At Zscaler, zero trust and AI are the future

Image created by DALL·E 3.

Navigating the cloud security landscape can feel like chasing a moving target. As threats become more sophisticated and the digital environment grows more complex, companies are compelled to adopt new ways to protect their data and operations.

Zscaler is tackling these challenges by focusing on zero trust and cloud security solutions. In this interview, Frontier Enterprise speaks with Bill Lapp, CTO Go To Market at Zscaler, who discusses the emerging challenges in implementing zero trust at scale, shares insights into the internal use of AI and ML at Zscaler, and offers a glimpse into the future of cloud security innovations.

You’ve been at Zscaler since 2016. What have been the highlights of your time there so far, and what are the most significant changes you’ve seen since then, specifically when it comes to cloud security?

My past eight years at Zscaler have been an enriching journey, and I’ve had the privilege of being part of a dynamic team dedicated to advancing industry standards. I started my career during the transition from traditional closed copper telephone networks to VoIP and mobile. I’m fortunate to be part of the next transition from closed networks to general-purpose ones, moving from some closed private networks to the open internet and the cloud.

In 2016, as organisations began migrating sensitive data and critical workloads to the cloud, it became evident that traditional security approaches, which focused primarily on securing the perimeter, were inadequate against cloud-based threats. Consequently, there has been a growing emphasis on solutions purpose-built for the cloud, offering scalability, agility, and deep integration with cloud platforms.

At Zscaler, we recognised this shift early on. In 2016, we introduced a cloud-delivered zero-trust solution designed to help organisations eliminate the external attack surface and minimise the potential for lateral movement. It seeks to simplify the implementation of zero trust.

Since then, and especially in recent years, we’ve seen significant changes impacting cloud security, such as:

  • The rise of remote work: The COVID-19 pandemic accelerated the adoption of remote work, fundamentally changing the security landscape. Organisations had to quickly adapt to secure a distributed workforce, leading to increased reliance on cloud-based security solutions and zero-trust architectures. Ensuring secure access to corporate resources from various locations and devices became paramount, driving the need for robust identity and access management, secure remote access solutions like zero-trust network access, and enhanced endpoint security measures.
  • Sophistication of cyberthreats: Cyberthreats have become more sophisticated and targeted, with adversaries leveraging advanced techniques such as ransomware, supply chain attacks, and deepfakes. This evolution necessitates continuous improvement in threat intelligence, real-time monitoring, and incident response capabilities.
  • Generative AI adoption: Generative AI has further advanced cyberthreats and introduced new opportunities and challenges in cloud security. While it enhances threat detection, predictive analytics, and automated response capabilities, it also allows cybercriminals to launch more efficient and sophisticated attacks. Ensuring AI model security, protecting sensitive training data, and mitigating risks associated with AI outputs are critical concerns.
  • Regulatory and compliance pressure: Organisations must ensure compliance with regulations while managing their cloud environments. This has driven the demand for enhanced data governance, encryption, and audit capabilities within cloud security solutions.

In recent transformations in the cloud security space, e.g. the migration from traditional security models to zero trust, what are some under-discussed technical challenges that companies face? How does Zscaler approach these from a technical standpoint?

Bill Lapp, CTO Go To Market, Zscaler. Image courtesy of Zscaler.

Implementing zero trust is about enacting secure transformation. Today, more organisations know why they should pursue a zero-trust architecture, but many still aren’t sure where to start – and in the face of remote work trends, the rise of IoT devices, generative AI, and cloud adoption, the task of forming a zero-trust strategy can seem overwhelming.

The key issue with delivering cloud security at scale is that you cannot replicate an on-premises approach in the cloud. Beyond technical challenges, being tied to legacy investments and needing stakeholder buy-in may further hinder zero-trust implementation. Working with a cloud security provider that can simplify connectivity, scale, and provide visibility can make all the difference.

What are the emerging technical challenges in implementing zero trust at scale? How do you anticipate these challenges will evolve, and what technical strategies might be necessary to address them?

There are four big areas we often see challenges in when companies look to implement zero trust at scale:

