendo un accesso rapido, sicuro e affidabile a Internet, SaaS e app private. Zscaler per i workload: protegge le applicazioni cloud dallo sviluppo all'esecuzione con lo zero trust Zscaler per gli ambienti OT/IoT: supporta gli stabilimenti produttivi affinché possano essere più intelligenti, sicuri ed efficienti In chiusura una dinamica tavola rotonda in cui ad essere protagonisti sono stati i clienti invitati a dare una testimonianza diretta della loro esperienza con l’approccio Zero Trust di Zscaler. Amplifon, Campari, Haier, Marelli e Marie Tecnimont hanno così raccontato le loro esperienze dal momento in cui le soluzioni Zscaler sono entrate in azienda ai casi d’uso attuali. Il denominatore comune che è stato piacevole conoscere è che grazie a Zscaler i nostri clienti “possono dormire sonni tranquilli” perché la soluzione è riconosciuta come completa e in grado di verificare sia come le persone si collegano sia come i dati vengono utilizzati. Il beneficio maggiormente sottolineato è stato la facilità di utilizzo e l’essere ready to use, anche in caso di acquisizioni l’implementazione delle nuove policy nelle società acquisite avviene in modo rapido, il lavoro tecnico è ridotto al minimo, quello che prima accadeva in settimane oggi è configurato in un paio di giorni: la forza lavoro è rapidamente in grado di accedere alle applicazioni ed essere quindi operativa subito. Infine, in merito alle difficoltà incontrate nell’adozione di un nuovo approccio alla sicurezza con Zscaler è stato evidenziato come spesso il peggior nemico sia l’opposizione nell’accettare la cultura del cambiamento non solo tra il top management, ma anche all’interno del dipartimento IT. Zscaler, da 11 anni leader nel quadrante Gartner, attraverso la piattaforma Zero Trust Exchange permette di rafforzare il profilo di sicurezza delle aziende semplificando l’accesso alle applicazioni, garantisce un’esperienza digitale ottimizzata alla forza lavoro ibrida, e consente di ridurre i costi e la complessità. Mon, 19 Dic 2022 09:32:20 -0800 Marco Catino Zscaler’s Entire Zero Trust Exchange Platform FedRAMP Authorized Trust is paramount when it comes to protecting federal government IT systems - from the critical data of our nation to the millions of employees and citizens accessing those systems. This is why the Federal Risk and Authorization Management Program, better known as FedRAMP, is an invaluable assessment and authorization process. The goal of FedRAMP is to make sure federal data in cloud products and services used by U.S. Federal agencies are consistently protected. Zscaler has always had the goal to help secure IT modernization of our government, and we have worked diligently over the past five years to secure FedRAMP authorization at all levels across our full portfolio. I am proud to share a new milestone for Zscaler - with Zscaler Private Access (ZPA) now authorized at the moderate level, our entire Zero Trust Exchange platform suite of solutions is FedRAMP authorized at both moderate and high levels. You can read the press release here. FedRAMP authorization is a rigorous process to give agencies assurances around confidentiality, integrity and availability. FedRAMP high authorization is based on 421 controls in these three areas and 325 controls for FedRAMP moderate authorization. Zscaler has committed to successful FedRAMP authorizations to help Federal agencies, the Department of Defense (DoD), and intelligence organizations strengthen cyber defenses using Zero Trust to secure their users, secure their workloads and secure their IoT/OT. Government is making great progress with digital transformation at the same time that new vulnerabilities continue to surface. The attack surface has expanded and become more complex, making it harder to protect. Zscaler is leading the effort to implement Zero Trust solutions with the first and only Zero Trust Architecture and SASE platform to be offered end to end at both moderate and high baseline. ZPA in action Government agencies are transitioning private applications that once ran solely in the data center to public clouds. At the same time, they are searching for ways to enable productivity as users work from anywhere and on any device. ZPA is a cloud-delivered zero trust service that uses a distributed architecture to provide fast and secure access to private applications running on-premise or in the public cloud. ZPA applies the principles of least privilege to give users secure, direct connectivity to private applications while eliminating unauthorized access and lateral movement. When a user (employee, third-party contractor, or customer) attempts to access an application, the user’s identity and device posture are verified to provide a seamless user experience whether the user is remote or on-premise. In addition to ZPA achieving FedRAMP Joint Authorization Board (JAB) High Authority to Operate, the Department of Defense granted ZPA a Provisional Authorization to Operate (P-ATO) at Impact Level 5 (IL5). Government agencies and their contractors are able to use ZPA for systems that manage their most sensitive Controlled Unclassified Information (CUI) as well as unclassified national Security Systems (NSSs). ZPA delivers a central platform that gives IT control over application access As more private applications move to public cloud environments such as Amazon Web Services, Azure and Google Cloud Platform, access must be secured through the internet. With ZPA at the Moderate and High Baseline levels, agencies can provide secure and consistent access regardless of where an application is running, remove the need for the VPN gateway security stack or back-hauling traffic to the Trusted Internet Connection (TIC) before going out to the cloud, and accelerate application migration through rapid deployment and a seamless user experience. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE), a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including Zero Trust, and met TIC 3.0 use cases. ZIA Improves security controls – Keeping IT focused on innovation with TIC in the cloud per the President’s recent Executive Order Another core solution of the Zero Trust Exchange, Zscaler Internet Access (ZIA) – Government (Secure Web Gateway – vTIC)™ is a multi-tenant Cloud Security Platform known in the government that meets the Cybersecurity and Infrastructure Security Agency (CISA) TIC 3.0 guidelines. It has been the market leader as agencies work to meet modernization goals of shared services, mobile workforce enablement, improved FITARA scores, and more. Zscaler powers the shift to a modern, direct-to-cloud, Zero Trust architecture, regardless of device or user location. Federal IT leaders can improve on the who, what, where, when, and how they see, protect, and control user traffic to the internet by moving TIC security controls and other advanced security services to a cloud platform. The goal: immediate remediation on a global scale. This approach offers agencies global internet access and peering with FedRAMP-authorized applications. In addition, agencies can capture extensive log/telemetry data and store all agency data on U.S. soil with citizen-only access. Agencies can also provide the telemetry data to CISA’s Cloud Log Aggregation Warehouse (CLAW). With ZIA at the Moderate and High Baseline levels, agencies have access to global TIC or more secure U.S.