CXO Revolutionaries Insights An executive-level resource for actionable, practical, and real-world examples for creating enterprise change through digital transformation initiatives. en CISO Monthly Roundup, November 2022: World Cup-related threats, renewed attacks on the Indian government, holiday shopping scams, and malware in the Google Play Store The CISO Monthly Roundup provides the latest threat research from Deepen Desai and the ThreatLabz team, along with insights on other cyber-related subjects. Fri, 02 Dec 2022 08:05:43 -0800 Deepen Desai Pulling the thread on zero trust with Ben Corll, CISO How a greenfield opportunity to build a resilient security program at Coats led this security pro to zero trust. Fri, 02 Dec 2022 09:54:07 -0800 Pam Kubiatowski Herding cats: How to lead a digital transformation in a federated organization When companies operate less in a hierarchy and more like loosely federated groups, how can CXOs steer the ship toward a common goal? A veteran of the latter type of organization provides his advice. Wed, 30 Nov 2022 11:57:11 -0800 Yves Le Gelard Quantifying the business value of zero trust Justify your IT investments with projected hard cost savings, future cost avoidance, and overall transformation value. Tue, 22 Nov 2022 13:32:49 -0800 Christopher Jablonski Technology offers promise – and peril – for healthcare in Singapore Singapore's healthcare system relies on technology to serve its aging population. One CISO argues the country is not yet paying commensurate attention to IT security Mon, 21 Nov 2022 05:13:56 -0800 Francis Yeow Could double extortion prompt a public health crisis? Australia is considering banning ransomware payments. In response, cybercriminals are selectively leaking patient data to extort payments. Some worry this could have a chilling effect on citizens' decisions to seek medical treatment. Tue, 15 Nov 2022 08:43:47 -0800 Kyle Fiehler For the sake of its cybersecurity, Australia must come together As the pandemic abates, Australia is feeling the effects of the cybersecurity talent shortage more acutely than most. It can either come together under a banner of collective defence or continue to be an attractive target for cybercriminals. Thu, 10 Nov 2022 10:39:32 -0800 Heng Mok Messaging transformation to the business with Field CTO Dan Shelton Speak zero trust in the language that makes sense to your business. Tue, 08 Nov 2022 12:45:03 -0800 Dan Shelton How AI/ML assists in solving the unsolvable in cybersecurity AI/ML is no panacea but offers extraordinary gains when coupled with domain expertise. Mon, 07 Nov 2022 11:30:16 -0800 Pam Kubiatowski Should we be freaking out about CISO scapegoating? Do CISOs need to fear being held legally liable for breaches that occur during their tenure? If so, what will this for the positions' talent pool. Thu, 03 Nov 2022 13:44:27 -0700 Ben Corll CISO Monthly Roundup, October 2022: ThreatLabz Data Loss Report; PHP Ducktail infostealer; LilithBot malware; vulnerabilities in OpenSSL, Microsoft, and Apache; Windows CLFS zero-day The CISO Monthly Roundup (formerly the ThreatLabz monthly report) provides the latest threat research and relevant insights on cyber-related subjects from the ThreatLabz team and Deepen Desai, CISO at Zscaler. Fri, 04 Nov 2022 15:52:01 -0700 Deepen Desai A dash of flexibility enhances security at International Flavors and Fragrances Zero trust and segmentation success tips from a Fortune 500 company. Tue, 01 Nov 2022 10:17:16 -0700 Sanjit Ganguli The ascendency of inclusion: A conversation with Dr. Gena Cox Dr. Gena Cox, Ph.D., is an organizational psychologist, executive coach, speaker, and author. She joined Zscaler EVP, Customer Experience & Transformation Kavitha Mariappan in New York for a conversation on “The Ascendency of Inclusion.” Mon, 31 Oct 2022 14:40:44 -0700 Kavitha Mariappan Digital architecture risk is a fiduciary responsibility of the board CXOs need to communicate the realities of digitalization to the organizational committee that needs to hear it most: the board of directors. Mon, 31 Oct 2022 11:51:51 -0700 Andrew Brown Social engineering tactics are changing. Awareness training must too Fraudsters are switching up their tactics in response to hardened corporate email accounts. Are your users aware of the latest social engineering techniques? Mon, 31 Oct 2022 07:41:23 -0700 Ben Corll How Sanmina does mergers and acquisitions at the speed of business For Sanmina, mergers, acquisitions, and divestitures are vital to how they do business. But with so many integrations failing to meet their synergy goals, it became clear the old ways were no longer working. Fri, 28 Oct 2022 12:06:03 -0700 Pam Kubiatowski Zero trust element #7: Enforce policy Element #7 of the Seven Elements of Highly Successful Zero Trust Architecture explores the enforcement actions that can be taken as a result of data gathered during the first six elements. Fri, 28 Oct 2022 08:31:14 -0700 Sanjit Ganguli Cybersecurity and the VC: In conversation with