Empowering Cloud Security: Zscaler's Dhawal Sharma Emphasizes the Need for Collaborative Data Protection Efforts

In an interview with Dataquest, Dhawal Sharma, Senior Vice President and General Manager of Product Management at Zscaler, sheds light on the crucial role India plays in the company's global operations and the growing significance of a hybrid security approach. He also discusses the implications of Generative AI on data protection policies, Zscaler's integrated solution for distributed data protection, and the top factors CIOs should consider when securing data in the cloud. Additionally, Sharma addresses the key challenges organizations face in terms of cloud security and explains how Zscaler's Zero Trust Architecture provides a holistic approach to addressing these challenges. Finally, he offers valuable insights on countering the rising threat of encryption-less ransomware. Excerpts:

Zscaler has a significant presence in India, with a substantial portion of its global workforce based here. How does this contribute to the overall business goals of the company?

India is currently at the center of many technological advancements and has been creating path-breaking innovations to support its growing economy. At Zscaler, we realize the potential that the country holds and therefore, around 40% of Zscaler's 5,800  strong workforce is based in India. The workforce here focuses on all aspects of the business including R&D which involves members across engineering, product development, management, customer support, and technical account management teams. At present, we have four offices in India – Bangalore, Pune, Mohali and Mumbai – and also support our staff that wish to work remotely. The Zscaler team in India has been critical in ensuring that our customers across the globe are fully supported during the post-implementation phase. This is a significant aspect of Zscaler’s commitment to driving customer service and satisfaction in the region and beyond.

We see immense potential in this region as the adoption of zero trust architecture continues to be a key focus for businesses in India. In fact, over 50% of IT services companies, four of the top private banks, as well as the largest pharmaceutical and manufacturing conglomerate in India are using Zscaler to secure its users and business operations. We have established a strong presence in India and are actively collaborating with the Indian government to enhance security in these early stages.

Can you discuss the implications of Generative AI on data protection policies and strategies, and how companies are adapting to these technological advancements to reduce risks and enhance agility?

Generative AI is a rapidly evolving domain that has the potential to create novel and realistic content at scale to support business growth. However, if not used wisely, this can also pose significant challenges around data protection. Before integrating generative AI tools into their technology stack, organizations must implement measures and policies to ensure correct usage of the technology to reduce any risks. At Zscaler, we understand the need for developing innovations that will allow secure utilization of generative AI to deliver precision outcomes. To assist organizations in reducing risks and have the right policies in place, we offer many innovative products.

In order to support our customers in this implementation journey, we have enhanced our solutions to facilitate and smoothen this process. For instance, Security Autopilot^TM with breach prediction offers a proactive approach to securing data by enabling AI engines to continuously learn from changing cloud-based policies and logs. Our Multi-Modal DLP is also different from traditional DLP solutions which are limited to understanding and managing text and image-based data. We are revolutionizing the way DLP will operate by integrating generative AI and multi-modal capabilities into the DLP offerings. This will ensure that customers’ data are protected from data leaks across various media formats – giving them the necessary peace of mind needed to focus on innovation and growth instead.

Could you shed light on Zscaler's integrated solution for distributed data protection? How does it address the challenges posed by the increasing volume of dispersed data?

Cybersecurity has definitely ascended up the list of priorities for organizations but most still struggle with juggling various point products to truly realize the benefits of their cybersecurity technology stack. Dealing with a multitude of point products can leave a whole lot of room for security lapses despite the time investments it requires. In order to tackle this issue root-and-stem, CISOs today need to take an integrated approach to security to address the evolving threats such as ransomware and encrypted attacks.

Furthermore, data is widely distributed across endpoints and cloud apps, which means organizations require more than just Cloud Access Security Broker (CASB) for adequate data protection. Considering there are multiple channels that data can be routed through, integration has become an extremely important solution to address this growing challenge.

Understanding this need, we offer an integrated solution to distributed data protection that combines Secure Web Gateway (SWG), CASB, and Zero Trust Network Access (ZTNA). This integration solution enables our customers to protect their IT infrastructure easily in one location.

For tech leaders and CIOs looking to secure their data in the cloud, what would be the top three factors you would advise them to consider?

Over the past few years, with the increasing pace of technology acceptance, the cybersecurity landscape has become progressively more complex. Threat actors are on the ready with a slew of highly damaging attack vectors to launch at any given time. Here the role of a CIO is amplified and they are required to gauge any threat to a cloud environment before it happens and be able to mitigate it without any economic losses.