-only TIC solutions. Achieving a Zero Trust model with the Zscaler Zero Trust Exchange for all Through our Zero Trust exchange and FedRAMP high and moderate solutions, all Federal agencies can achieve the Zero Trust goals mandated in the Cybersecurity Executive Order and implement CISA’s TIC 3.0 guidelines. Most agencies will need to approach Zero Trust in bite-sized chunks, setting priorities based on their unique needs. Check out our Zero Trust Playbook for prescriptive guidance on key steps that can be taken over time, leveraging a security ecosystem to achieve the end goal of Zero Trust. Zscaler is committed to helping agencies accelerate modernization securely, and has invested heavily to meet the unique requirements of our government. Over the last five years we have built a compliance program, launched an entity dedicated and focused on the needs of our US government (Zscaler US Government Solutions), and continued to build on our commitments to the NIST National Cybersecurity Center of Excellence (NCCoE), the Advanced Technology Academic Research Center (ATARC) Zero Trust working groups, and the American Council for Technology-Industry Advisory Council (ACT-IAC). Now we have also achieved FedRAMP authorizations at all levels across our full portfolio, emphasizing the importance of public and private partnerships to better protect our nation's critical assets, and giving our government customers the flexibility to choose the best solution to meet their needs. Visit our Zscaler US Government Solutions page for more information. Wed, 30 Nov 2022 05:05:09 -0800 Kumar Selvaraj Zscaler Debuts Zero Trust Certified Architect (ZTCA) Program to Address IT & SecOps Skills Gap An increase in large-scale cyber attacks has driven widespread interest for organizations to migrate to a Zero Trust architecture. A Zero Trust architecture is a new, clean architectural paradigm - one that is built to reduce a network's attack surface, prevent lateral movement of threats, and lower the risk of a data breach. This new Zero Trust architecture is based on the core tenet of Zero Trust, in which implicit trust is never granted to any user or device. The Zero Trust security model puts aside the traditional "network perimeter" built with firewalls and VPNs - inside of which all devices and users are trusted and given broad permissions by putting them on a routable network. A Zero Trust architecture eliminates the biggest problem associated with routable networks - lateral threat movement - by preventing access to the network, period. As Zero Trust became popular, the term was hijacked, with every vendor claiming to have a Zero Trust architecture. This is causing widespread confusion for customers and partners. A Zero Trust architecture is a new architecture, and cannot be bolted onto a traditional legacy-based approach. While it’s becoming more widely understood that legacy network-based firewall and VPN models simply cannot protect today’s modern cloud-first and hybrid working enterprise, one of the major pain points that IT and security operators are facing today is a skills gap, both in terms of (a) understanding what is true Zero Trust and how it contrasts with a legacy firewall and VPN-based approach, and (b) learning how to actually implement a Zero Trust architecture. Modern security teams need a specialized set of skills - one that isn’t based on 30 years of legacy networking and security principles - in order to address today’s cloud-first security requirements. To provide the necessary skills required for network and security professionals interested in building a holistic security approach based on Zero Trust principles, Zscaler is introducing the Zero Trust Certified Architect (ZTCA) program. This advanced certification program is designed to provide a comprehensive overview on the fundamentals of a Zero Trust strategy along with practical guidance for the planning, design, implementation and maintenance of a Zero Trust architecture. The course follows NIST’s Zero Trust guidelines, and directly compares and contrasts a Zero Trust architecture with the legacy routable networks and firewall- based approach. We’ve designed the course to help the learner be clear on the pitfalls of a legacy-based architecture, and understand how to implement true Zero Trust. Developed to be relevant and useful in today’s dynamic security environment, the curriculum features custom content that specifically addresses the needs of modern enterprises to secure their hybrid workforce and cloud-based data, applications, and workloads. When I speak with CXOs, they always tell me that the “people element” is the most important part of any digital transformation journey. And it’s no secret that the competition for talent within the IT and security industries continues to be fierce, so we’re pleased to be able to provide a means for network and security professionals to differentiate themselves, while acquiring the necessary skills to lead their organizations’ secure digital transformation. For more details on this exciting new certification program, please visit the ZTCA site. Mon, 14 Nov 2022 17:08:20 -0800 Jay Chaudhry Celebrating 15 Years of Innovation This year, I’m thrilled to celebrate Zscaler’s 15th anniversary. When we first started the company in 2007, I knew that we had a real opportunity to transform the security industry, especially in light of enterprises’ migration to the cloud - we had a bold idea, bright minds, a solid business plan, and the conviction to make it work. But the journey was not without risk, nor was it always easy. Like many companies, we had our own share of growing pains, but we also shared many moments of discovery, camaraderie, excitement, and accomplishment. These moments are now woven into the fabric of our company’s DNA and are truly what makes me proud when I reflect on how far we’ve come. Fifteen years ago, we signed The Arc Mid-Hudson, as our first, and now longest-standing, customer. They are a not-for-profit organization in New York State dedicated to supporting individuals with intellectual and developmental disabilities and they were looking for a cloud-native security solution that would allow them to provide secure connectivity to employees, while maintaining client data integrity and adherence to strict healthcare compliance mandates. I still remember the excitement we had over winning the account and how great it felt to know that Zscaler technology would be helping them to better serve their community. Today, The Arc Mid-Hudson is still a Zscaler customer and they’re leveraging the power of the Zscaler Zero Trust Exchange to support its transition from a site-based human services provider to a remote and highly mobile service model. The first Zscaler solution slide that was created in 2007 is still relevant today. Since then, we have kept the same focus and mission. It’s extremely satisfying to know that there are customers who have been with us since the very beginning. These relationships are built on trust, openness, and an exceptional level of service. Customers have the confidence of placing their most precious data assets in our care and that’s a responsibility that we take to heart each and every day. It’s what motivates me to continue to develop and deliver solutions that improve our customers’ security posture. Our success as a company heavily depends on our commitment to our customers and we never lose sight of that. Among our current workforce are employees who have been with the company since the very beginning. Recently, we came together to reminisce about how it all started and I jotted down a few memories which I thought really captured the sentiment and entrepreneurial spirit that underpins our company culture today: “It was during dinner at Jay’s house when he first proposed the idea of a cloud security platform. After we spoke, I was so convinced that this is the future, but the problem wasn’t easy to solve from a technology standpoint and it hadn’t been done. After four months of development, discussion and lots of trial and error, it seemed that we had a viable solution.” - Kailash Kailash, Zscaler Co-Founder “Kailash called me up, explained the concept, and suggested we do a workshop and start building something. To be honest, I wasn’t overly convinced that it would work, but Jay was always very clear in his vision of using a cloud-native architecture and that we were not going to build an on-prem solution. The team had conviction, which always kept me motivated.” - Srikanth Devarajan, early Zscaler employee “I think I was at the right place at the right time and I feel fortunate to be a part of this amazing journey. The passion of the founders was inspiring and the early team was very close. We were doing agile development before it became an industry-wide practice, so it was exciting to pioneer new methods while developing new capabilities at a lightning pace. We had the best time!” - Siva Udupa, early Zscaler employee “The time has gone by really fast. I still remember the early morning