  1. Enabling cloud app productivity while reducing risk: The rise of remote work means that users need to be able to work from anywhere and access and share data as needed. For enterprise IT teams, the challenge is to balance user experience without compromising security.
  • The first step to combat this challenge is by identifying risky apps based on a risk score, and blocking or restricting access to high-risk applications.
  • This should be followed by implementing granular cloud application controls such as allowing viewing but blocking uploads, posts, etc., and blocking access for anomalous users and devices.
  1. Preventing accidental data exfiltration: Users can sometimes forget security best practices and cause accidental data exfiltration, particularly through collaboration on SaaS applications, as SaaS data can be easily shared with unauthorised users.
  • IT teams should continuously scan critical applications, monitor for malware, make sure there are no public repositories, and identify sensitive data that is externally shared.
  • Manual remediation of high-risk violations and quarantining malware may need to be conducted following any bulk downloads of data or external sharing.
  • This can be prevented by automatically remediating sharing violations and identifying third-party OAuth access to block rogue applications.
  1. Protecting data from insider threats: Insider threats can be maliciously intentional or due to user error. Regardless,
  • IT teams should identify which unsanctioned applications have the most file uploads and look for password-protected files or tagged files being uploaded.
  • They can also create an incident management program to monitor files, block high-risk exfiltration to unsanctioned applications, and gain better detection through EDM, IDM, and OCR.
  1. Lack of visibility into application usage: To protect effectively, one must know what’s happening – including the ‘what, where, and how.’ This starts with understanding how applications are used, both those approved by IT and those operating under the radar.
  • For approved applications, organisations need to track their usage and purposes, like monitoring AWS services or third-party apps linked to Office 365, to identify potential vulnerabilities in your data protection.
  • For shadow IT applications, visibility is key for deciding what to allow, restrict, or block. Protecting those applications is every bit as critical as getting a handle on shadow IT SaaS applications.
  • Visibility should then be extended to application instances, data, user activity, and application settings.
  • In addition to ensuring visibility, organisations should be able to inspect SSL traffic at scale; without that, organisations would still have blind spots. All ports and protocols should also be covered by the inspection to gain full visibility.

Zero-trust transformation takes time, but for today’s organisations to survive and thrive, it’s a necessity.

With a 600% increase in the use of AI/ML tools as noted in Zscaler’s recent AI Security Report, could you share examples of how these technologies are being implemented internally?

AI and ML play a crucial role in Zscaler’s internal security operations, helping to detect and respond to threats more effectively and efficiently, as well as to stay ahead of sophisticated threats and protect our customers. Some examples of how these technologies are being implemented internally include:

  • Visibility and risk response: AI is used to gain more visibility over the entire environment and respond to risks more quickly.
  • Preventing future breaches: AI and ML are leveraged to proactively prevent future breaches.
  • Data protection: These technologies help elevate data protection and secure new data loss vectors.

Additionally, we deploy all of Zscaler’s products internally to secure our own operations as well. This enhances our security and ensures our innovations are tested and optimised for real-world effectiveness.

Could you share some of the most surprising ways clients have used Zscaler’s zero-trust solutions?

Organisations prioritising cyberthreat and data protection, as well as those seeking comprehensive analytics and zero-trust connectivity, have utilised Zscaler’s approach effectively.

For example, Singapore-headquartered Maxeon Solar Technologies needed to ensure secure business continuity during its divestiture and support digital transformation with a zero-trust platform. They chose Zscaler due to factors like ease of deployment, configuration, and functionality. Maxeon launched the Zscaler deployment during the pandemic to provide secure, reliable access to the internet and SaaS applications for employees working from home. As part of its Zscaler Internet Access implementation, Maxeon also used Zscaler Digital Experience to quickly onboard global offices to the platform and ensure proper licensing. Since then, Maxeon has continued to use Zscaler for its cloud platform.

Another example is GLP, a global real estate logistics provider and investment manager based in Singapore. GLP leverages Zscaler to enable employees and third-party vendors to securely access private apps and OT devices. Operating in 17 countries with a portfolio of over 3,000 properties, GLP replaced its legacy VPN and firewall systems with Zscaler’s zero-trust architecture to address increasing cyberthreats. This transformation was essential to protect its digital and physical footprint, while enabling innovation and collaboration within and outside of the company without sacrificing security.

Looking ahead, what are the next major innovations Zscaler is pursuing in cloud security?

We plan to further embrace AI and innovate in various areas of cloud security.

Our recent acquisition of Avalor strengthens our capabilities in real-time AI-driven security insights and threat prevention. By leveraging Avalor’s massive data foundation, Zscaler aims to transform AI capabilities for the cybersecurity industry, enabling organisations to mitigate risks, optimise performance, and pave the way for zero-touch operations.

Another recent development is the addition of ZDX Copilot, an AI assistant that analyses data from users, devices, networks, and applications, to our Zscaler Digital Experience (ZDX) service. Teams can use Copilot, which leverages generative AI, to review trends and narrow results down to specific actionable insights. This helps IT support and operations teams resolve issues impacting end users by providing insights and automating common configuration tasks.

Additionally, Zscaler introduced Hosted Monitoring, which offers continuous assessment of application performance from a globally distributed infrastructure, and Data Explorer, which allows IT teams to build and share custom reports that visually correlate diverse data sets.

We also announced our collaboration with Google on a joint zero-trust architecture with Chrome Enterprise. By combining Zscaler Private Access for secure access to private applications with the threat and data protection capabilities of Chrome Enterprise Premium, we aim to provide customers with the security they need without complexity.