Harnessing zero trust and AI to outpace cyber threats

Zscaler Breach Predictor will be launching in a few months. It is powered by Zscaler AI/ML. It has AI breach predictor and policy recommendation engine. We can now minimize external attack surface, prevent compromise, and prevent data loss.

Pradeep Chakraborty
New Update

Deepen Desai, with Eric Reed and Stephen Harrison.

Next, there was a session on harnessing zero trust and AI to outpace cyber threats at Zscaler's Zenith 2024 in Las Vegas, USA.


Deepen Desai, CSO & Head of Security Research, Zscaler, said cyber attackers are weaponizing AI. He cited the example of a call to Jay Chaudhry. We also have significant uptake in zero-day vulnerability exploitations in legacy architectures. Ransomware attacks also continue to accelerate. There was 144% in more ransomware payloads.

Zscaler's advantage starts with zero trust exchange, AI leadership, and data advantage. The ThreatLabz team has 150+ security experts worldwide. GenAI phased attacks have raised the stakes. 

A company, UnlockedAI, has invested $2 billion to steal data from AI/ML environment. It searches for vulnerable assets, and identifies targets. It also crafts a spear-fishing email. This comes from RogueGPT. It will install malware in the environment. UnlockedAI has privilege escalation, and searches for AI/ML production environments. This leads to data exfiltration. Zscaler can help with all innovations!


Breach predictor ahead

Zscaler Breach Predictor will be launching in a few months. It is powered by Zscaler AI/ML. It has AI breach predictor and policy recommendation engine. We have CxO security playbook. 

We can minimize external attack surface, prevent compromise, prevent lateral movement, and prevent data loss. You can eliminate inbound VPN for attackers. Zscaler EASM lookalike domain detection is also operating. EASM will show all threats. It implements MFA with hardware key. Inline sandboxing also prevents zero-day threats. We scored AAA rating from Cyber Ratings. 

We can now enable the user-to-app segmentation. There are AI-powered policy recommendations. You can enable zero trust app in the office. Zscaler Identity Protection can help protect you. Zscaler Deception can deploy AI-powered honeypots, which is also coming soon. Deception can also deploy GenAI honeypots. Zscaler threat-hunting teams will hunt, detect, and defend you.


Stephen Harrison, SVP & CISO, MGM Resorts International, said the attack surface is realistic. It won't stop there! There can be threats commoditized in future. Every person can be advanced persistent threat (APT). He said that we can point out several issues. Breach prediction maps the threats. We can now take action immediately. 

Eric Reed, SVP & CTO, Global Infrastructure Services & IT Ops, The Cigna Group, added that we are seeing rapid increase of capabilities in the hands of bad people. We segmented networks for users. We now have bad actors. Ability to segment is critical. We can give the users the type of access that they need.

Harrison added that we need to focus on zero trust journey. You can drive the journey, and add endpoints, etc. You can achieve much more. You need to drive cultural shift across your company. Reed added that we are staying present with tools and resources. Large enterprises have legacy network. We have some challenges to resolve.


Harrison said it is about giving people interesting things to do. You can challenge people, and also give them cross-collaboration. You can empower people, and give them what they want. Reed added that lucky engineers work on top problems. GenAI can hopefully assist them solve problems. 

Desai concluded that we have Zscaler zero trust architecture powered by AI. You need AI to fight AI. You need to focus on zero trust architecture. You can reduce attack surfaces right now, and go through transformation journey.

Zero trust