voice calls with Jay and the software teams, discussing a new feature to implement. By the end of the day, the feature was ready and the process started again the next day. We created our own agile methodology, but it was very exciting!” - Pratibha Nayak, early Zscaler employee The past 15 years has been quite a remarkable journey - what started out as an idea has grown into a company that’s generating in excess of $1B in revenue and is a recognized industry leader in cloud security. As a company, Zscaler has driven growth and innovation that’s constantly adapting to the changing security landscape and our customers’ evolving needs. I couldn’t be prouder of all of our accomplishments to date and I’m looking forward to another 15 years. To see a timeline of notable technology triumphs and significant company milestones, please click here. Thu, 03 Nov 2022 18:12:51 -0700 Jay Chaudhry Come Visit us at AWS re:Invent 2022 Zscaler will be at AWS’ premier conference from November 28 through December 2. The conference, located in Las Vegas, is one of the leading technology conferences focused on cloud computing. At the conference, you can visit and chat with Zscaler experts in the Expo at booth #118. There you can learn how you can Secure Your Workloads from build-time to runtime using Workload Communications and Posture Control. In addition, at AWS re:Invent you can View live demos that showcase the benefits and capabilities Zscaler for Workloads can deliver to your organization Have one-on-one meetings with Zscaler product leaders Listen to our talk, Zero Trust CNAPP and cloud workload protection with Zscaler, at the Lightning Theater 1 on November 28th at 6:25PM PST Grab some amazing swag to take home To learn more, please visit our registration page. We hope to see you there! Wed, 02 Nov 2022 20:37:01 -0700 Franklin Nguyen Zscaler: Celebrating 15 Years of Innovation Zscaler started in 2007 with an idea: transform cloud security in ways we never thought possible. Fifteen years later, with numerous industry firsts, notable technology triumphs, and significant company milestones throughout our history, Zscaler is in the perfect position to support our customers as they continue their digital transformation journeys. We’re beyond excited about the future. Join us as we celebrate 15 years of innovation. Learn more about Zscaler Join the team Wed, 26 Ott 2022 20:07:00 -0700 Jay Chaudhry Thank You and Best Wishes to my Dear Friend, Amit I am both saddened and pleased to announce that Amit Sinha has decided to pursue a CEO role at a private company. I would like to thank Amit for his contributions to Zscaler in various roles over the past 12 years, most recently as President of Zscaler. I met Amit in early 2005 when I was running AirDefense and CipherTrust in Atlanta. From my first meeting, it was clear to me that this young engineer with a doctorate from MIT and a bachelor’s degree in electrical engineering from IIT was not only a brilliant engineer but had great business acumen. Amit joined me at AirDefense as its CTO and our friendship and partnership continued to grow. He joined me at Zscaler in 2010 at its very early stage to incubate security for mobile devices. I’ve enjoyed watching him grow as a leader and lead multiple functions to help Zscaler grow into the market leader in cloud security. I am pleased that Amit will remain on Zscaler’s Board of Directors as a trusted advisor and strong supporter of Zscaler. Over the next few weeks, Amit will work with us to transition his roles and responsibilities. Amit has been a dear friend and collaborator of mine for over 17 years. While I am sad to see him move on; it is a fact that great companies produce the next generation of CEOs who go on to change the world. We will miss Amit and wish him well. Mon, 10 Ott 2022 13:29:25 -0700 Jay Chaudhry Zscaler Acquires ShiftRight I am pleased to announce Zscaler’s entry into security workflow automation with the acquisition of ShiftRight, a leader in closed loop security workflow automation. As a result, ShiftRight’s technology is being integrated into the Zscaler Zero Trust Exchange cloud security platform to automate security management, providing a simple solution that will dramatically reduce incident resolution times. In my discussions with enterprise CIOs and CISOs, a pressing issue for their IT and security teams is not having enough time and resources to respond to and determine the severity of all security incidents. This results in not meeting SLAs, contentious relationships between security and business stakeholders and, most importantly, it introduces major risks to the business when critical security issues fall through the cracks. This challenge is further compounded by the complex and distributed nature by which security is commonly implemented within organizations; that is, while security teams are held accountable for the vast majority of security-related tasks, they are often not directly responsible, which causes confusion, miscommunication, delays and inefficacy. ShiftRight’s technology uses analytics, telemetry data, and intelligence to automate security incident tracking to establish clear lines of responsibility, provide real-time visibility, and foster collaboration amongst teams. ShiftRight’s technology enables: High-level visibility of issues and detailed views for more granular reports Improves efficiency by identifying and assigning teams responsible for resolving a security issue and automatically creating tickets Efficient communication with the various stakeholders to ensure accountability Close tracking of team progress to resolve issues end-to-end As I’ve said before, implementing new security tools is easy relative to changing organizational behavior, but I believe that the integration of ShiftRight’s technology into Zscaler’s portfolio will influence positive organizational change, while strengthening the security posture of our customers. We’re excited to welcome the ShiftRight team to the Zscaler family and I look forward to working with them to drive continued innovation in the security workflow automation space. For more details on the acquisition, please see the news release here. This message includes forward-looking statements. See important information here. Thu, 29 Set 2022 12:54:21 -0700 Jay Chaudhry Zero Trust for Healthcare Cybersecurity has become a strategic imperative for healthcare organizations. Data breaches increased 650% in 2021 and the associated costs increased 29.5%. The rising adoption of telehealth, a mobile workforce, and the emergence of connected medical devices have all contributed to expanding cyber risk, complexity, and cost. As with many critical industries, healthcare delivery is undergoing a digital transformation. Fast and secure access to cloud resources is required, and Zscaler helps securely migrate from on-premises network infrastructure to the cloud using zero trust principles. Trusted by some of the top healthcare systems around the world, Zscaler has now invested in a dedicated practice to help our nation's healthcare systems better protect their data and improve patient outcomes. Check out our new Zscaler for healthcare page for more on how we can help solve the challenges that are unique to health systems today. How can zero trust reduce the threats to your healthcare organization? Let’s look at four key areas: ransomware, infrastructure cost, new care models, and work-from-anywhere user experience. Ransomware The adoption of telemedicine, cloud, and IoT have created new avenues for bad actors to gain access to valuable healthcare data and systems. According to a recent report from the Ponemon Institute, 89% of healthcare organizations surveyed experienced cyberattacks in the past 12 months, with an average total cost for the single most expensive cyberattack at $4.4 million. Further, an average cost of $1.1 million was lost in productivity as a result of these attacks. Zero trust is a highly effective strategy for combating ransomware attacks. The most practical way to keep hackers out of your network is to eliminate the attack surface. If it’s not reachable, it’s not breachable. Zscaler restricts malicious access to a healthcare