Telstra Ventures' Marcus Bartram Venture capitalist sees tailwinds and innovation in cybersecurity to address increasing complexity. Thu, 27 Oct 2022 12:52:53 -0700 Sean Cordero Talking mergers, acquisitions, and divestitures with TCS Tata Consulting Services joins the show to examine how organizations can build the proper foundations to close transactions in record time. Tue, 25 Oct 2022 08:03:18 -0700 Pam Kubiatowski Mergers and acquisitions: How zero trust helps achieve a competitive advantage Despite an economic downturn, corporate acquisitions have increased. Chances are, your company will either acquire or get acquired. The question is, are you prepared from an IT and cybersecurity standpoint? Fri, 21 Oct 2022 07:45:09 -0700 Stephen Singh How state CIOs can elevate priorities above personalities Earlier this month, the National Association of State Chief Information Officers (NASCIO) published its annual list of members' top priorities for the year ahead. Former CIO for the State of Wisconsin David Cagigal comments on this year's list. Thu, 20 Oct 2022 11:17:05 -0700 David Cagigal Zero trust element #6: Prevent data loss Element #6 of the Seven Elements of Highly Successful Zero Trust Architecture focuses on preventing the exfiltration of sensitive data. Thu, 20 Oct 2022 08:28:36 -0700 Sanjit Ganguli The golden triangle of secure transformation: when cost, usability, and security come together The CXO Revolutionaries recently completed successful events in Houston and Chicago on their way to New York. Here are some of the key learnings we’ve gathered from industry-leading CXOs from our time on the road so far. Fri, 14 Oct 2022 14:14:43 -0700 Kavitha Mariappan Zero trust element #5: Prevent compromise Element #5 of the Seven Elements of Highly Successful Zero Trust Architecture focuses on using SSL/TLS inspection to scan for malicious content. Thu, 13 Oct 2022 14:01:05 -0700 Nathan Howe ThreatLabz September 2022 Report: The inconvenient truth about VPNs, updated Agent Tesla RAT campaign, Ares banking Trojan “new” DGA, Prynt Stealer double-dealing, and Crytox ransomware dissected. ThreatLabz September 2022 Report: The inconvenient truth about VPNs, Updated Agent Tesla RAT campaign, Ares “new” DGA, Prynt Stealer double-dealing, and Crytox ransomware dissected. Read the latest relevant threat research from Zscaler ThreatLabz. Fri, 07 Oct 2022 13:32:54 -0700 Deepen Desai Zero trust element #4: Assess risk (adaptive control) Element #4 of the Seven Elements of Highly Successful Zero Trust Architecture, assessing risk, is the first element to involve exercising control over content and access. Thu, 06 Oct 2022 12:21:15 -0700 Nathan Howe Security leaps forward for open radio access networks and 5G (interview) The NSA and CISA jointly released a landmark report this month covering security considerations for Open RAN. We caught up with Dr. Ken Urquhart, Global Vice-President of 5G at Zscaler and a member of the working group, for more insight. Tue, 04 Oct 2022 16:33:51 -0700 Editorial Team Secure transformation requires cultural change: Lessons from Microsoft’s journey What does it take for an established software leader to gain the momentum to transform itself into a world-class security provider? Microsoft has proven that trust and collaboration are just as essential as innovative technology. Wed, 21 Sep 2022 10:33:00 -0700 Editorial Team What adventure athletes can teach us about transformation Digital transformation and extreme sports both require weighing risks, rising to the occasion, and having the vision to break conventions. As the CISO of VF Corporation and a motorcyclist, I can’t help but see the parallels between the two. Fri, 30 Sep 2022 07:34:51 -0700 Ken Athanasiou Zero trust element #3: Where is the connection going? Element #3 of the Seven Elements of Highly Successful Zero Trust Architecture considers the ultimate destination of the request. Thu, 29 Sep 2022 09:10:58 -0700 Sanjit Ganguli How the DoD can nail its zero trust rollout With the White House Executive Order conferring its endorsement of zero trust principles, it now falls to the DoD to implement. To do so, the department should stick to a few practices that could help make the rollout smooth and successful. Wed, 28 Sep 2022 13:30:33 -0700 David Cagigal The road to net zero emissions and why it matters, featuring Bill Choi Zscaler announced its achieved carbon neutral status for CY 2022 and declared its intention to become a net zero emitter by 2025. SVP, Investor Relations & Strategic Finance Bill Choi explains the significance of this accomplishment. Mon, 26 Sep 2022 16:30:47 -0700 Kyle Fiehler The right way to M&A with Stephen Singh, Zscaler GVP Guest Stephen Singh, Global VP, M&A/Divestiture and ITO leader Zscaler delivers the latest on the market state and what corporate boards and IT leaders need to know about zero trust. Thu, 22 Sep 2022 11:49:40 -0700 Stephen Singh Zero trust element #2: What is the access context? Element #2 of the Seven Elements of Highly