CIOs must choose a cloud provider who is ready to take responsibility for protecting data without compromising on other aspects of the cloud. While the onus for data protection is always on the organization first and the cloud provider second, it is critical to find a hyperscaler that is equally involved in this dynamic. With the rise of hybrid cloud and multi-cloud environments, IT leaders must look at unified capabilities including internet, data center and SaaS applications. This will allow organizations to have greater efficiencies and lesser worry about their data security. Additionally, CIOs must also consider the possibility of establishing a zero trust framework. This will enable CIOs to leverage the cloud without having to worry about protecting access to resources. Zero trust also gives CIOs and the organizations an upper hand in the fast-evolving threat landscape.

What are the key challenges organizations face in terms of cloud security today?

Cloud security can appear to be extremely tedious and resource intensive but with the right approach, cloud can prove to be the most important asset for any organization. With its many benefits, it is important for CISOs to address the critical challenges in cloud security. It is important to have greater control over the organization’s data streams and encryption can be the answer to achieving this. This is especially important for SaaS applications which rely on secure connections for data exchange.

Another important challenge that needs to be addressed is the identification and prevention of security loopholes. While often an afterthought, this is one of the leading culprits of critical data breaches. While CASB, SWG and Cloud Security Posture Management (CSPM) all provide a high level overview of data protection, any lag in visibility or control over data could expose applications to prominent risks. Adding multiple layers of security devices to legacy infrastructure will slow down the application performance and increase friction in user experience, diminishing the value of cloud. As such, CIOs need to address this in an effective manner to ensure cloud benefits are realized.

How does Zscaler's approach to Zero Trust Architecture address these challenges?

At Zscaler, our approach to Zero Trust Architecture helps to address cloud security challenges by focusing on securing all access points and data traffic, regardless of location or network. Our platform is designed with the following elements in mind to ensure our customers are able to get a peace of mind when it comes to cloud security:

• Secure Access: Zscaler provides secure access to cloud applications and resources by implementing strict identity verification and multi-factor authentication. This ensures that only authorized users can access the cloud services.
• Segmentation: Zscaler employs segmentation to divide the network into smaller segments, allowing for granular control over access permissions. This reduces the attack surface and limits lateral movement within the network.
• Traffic Inspection: Zscaler inspects all incoming and outgoing traffic, including SSL/TLS encrypted traffic, at the perimeter to detect and prevent threats. This ensures that any malicious activity is blocked before reaching the cloud infrastructure.
• Cloud-native Security: Zscaler leverages a cloud-native security approach, meaning that security controls are deployed directly in the cloud infrastructure. This provides real-time threat intelligence, continuous monitoring, and immediate response to emerging threats.
• Secure Web Gateways: Zscaler's Secure Web Gateways (SWG) provide comprehensive web security by inspecting and filtering web traffic, blocking malicious content, and enforcing security policies. This helps protect against web-based attacks and data exfiltration.
• Cloud Application Visibility and Control: Zscaler offers visibility and control over cloud applications, enabling organizations to understand and govern the usage of cloud services. This helps mitigate risks associated with shadow IT and ensures compliance with security policies.

By combining these elements, Zscaler's Zero Trust Architecture offers a holistic and proactive approach to cloud security, addressing challenges such as unauthorized access, data breaches, and emerging threats.

There's a growing trend of cybercriminals resorting to encryption-less ransomware. What strategies or technologies does Zscaler recommend to counteract this threat effectively?

According to our Zscaler ThreatLabz data, we have observed nearly 40% increase in global ransomware attacks this year – driven mostly by the growth of Ransomware-as-a-Service (RaaS) and encryption-less extortion. While there are a few routes that can be taken to counteract the threat of encryption-less ransomware, the following technologies and tactics should form the crux of any team’s cybersecurity strategies.

• Zero Trust Network Access (ZTNA): Implementing ZTNA allows organizations to authenticate and authorize all users and devices before granting access to resources. ZTNA ensures that only trusted individuals and devices can access critical systems, reducing the risk of ransomware attacks.
• Security Analytics and Threat Intelligence: Implementing security analytics and threat intelligence to receive real-time insights into emerging threats, including encryption-less ransomware will help organizations to proactively identify and block ransomware attacks.
• User Education and Awareness: It is extremely important for companies to incorporate user education and awareness in order to create a holistic cybersecurity strategy. Training users on best practices for email security, safe browsing habits, and recognizing phishing attempts can significantly reduce the risk of ransomware infections.

By combining these strategies and technologies, organizations can enhance their defenses against encryption-less ransomware and mitigate the potential impact of such attacks.