system’s network by making the internet the network for digital work, or extending the service to your on-premises environment securely. The resulting decrease in attack surface has been proven to reduce the number of malicious attacks by more than 50%. Infrastructure Cost Healthcare organizations must make considerable investments in IT systems at a time when the very care models themselves are evolving. Hybrid cloud architectures are becoming the new standard and extensive industry consolidation is resulting in business and clinical applications migrating to the cloud to improve efficiency and reduce administrative costs. Zscaler helps healthcare organizations connect branches, clinics, care centers, and clinicians to the internet by leveraging multiple network connection types. This optimizes application traffic routing and performance while reducing WAN costs and network operational expenses. Zscaler helps ease this transition by allowing existing systems to remain in place while providing a more secure way to access them. Healthcare mergers and acquisitions (M&A) volume was up 16% in 2021 and the outlook for 2022 is strong. M&A are challenging for IT as the IT team is responsible for ensuring appropriate connectivity to applications and the security of sensitive data while consolidating complex legacy networks and security infrastructure. Zscaler customers experience up to a 70% reduction in overall infrastructure costs and reduce M&A integration timelines from months to weeks. Care-From-Anywhere Healthcare is transitioning to a more accessible model. An “omnicare” or care-from-anywhere approach combines telehealth, in-office visits, remote monitoring, and other modes of treatment to make healthcare more efficient, effective, and affordable. With data dispersed across many different platforms, protecting it is a massive challenge. Add in the increasing number of endpoints created by the internet of medical things (IoMT), and healthcare organizations are finding themselves at risk from extensive unpatched vulnerabilities. The FBI issued a Private Industry Notification on September 12, 2022 that declared that unpatched and outdated medical devices provide cyberattack opportunities. More than 53% of connected medical devices and other IoMT devices in hospitals had known critical vulnerabilities. Leaving such devices insecure makes the entire healthcare facility vulnerable to cyberattacks, endangering patient health and worker safety. The Zscaler Zero Trust Exchange helps healthcare organizations secure and simplify the connectivity brought on by this expanding healthcare model, allowing new applications and devices to be easily added to the enterprise. Customers can increase bandwidth by more than 100%, achieve 99% application availability, and see a 100% reduction in network outages. Work-From-Anywhere Healthcare organizations are increasingly adopting new and innovative approaches to respond to staffing constraints, including the ability to work remotely. A 2022 MGMA Stat poll found that 59% of medical group practices have shifted workers to permanent remote or hybrid work in the past year. This dramatically increases the number of devices connecting to and from your network, potentially expanding the attack surface and opportunities for bad actors. In addition, traditional security architectures require a user to access the network through a VPN with all data backhauled through the data center, creating latency and a poor user experience. Zscaler provides a secure work-from-anywhere experience, enabling access to applications from any location, on any device. Only the right users get access to the right information and systems when they need it. The Zero Trust Exchange provides the ability to decrypt and inspect 100% of all SSL/TLS traffic at scale, keeping data secure at every step and improving employee productivity by up to 80% with near-zero latency. Data Protection Transformed Ransomware, data breaches, and careless user behavior put your data in harm’s way. Zscaler is announcing industry-first innovations that revolutionize how organizations classify and protect data. Join us on Tuesday, October 18 for Zscaler’s Data Protection Transformed event to see how to solve today’s most difficult data protection challenges. Zscaler is trusted by some of the largest healthcare organizations in the world to secure their users and applications. From HIPAA compliance to securing connected medical devices and remote employees, Zscaler sets the standard for digital transformation. Contact us today for more information or to see a live demo. And follow our Zscaler for Public Sector LinkedIn page for regular updates. Thu, 22 Set 2022 15:33:05 -0700 Ian Milligan-Pate New Learning Experiences to Drive Success - September 2022 I am a firm believer that Zscaler enables companies to complete their secure digital transformation journey and achieve enterprise-wide zero trust. We’ve built the best in the business, no question about it. However, customers can only complete this journey and reach their goals if they fully leverage and adopt all our platform has to offer. No matter how great our products and teams are, this adoption doesn’t happen magically. It takes focus and investment in time from our customers. Getting administrators, engineers, and architects through the right training at the right time can make all the difference in an organization's success with Zscaler and, ultimately, their ability to achieve secure digital transformation. But customers don’t have to go on this adoption journey alone. Zscaler has built engaging, relevant, world-class learning experiences for our partners and customers that will provide the support, tools, and resources they need to learn and adopt our platform. As a result of our efforts, we have several big announcements today: 1. Zscaler Academy & Customer Success Center - Starting September 15, customers will have access to a new centralized resource hub–the Customer Success Center, and a new learning management system, Zscaler Academy! We launched a new learning platform to partners in March 2022 and now we are extending that amazing experience to our customers. Customers will also have access to Zscaler Ascent, our gamification platform, allowing them to collect points for learning activities and redeem them for prizes. 2. New ZIA Administrator Learning Path and Certification - Also on September 15, both customers and partners will have access to new ZIA Administrator eLearning and a corresponding certification exam. This content explores the ZIA product with helpful scenario-based demonstrations and hands-on practice activities. The content will prepare learners to take the all-new ZIA Admin Certification Exam. This content and exam will take the place of the ZCCA-IA certification. All existing certifications will remain valid until their expiration date (3 years from completion date). As a part of this new content release, we are archiving our TAC and Security Specialist courses. The content from these courses will be rolled into the new administration content. Learners who have already started the courses will have until Dec 31, 2022 to complete the course and the exam. Specializations will continue to be honored until their expiration date. 3. eLearning Now Included for Zscaler Customers - EDU Credits for Exams, Labs, and Advanced Content - Our priority is to ensure customers have what they need to be successful on their journey to zero trust. Starting September 15, all customers will have unlimited access to core eLearning with any active Zscaler product subscription. To simplify things, we have combined lab credits and eLearning credits into a single Education (Edu) Credit and customers can use these credits to purchase live training, labs, and select advanced eLearning content. Customers can purchase EDU credits as separate items or as part of their deployment packages with Zscaler. Customers can also redeem the newly-launched Professional Service Credits for EDU credits at a 1:1 ratio. 4. Increasing Certification Security - To ensure certifications maintain their integrity, we are changing the number of exam attempts per enrollment from unlimited to three. This means customers and partners who enroll in an exam will have three attempts to pass that exam. If they do not pass they can email [email protected] for support. 