Successful Zero Trust Architecture considers the context surrounding the access request. Thu, 22 Sep 2022 11:32:31 -0700 Nathan Howe It’s a network, not a security blanket Cushman & Wakefield CISO Erik Hart discusses leading his own zero trust transition, and why many IT leaders still fear taking the leap. Thu, 22 Sep 2022 08:06:47 -0700 Erik Hart Digital equivalent of SOX inevitable, says cybersecurity investigator turned CISA advisor Former NYT investigator, Nicole Perlroth, examines the complex issues hindering cybersecurity cooperation between the private and public sector. Cyber weapons are being refined in Ukraine. Will we come together to protect critical infrastructure? Tue, 20 Sep 2022 12:03:50 -0700 Kavitha Mariappan Zoom CEO to Zscaler CEO: Pain points of hybrid work spell opportunity Tech titans kick off new CXO Summit series with lessons learned for innovation, architecture, user experience, and quality. Mon, 19 Sep 2022 12:18:09 -0700 Christopher Jablonski Winning the digital transformation Triple Crown In pro baseball, winning the Triple Crown requires all-around hitting ability. Similarly, executing a digital transformation requires organizations execute outstanding performances in the fields of applications, network connectivity and cybersecurity Fri, 16 Sep 2022 10:34:24 -0700 Kyle Fiehler Zero trust element #1: Who’s connecting? Element #1 of the Seven Elements of Highly Successful Zero Trust Architecture verifies identity. The first element of verifying identity and context is determining who is making a connection. Thu, 15 Sep 2022 13:17:34 -0700 Sanjit Ganguli Key NIST cybersecurity publications and how to apply them Putting standards and guidance into practice. Wed, 14 Sep 2022 14:32:31 -0700 Pam Kubiatowski Zero trust is key to supply chain security A bloated lineup of third-party IT solutions poses a danger to organizations because it both expands their attack surface and increases the opportunity of becoming collateral damage via a compromised vendor somewhere further down the supply chain. Wed, 14 Sep 2022 08:40:36 -0700 Jeff Lund No pressure: Taking mission responsibility for the $10 billion James Webb Telescope David Liska, Associate Director of Engineering & Technology at the Space Telescope Science Institute processes 85 petabytes of data beamed from deep space. How's that for a file transfer? Tue, 13 Sep 2022 14:32:36 -0700 Sean Cordero The CISO’s challenge: Can you secure the supply closet? To be effective, CISOs must understand how to best apply their cybersecurity philosophy to the security stack they inherited. There’s a good chance many of the security tools are unneeded. Some may be ineffective, redundant, or simply unnecessary. Thu, 08 Sep 2022 09:58:05 -0700 Tony Fergusson The four steps to breaching an enterprise Malicious actors return to this tried-and-true, rinse-and-repeat strategy repeatedly because it so often leads to success. While cybercriminals are often a clever group, these four steps don't require strategic genius to execute. Thu, 08 Sep 2022 06:20:01 -0700 Editorial Team ThreatLabz August 2022 Report: AiTM hits Gmail, Investigating X-FILES infostealer, Grandoreiro Trojan analysis, and instant karma for pirated software users ThreatLabz August 2022 Report: AiTM hits Gmail, Investigating X-FILES infostealer, Grandoreiro Trojan analysis, and instant karma for pirated software users. The latest insights from the Zscaler ThreatLabz security research team. Wed, 07 Sep 2022 13:35:59 -0700 Deepen Desai Illustrating the transition to SSE and zero trust Zero trust is a journey. As the zero trust industry has matured over the last five years, transformation roadmaps are becoming more apparent, enabling enterprises to see realistic implementation plans mapped to their business objectives. Wed, 07 Sep 2022 09:18:58 -0700 Brett James A modernized approach to M&A The priority of M&A is a smooth IT transition, accelerating the merged company on its way to realizing value. However, essential activities like due diligence and integration planning take time. A cloud-native approach speeds things up. Tue, 06 Sep 2022 11:00:13 -0700 Stephen Singh Get into your element for zero trust architecture success Zero trust means a lot of different things to different people. Those who stick to the principles and understand what it is and what it is not can radically simplify their information technology and cybersecurity. Fri, 02 Sep 2022 11:02:55 -0700 Editorial Team It takes a village: Nurturing the next generation of cybersecurity talent JP Saini, Chief Digital & Technology Officer at Sunbelt Rentals joins host Sean Cordero to discuss nurturing tomorrow's cybersecurity talent. Thu, 01 Sep 2022 09:21:08 -0700 Sean Cordero ‘Cyber isolationism’ is making CXOs’ jobs more complicated – and more critical "Cyber isolationism" is making the job of IT executives more challenging. It’s also elevating the importance of positions like CIO and CISO for businesses’ resilience and success. Fri, 26 Aug 2022 11:53:53 -0700 Simon Hodgkinson