5. Introducing Zscaler Academy Release Notes - We know our customers and partners have a lot to balance on a daily basis. To make it easier to find and reference changes to Zscaler Academy and our learning programs, check out the new Zscaler Academy Release Notes page available from the Help section on the Partner and Customer Academy sites. We are excited for our customers and partners to explore the new tools at their disposal to learn and grow with Zscaler, and we are eager to hear your feedback. Please email [email protected] with any comments, questions, or concerns. Happy learning! Thu, 15 Set 2022 11:59:29 -0700 Rick Kickert Join Zscaler at CrowdStrike Fal.Con 2022 Zscaler is thrilled to be a Diamond Sponsor at CrowdStrike Fal.Con 2022, coming up September 19–21 in Las Vegas. This year at Fal.Con, you’ll have the opportunity to be among the first to hear about our newest integration with CrowdStrike as well as attend any of our three speaking sessions to hear more about the Zscaler and CrowdStrike partnership. Visit our booth Drop by Booth #1607 to see our various integrations with CrowdStrike. See for yourself why more and more customers are choosing the combined technological advancements of Zscaler and CrowdStrike to protect their users and applications. Hear from a joint Zscaler and CrowdStrike customer Featured Session - Architecting and Accelerating your Zero Trust Strategy | Sept. 20, 2:30 p.m. Together, Zscaler and CrowdStrike offer an integrated end-to-end security solution that simplifies zero trust adoption for IT teams. Join this breakout session to get firsthand technical advice from industry leaders on architecting your zero trust transformation, and walk away with a complete view of how to seamlessly integrate our best-of-breed platforms. Speakers include: Alex Borhani, Deputy CISO, CSX Amit Raikar, VP of Alliances, Zscaler Chris Kachigian, Sr. Dir., Global Solution Architecture, CrowdStrike Listen to insights in the CrowdXDR Alliance Panel Executive Panel on Cybersecurity Transformation | Sept. 20, 3:30 p.m. Ransomware attacks have risen dramatically alongside the shift to remote work, and they’re showing no signs of slowing. Join this CrowdXDR executive panel to hear from Zscaler, CrowdStrike, ServiceNow, and World Wide Technology (WWT) on ways your organization can fight back against adversaries, what trends to keep an eye on, and how to leverage best-of-breed technologies to protect your users and data. Learn the best place to start with zero trust Building the Economic Rationale for a Zero Trust Transformation | Sept. 20, 11:30 a.m. Zero trust is more than just a buzzword—today, it’s a driving force in the security community. Even so, organizations of all sizes struggle with where or how to start. For many security leaders, securing budget and getting technological consensus from their staff is a major hurdle. However, most leaders agree that building a strong business case is a key first step. In this session, Zscaler business value experts will walk you through how to build a business case for your internal stakeholders with customizable and quantifiable outcomes that match your organization's goals and IT environments. Grab a T-shirt Be sure to pick up your free Fal.Con shirt at check-in! See you there! To learn more about the event and schedule a meeting with Zscaler experts today visit our Zscaler at CrowdStrike Fal.Con 2022 page. Mon, 12 Set 2022 08:00:02 -0700 Jason Lee Zscaler is a 2022 Customers’ Choice in the Gartner® Peer Insights™ “Voice of the Customer” Report for Security Service Edge We are excited to announce that Zscaler has been recognized as a Customers’ Choice vendor for 2022 in the Security Service Edge (SSE) category on Gartner® Peer Insights™. This distinction is a recognition of vendors in this market based on feedback and ratings submitted by hundreds of verified end users of our products for an 18-month period ending on May 31, 2022. Overall, reviewers gave us a 4.6 out of 5, (based on (411 reviews as of May 31, 2022) with 93% saying they would recommend Zscaler. In addition, Zscaler was named as a leader in all eight segments in the accompanying “Voice of the Customer” Report for SSE, the only vendor to get this recognition. These recognitions are based directly on unbiased feedback from our customers - the people we’re here to serve - therefore, we believe these recognitions serve as further validation that we are creating security solutions that fit the needs of modern enterprises around the world. The Gartner Peer Insights Customers’ Choice distinction is based on both the number of reviews and the overall user ratings. To ensure a fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate. Here are some comments from customers: ● “This is something I appreciate; it's a terrific method to be entirely compliant. The Zscaler Internet Access Platform is a dedicated SSE solution that focuses on risk mitigation, reliability, and scalability to allow us to deliver our users secure access to our applications while keeping them secure.” – Program Director, Services ●“I have used Zscaler services at multiple companies. The usage of Zscaler truly enables work from anywhere while offering the same security benefits of being in the office. It is a powerful enablement tool for your workforce regardless of location, and simplifies the consumption of cloud based services.” –Associate Director, Network Architecture, Aerospace ● “We have been using ZIA for over a decade now. The capability of the product has only seen upward thrust. We have also subscribed for ZPA since its inception for zero trust capabilities and it’s truly fulfilling. ZDX capabilities are assisting us to troubleshoot EUCI issues during the work-from-home scenarios. Support services and customer focus are overwhelming. Overall, we are very satisfied with Zscaler.” – Enterprise Architecture and Technology Innovation, IT Services You can read more Zscaler reviews here. To all of our customers who submitted reviews - thank you! Your feedback helps us create better products and fuels our drive to keep on innovating. We are committed to earning the trust and confidence worthy of this distinction. To learn more about Gartner Peer Insights Customers’ Choice, or to read the product reviews written by the IT professionals who use them, please see the Security Service Edge page on Gartner Peer Insights. If you have a Zscaler story to tell, we encourage you to join Gartner Peer Insights to share your experiences. GARTNER is a registered trademark and service mark, and PEER INSIGHTS is a trademark and service mark, of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose. Wed, 07 Set 2022 08:00:01 -0700 Jay Chaudhry Experience your world secured with Zscaler at Black Hat 2022 It’s that time of the year again! Security folks from near and far are gathering in Las Vegas – or making their presence known virtually – for Black Hat to network with peers, learn about the latest security research and threat trends, and check out new innovations. As a proud sponsor of Black Hat 2022, we’ll be there, will you? This past year, the ThreatLabz team has seen a massive uptick in cyberattacks and the use of illusive techniques. Ransomware attacks aren’t going away. In fact, we’ve seen an 80% increase year-over-year with bad actors jumping on the bandwagon with multi-extortion demands, increasing the pressure on companies to pay up. Part of the reason ransomware threat actors are so effective at delivering attacks is because we’ve seen an increase of 314% threats being delivered over HTTPS, an encrypted protocol intended for secure communication. At Zscaler, we are purpose-built to prevent ransomware from the start and stop even the stealthiest attacks. Visit Zscaler at booth #872 in-person or virtually August 10 and 11 to check out our latest innovations and chat with our Zscaler experts and partner presenters. Discover why Zscaler customers trust the world’s largest security cloud to protect their organizations while reducing the attack surface, preventing cyberthreats, eliminating lateral movement, and stopping data loss. How a Zero Trust Architecture Protects Against Ransomware A CxO Fireside chat featuring Zscaler’s Amit Sinha, Patrick Foxhaven, and Deepen Desai Register for this session via the Black Hat attendee portal. In addition to our virtual speaking session, stop by our booth (#872) for nonstop fun from Zscaler experts and partner presenters. Already a customer? Stop by for your free gift! We’re giving away custom MuteMe buttons to customers who visit our booth and exclusive shirts when you sign up for the Zenith Community during the event. Want to meet onsite? Zscaler will have executives and product specialists ready to meet with you and answer your questions. Book a one-on-one meeting with us using the form on our Black Hat event site. See you there! Make sure to follow Zscaler on Twitter and LinkedIn for live updates from the show and to stay updated on all things #ZeroTrust. Visit our Zscaler at Black Hat event microsite to grab details on our virtual speaking session, in-booth presentations, and featured research and partner content. Mon, 01 Ago 2022 12:25:49 -0700 Amy Heng ZIA Achieves Zero Trust Security-as-a-Service FedRAMP High Authorization I am proud to share that the FedRAMP Joint Authorization Board (JAB) has announced that Zscaler Internet Access (ZIA) achieved High Authority to Operate. This federal government certification represents the first-ever Secure Access Service Edge (SASE) Trusted Internet Connections (TIC) 3.0 solution to achieve FedRAMP’s highest authorization. ZIA now meets the stringent requirements of civilian agencies with high security requirements, as well as Department of Defense (DoD) and intelligence organizations. Given that JAB only selects a limited number of cloud services for review each year based on government-wide demand, our selection validates the strength of our solution and demonstrated ability to help Federal agencies, the Department of Defense (DoD), and the Intel community strengthen cyber defenses using Zero Trust. We’ve seen tremendous digital transformation progress in government over the past few years, and with this transformation, new vulnerabilities are also on the rise. The attack surface is bigger, more complex, and harder to protect. Zscaler is leading efforts to implement Zero Trust solutions across our patented Zero Trust Exchange to make cloud environments safer across Federal Civilian agencies, the DoD, and the Intelligence community. This milestone builds on our announcement that Zscaler Private Access (ZPA) achieved DoD IL5 and more recently, Zscaler’s Digital Experience (ZDX) service achieved FedRAMP authorization. With these achievements, the Zscaler Zero Trust Exchange, which includes ZIA and ZPA, can secure the U.S. government’s data at the moderate and high impact levels. ZIA in action Zscaler Internet Access – Government (Secure Web Gateway – vTIC)™ is a multi-tenant Cloud Security Platform known in the government that meets the Cybersecurity and Infrastructure Security Agency (CISA) TIC 3.0 guidelines. It has been the market leader as agencies work to meet modernization goals of shared services, mobile workforce enablement, improved FITARA scores, and more. Zscaler powers the shift to a modern, direct-to-cloud, Zero Trust architecture, regardless of device or user location. The Zscaler multi-tenant Cloud Security Platform applies policies set by the agency to securely connect the right user to the right application. As a Secure Access Service Edge (SASE) service, the Zscaler Cloud Security Platform is built from the ground up to provide comprehensive network security functions. Unlike traditional hub-and-spoke architectures where traffic is backhauled over dedicated wide area networks via VPNs to centralized gateways, Zscaler routes traffic locally and securely to the internet over any connection or device from anywhere. The Zscaler SASE architecture shifts security functions to focus on protecting the user/device in any location, rather than securing a network perimeter. This ensures that users get secure, fast, and local connections no matter where they connect. Moving to a security-as-a-service model decouples your organization’s security requirements from the responsibilities of maintaining infrastructure and updates. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE), a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including Zero Trust, and met TIC 3.0 use cases. ZIA Improves security controls – Keeping IT focused on innovation with TIC in the cloud per the President’s Executive Order Federal IT leaders can improve on the who, what, where, when, and how they see, protect, and control user traffic to the internet by moving TIC security controls and other advanced security services to a cloud platform. The goal: immediate remediation on a global scale. This approach offers agencies global internet access and peering with FedRAMP-authorized applications. In addition, agencies can capture extensive log/telemetry data and store all agency data on U.S. soil with citizen-only access. Agencies can also provide the telemetry data to CISA’s Cloud Log Aggregation Warehouse (CLAW). With ZIA at the Moderate and High Baseline levels, agencies will have access to global TIC or more secure U.S.-only TIC solutions. Achieving a Zero Trust model with the Zscaler Zero Trust Exchange Through our Zero Trust Exchange and FedRAMP high solutions, all Federal agencies can achieve the Zero Trust goals mandated in the Cybersecurity Executive Order and implement CISA’s TIC 3.0 guidelines. Most agencies will need to approach Zero Trust in bite-sized chunks, setting priorities based on their unique needs. Check out our Zero Trust Playbook for prescriptive guidance on key steps that can be taken over time, leveraging a security ecosystem to achieve the end goal of Zero Trust. Zscaler ZIA will join with Zscaler ZPA High to offer the Zscaler “Zero Trust Exchange” completely at the High baseline. Zscaler is the first and only ZTA and SASE platform to be offered end to end at both moderate and high baseline. Mon, 01 Ago 2022 05:00:02 -0700 Stephen Kovac Join Zscaler at AWS re:Inforce 2022 The re:Inforce conference is one of AWS’s marquee events primarily focused on cybersecurity. At this annual event, you’ll be able to hear from experts in the field, learn best practices, and discover the latest advances in security to protect your organization from cybersecurity threats. Zscaler will be at booth #504. Visit us to learn how Zscaler for Workloads, which includes Workload Communications and Posture Control, can protect your cloud workloads from build-time to runtime. Workload Communications and Posture Control Overview What is Workload Communications? Workload Communications allows organizations to utilize Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) for their cloud workloads. With Workload Communications you can connect your cloud workloads to any destination–whether it is to the internet or to another cloud workload located in a different region–with secure connectivity using the Zero Trust Exchange. It will help you eliminate your network attack surface, prevent the lateral movement of threats, and reduce the risk of data breaches. What is Posture Control? Posture Control, our CNAPP solution at Zscaler, reimagines cloud-native application security by using a 100% agentless solution that leverages machine learning to correlate hidden risks caused by the combination of misconfigurations, threats, and vulnerabilities across the entire cloud stack. It empowers security, development, and DevOps teams to efficiently collaborate and discover, prioritize and remediate risks in cloud infra and applications as early as possible in the development lifecycle. What to expect at AWS re:Inforce Zscaler will be providing opportunities to Schedule one-on-one meetings with Zscaler product leaders who are driving the direction of Zscaler for Workloads. View live demos that showcase the capabilities and benefits Zscaler for Workloads can deliver to your organization. Next Steps To learn more and to sign up, please visit our registration page here. We look forward to meeting you at AWS re:Inforce 2022! Wed, 13 Lug 2022 08:00:01 -0700 Franklin Nguyen Zscaler for IoT & OT Now Sold by Siemens for Industrial Security I am very excited to join forces with Siemens to extend zero trust into OT and disrupt the traditional OT security mindset. Now, Zscaler and Siemens product and sales teams together are taking OT security to the next level, addressing a significant customer challenge to balance factory digitalization with the increasing severity of cyberthreats. You can read more in our press release about the specifics of the joint zero trust OT solutions we built. Why us and why now? Well, we’ve heard from our customers how Zscaler has transformed their IT infrastructure, showing that the firewall-based legacy castle-and-moat architecture is no longer the safest and most secure approach. Many industrial customers who use Zscaler for IT digital transformation asked us if our zero trust approach to security could help them in the factory to improve uptime and increase people and plant safety. Furthermore, as the world leader that empowers industrial giants, Siemens is perfectly positioned to pioneer the OT/IT convergence and accelerate factory digitalization through a path paved with zero trust foundations. Let’s look a little more closely at why customers are having this struggle between preserving security and modernizing their OT network. Typically, regulations like the IEC62443 suggest industrial networks separate themselves completely from the internet. The thought is that a lack of connectivity could prevent hackers from finding OT assets and hijacking them to gain unfettered access to the OT network, moving laterally to high-value assets until they can execute their ultimate objective. However, perpetual isolation from the internet prevents factories from taking advantage of Industry 4.0 initiatives like automation, AI/ML, cloud-delivered products, and other innovations that could help factories produce greater output at lower cost. It does not make sense for industrial companies to stay forever in the dark ages of an air-gapped state. To do so would lead to unacceptable stagnation. Instead, as a leading security company and manufacturing powerhouse, respectively, Zscaler and Siemens feel progress must be made to help factories become globally connected while drastically reducing cyber risk. Through our partnership, customers deploying industrial edge devices from Siemens, like the SCALANCE LPE, can connect to them from anywhere in the world over any network connection using the most secure architecture: zero trust via Zscaler’s Zero Trust Exchange. Powered by 150+ data centers worldwide, our multi-tenant cloud security service creates a fully encrypted connection between user and OT edge device. Each connection is brokered by the corporate policies set in the exchange, and creates a user identity-based micro tunnel between user and asset, rather than placing the user on the OT network. Compared with traditional network-based OT remote access solutions, this fully SaaS-based approach eliminates the attack surface, making it challenging for the bad guys to find and exploit OT assets and then move laterally about the network. In addition, Zscaler has a global cloud that scales much faster than any other OT secure remote access solution in the market today. What’s most exciting is not just the emergence of new security technologies but also new approaches that change the way people think and alter their assumptions. Almost always, customers find when they look at their networks through the lens of zero trust instead of castle-and-moat, they become more secure, users have a better experience, and they can reduce cost substantially, freeing up funds to be spent on growing the business. With technologies like the SCALANCE LPE and Zscaler Private Access, Siemens sellers can offer joint customers a path to OT and IT convergence through strong security. The combined solution helps customers digitally modernize their factories to obtain a higher output and a better bottom line. I invite you to learn more about the solution by visiting the Zscaler Private Access for OT page on our website as well as learn how zero trust can be used as part of a defense-in-depth strategy by reading our whitepaper titled 3 Essential Zero Trust Principles for Reducing Security Risk in OT Environments. Thu, 26 Maggio 2022 13:05:01 -0700 Jay Chaudhry The Top 5 Reasons Zscaler Partners Won’t Want to Miss Zenith Live 2022 The countdown is on! Zenith Live is back and better than ever - both in-person and virtual! Join technology, channel, and alliance visionaries and industry innovators as we bring together the very best two-day experience for you—our valued partners—no matter what type of partnership you have with us. Here are five reasons why Zenith Live is an event our partners can’t miss: Hear from visionary cloud leaders including Jay Chaudhry, CEO, Chairman, & Founder of Zscaler, and CISOs from organizations, such as Charles Schwab and Equinix, as they share innovations across zero trust, cloud security, and machine learning, as well as real-world use cases, helping organizations of all sizes define a roadmap to accelerate business. Attend our exclusive Partner Summit and learn from Zscaler channel and alliance leaders how we’re investing in our partner ecosystem to accelerate long-term growth—and how we’ll transform together into FY23. Plus, you won’t want to miss special guest Dali Rajic, COO of Zscaler, as he expands on the power of partnerships. Train with the best in the industry through partner-specific training, certifications, and hands-on labs on June 21 and 24 that are designed to elevate your Zscaler knowledge. Explore the Partner Innovations Expo and meet with our global ecosystem of companies and event sponsors to learn how we’re empowering customers in the cloud and mobile era. Celebrate with Partner Awards where our leaders and special guest speaker will recognize zero trust heroes who have gone above and beyond to expand their partnership with Zscaler. Plus, there will be more than 60 breakout sessions focused on the latest innovations, use cases, and strategies to guide your customers through today’s sophisticated attacks with zero trust. Here are some of our favorite breakout sessions for Zscaler partners: Zscaler Partner Summit: Your Customers, Secured Value Discovery: Methods Specific to Zscaler Solution to Accelerate Your Sales Cycle SASE, SSE, and Zero Trust: Beyond the Hype Case Study: CISO of a Global Organization Talks Cybersecurity Located in APJ or EMEA? Save the date for our upcoming Partner Summits on tour in your region! APAC: Sydney: September 20, 2022 Singapore: September 22, 2022 EMEA: Week of November 14, 2022 Location TBD Mon, 23 Maggio 2022 13:20:45 -0700 Elorie Widmer My Journey as Sales Engineer is a Journey of Transformation "The only constant in life is change." This saying doesn't just cover the professional career of Cedric Blöchlinger; it's also a great way of describing his current role. As a Sales Engineer at Zscaler, he paves the way for companies to securely join the cloud, gradually transforming conventional IT infrastructures into modern, cloud-based working and production environments. This often involves radical changes to the existing security and network architectures. Cedric’s own personal transformation has evolved from a biotechnology degree to a Master's in Technology & Economics Management with a couple of interim steps to IT security. After his initial career experiences in management consultancy, while taking a break to travel, he decided to focus on security and gained hands-on experience in a pen testing lab as a first step. That paved the way to his current role as a security professional. However, his next career stops were first as a Technical Account Manager to an SD WAN provider, where he looked after existing customers and supervised rollouts so that the connectivity of the data streams remained the focus. In addition, he was certified as a CISSP before he switched to sales. "Today, I'm very happy that I didn't take a more direct route, as my wealth of experience in different areas gives me credibility with customers. I can draw on a broader understanding of network and security issues that come into play during the secure transformation of IT infrastructures. To support companies on their transformation to the cloud, you need to know exactly where the levers have to be applied in the entire infrastructure," he said, summarising a career which has finally led to him working as a sales engineer for cloud security specialists. The need for this type of comprehensive cloud consultancy is not solely a result of the pandemic. In fact, over the last two years, the introduction of Microsoft 365–with its associated collaboration tools–has been on the agenda of a lot of companies. The switch to hybrid workplace models or digitised production environments also involves a lot of awareness raising. It's not only applications that have left the secure company perimeter, but also employees, making connectivity and secure connections a high priority. And even for connecting conventional production lines to digital control or remote maintenance systems, modern security from the cloud is now required. These radical changes are closely connected to each other and should be part of holistic transformation concepts. Opening eyes to new approaches Today, Cedric does not see his current job as “sales,” but rather an opportunity to demonstrate solutions that can help companies move away from traditional infrastructures to benefit from the full potential of the cloud. “The exciting part is getting to know the company better and understanding what their current issues really are. They know their infrastructure best and therefore know where it might need to change,” he said. Therefore, discussion with the customer as an equal is critical for him. He sees himself as a technical consultant who brings the customer new ideas by presenting modern solutions. By demonstrating the technical options that go hand in hand with a highly integrated security service from the cloud, his customer contact partners often experience the eureka effect. It's best if they discover the benefits of leaving behind traditional processes by introducing new solutions for themselves. The skill here is to show how innovations can find their way into a company: "I get a real sense of achievement when the customer themselves notices that they no longer need a traditional infrastructure that's so complex to manage when they use a cloud-based security service," continues Cedric. "Then I know that I've explained something well, without directly telling the customer which hardware they can get rid of in the future." Every meeting with a prospect is different. Experience with small- and medium-sized business does not necessarily translate to key accounts. The bigger a company, the more decision makers need to be convinced of the need for a transformation strategy for a fundamentally new solution. The bigger the company, the greater the number of interactions with the customer. This makes it important for SEs that they are accepted as consultants, and that a good relationship is established with the customer. "I find it helps to demonstrate how a zero trust platform can support the company goals. Because ultimately, the technology supports the business strategy and ensures that important projects can be implemented," Cedric said. “The customer can determine their own speed and decide which steps are suitable when for their chosen transformation strategy.” Meetings with larger companies are complex and often go beyond the technical department. Highly diverse executive departments are involved in the decision-making process and must be met with their requirements, not to mention their concerns. Particularly when it comes to compliance and data protection, best practice examples can help get the works council on board before the creation of a cloud-based security solution that includes the performance of integrated SSL/TLS scanning. It's a question of convincing employees about the load capacity of an approach and demonstrating tried-and-tested solutions. In the end, it is critical that the entire solution process for a holistic infrastructure change is communicated all the way up to management level. After more than a year as a sales engineer, Cedric believes that he began his journey through the consultancy landscape after moving to Zscaler. Today, he can combine his expertise from different disciplines and contribute to the Zscaler Zero Trust Exchange with technical sales. Thu, 19 Maggio 2022 22:00:02 -0700 Gregor Keller Even the Cloud is Bigger (and More Secure) in Texas Zscaler is proud to have been named to the Texas Risk and Authorization Management Program (TX-RAMP) program. Our early entry into the TX-RAMP program gives our Texas customers access to the largest provider of zero trust access solutions in the U.S. In the spirit of FedRAMP and StateRAMP, this program provides a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process, store, or transmit the data of a state agency. Certifying products under the TX-RAMP umbrella allows for faster acquisition of secure cloud solutions, necessary for the modernization of Texas’ digital government. Being part of the certified products list means that state, local, and higher education customers in Texas have the assurance that Zscaler meets stringent data security requirements. TX-RAMP has reciprocal arrangements with FedRAMP and StateRAMP. Since those certifications can be cost and time prohibitive for many small companies, Texas wanted to offer another option to empower smaller Texas-based companies to pursue contracts with state and local government entities. Requirements for TX-RAMP are based on the same NIST 800-53 framework that StateRAMP and FedRAMP use. Companies are assessed by the Texas Department of Information Resources (DIR) and there is no cost associated with the assessment or program participation. Companies do not have to already have business with the state to participate. Zscaler Private Access (ZPA) and Zscaler Internet Access are certified at TX-RAMP level 2. Both technologies were included on the first authorized list released from StateRAMP and are also part of the FedRAMP program. The State of Oklahoma standardized on Zscaler as a way to strengthen their security posture while also providing their employees the ability to work from anywhere. Today, employees now have the same access and experience whether they are in the office or logging on from a coffee shop. The resulting connection is five times faster than the legacy VPN approach and has dramatically reduced the number of VPN help tickets from hundreds a day to virtually none. The Zscaler solution was up and running for 10,000 users across 90+ state agencies in just days. ZPA is a zero trust solution that connects authorized users directly to agency-approved private applications without being placed on the network, which dramatically reduces cyber risk. This approach significantly improves application performance and the user experience and reduces the attack surface and the associated risk of malware, ransomware, and other threats. The experience is identical whether the agency application is hosted in the government data center, or in destination clouds such as AWS GovCloud, Azure Government, or the Google Cloud Platform. ZPA was granted a Provisional Authorization To Operate (P-ATO) at Impact Level 5 (IL5) and achieved FedRAMP-High JAB Authorization. ZIA is a cloud security service that transforms networks by delivering cloud-based internet and web security that scales to all users, whether they are on- or off-network. ZIA leverages a cloud-native proxy to allow organizations to secure all online and SSL traffic. By securely following all users, applications, and devices, regardless of location, ZIA enables a zero trust approach to SaaS application and website access that helps reduce risk and restore compliance. The solution received Authorization to Operate (ATO) at the Moderate Impact level and achieved FedRAMP “In Process” status at the High Impact level, sponsored by a U.S. Department of Defense (DoD) Command. It is also prioritized for FedRAMP-High JAB Authorization. More information on TX-RAMP can be found here. Mon, 11 Apr 2022 13:38:24 -0700 Ian Milligan-Pate