CXO Revolutionaries Insights https://revolutionaries.zscaler.com/ An executive-level resource for actionable, practical, and real-world examples for creating enterprise change through digital transformation initiatives. en ThreatLabz July 2022 Report: Deconstructing a massive global phishing campaign, exposing Industrial Spy, Google Play infiltrated, Qakbot upgraded, and Raccoon v2 https://revolutionaries.zscaler.com/insights/threatlabz-july-2022-report-deconstructing-massive-global-phishing-campaign-exposing This July ThreatLabz released a trove of actionable threat intel, performed a deep dive on a massive phishing attack, exposed a new threat group named Industrial Spy, and more. Dive into the latest cybersecurity news from ThreatLabz today. Mon, 15 Aug 2022 16:55:08 -0700 Daniel Ballmer https://revolutionaries.zscaler.com/insights/threatlabz-july-2022-report-deconstructing-massive-global-phishing-campaign-exposing Talking standards with NIST Fellow Dr. Ron Ross https://revolutionaries.zscaler.com/insights/talking-standards-nist-fellow-dr-ron-ross The evolution of risk management in the cloud era and the future of cybersecurity. Mon, 15 Aug 2022 09:29:52 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/talking-standards-nist-fellow-dr-ron-ross The string (cheese) theory of zero trust https://revolutionaries.zscaler.com/insights/string-cheese-theory-zero-trust Be bold. Experiment with string (cheese) theory for yourself. Embrace zero trust one calcium-rich strip at a time. Fri, 12 Aug 2022 06:19:44 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/string-cheese-theory-zero-trust The elevation of cyber risk and the CISO https://revolutionaries.zscaler.com/insights/elevation-cyber-risk-and-ciso Chief information security officers now speak the language of business and the board is the audience. Succeed with these tales of a Global 500 cyber veteran. Tue, 09 Aug 2022 16:03:40 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/elevation-cyber-risk-and-ciso Beating IT’s bad rap: How CXOs can maintain a positive corporate presence https://revolutionaries.zscaler.com/insights/beating-its-bad-rap-how-cxos-can-maintain-positive-corporate-presence Rather than stressing how important your role is after a breach makes it plain, take responsibility for making your impact known. Tue, 09 Aug 2022 08:41:45 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/beating-its-bad-rap-how-cxos-can-maintain-positive-corporate-presence Cybersecurity skills shortage provides rare cross-training opportunities https://revolutionaries.zscaler.com/insights/cybersecurity-skills-shortage-provides-rare-cross-training-opportunities In the U.S., there’s an extreme need for qualified cybersecurity professionals, a career that pays pretty well. At the same time, 62% of workers report living paycheck to paycheck. The cybersecurity problem we face has an obvious solution. Mon, 08 Aug 2022 11:16:49 -0700 Daniel Ballmer https://revolutionaries.zscaler.com/insights/cybersecurity-skills-shortage-provides-rare-cross-training-opportunities You could do zero trust the old-fashioned way, but why? https://revolutionaries.zscaler.com/insights/you-could-do-zero-trust-old-fashioned-way-why Many organizations are trapped in an outdated way of operating and simply do not realize it. People, businesses, and agencies regularly use antiquated processes or technology, never anticipating encountering serious problems until it is too late. Wed, 03 Aug 2022 09:49:01 -0700 Daniel Ballmer https://revolutionaries.zscaler.com/insights/you-could-do-zero-trust-old-fashioned-way-why The security risks of taking a stand https://revolutionaries.zscaler.com/insights/security-risks-taking-stand Organizations face increasing internal and external pressures to take public stands on issues unrelated to their core business. How should CISOs, CIOs, and other security leadership deal with the risk that may arise because of it? Mon, 01 Aug 2022 11:27:04 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/security-risks-taking-stand So long, not goodbye https://revolutionaries.zscaler.com/insights/so-long-not-goodbye In her final episode, Field CTO Lisa Lorenzin delivers an inspirational tour de force of lessons from across her professional and personal life. Fri, 29 Jul 2022 17:57:46 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/so-long-not-goodbye The power of prediction: Harnessing AI and ML for cybersecurity https://revolutionaries.zscaler.com/insights/power-prediction-harnessing-ai-and-ml-cybersecurity Nobody needs more alert fatigue, false positives, data paralysis, and complexity. Now algorithms and automation are stepping up to do inferencing and risk modeling. The timing can't be better. Wed, 27 Jul 2022 16:23:14 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/power-prediction-harnessing-ai-and-ml-cybersecurity Learning not to step on Lego: Blast radius, cloud sprawl, and CNAPP https://revolutionaries.zscaler.com/insights/learning-not-step-lego-blast-radius-cloud-sprawl-and-cnapp Don’t blow up your attack surface in an effort to limit your blast radius. You’ll just increase your chances of stepping on the painful Lego that is a compromised asset. Choose the right CNAPP solution instead. Wed, 27 Jul 2022 09:40:00 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/learning-not-step-lego-blast-radius-cloud-sprawl-and-cnapp Edge computing and IoT: Security through zero trust https://revolutionaries.zscaler.com/insights/edge-computing-and-iot-security-through-zero-trust Though they're often used interchangeably, the internet of things (IoT) and operational technology (OT) refer to adjacent but fundamentally different technologies. They do share common characteristics - including their security challenges. Fri, 22 Jul 2022 13:45:53 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/edge-computing-and-iot-security-through-zero-trust Are conventional cybersecurity tactics leading you to defeat? https://revolutionaries.zscaler.com/insights/are-conventional-cybersecurity-tactics-leading-you-defeat Are conventional cybersecurity tactics leading you to defeat? Don't use traditional approaches to fight asymmetrical warfare. Adversaries can arm and train themselves for less than it costs an organization to protect a single employee. Mon, 18 Jul 2022 15:30:23 -0700 Daniel Ballmer https://revolutionaries.zscaler.com/insights/are-conventional-cybersecurity-tactics-leading-you-defeat If you can reach it, you can breach it https://revolutionaries.zscaler.com/insights/if-you-can-reach-it-you-can-breach-it TCP/IP protocol – the lingua franca of the internet – requires no authentication to establish a connection. That makes them vulnerable to zero day exploits. Mon, 18 Jul 2022 14:39:44 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/if-you-can-reach-it-you-can-breach-it How to talk tech, featuring Bill Lapp https://revolutionaries.zscaler.com/insights/how-talk-tech-featuring-bill-lapp An industry guru opens his bag of tricks for explaining technology to the business. Mon, 18 Jul 2022 07:15:16 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/how-talk-tech-featuring-bill-lapp Shifting focus from vulnerabilities to exploitabilities https://revolutionaries.zscaler.com/insights/shifting-focus-vulnerabilities-exploitabilities Headed into the second half of 2022, the rate of new cybersecurity threats is not slowing but accelerating. To optimize their defenses, security teams should prioritize exploitabilities over vulnerabilities. Fri, 15 Jul 2022 09:34:04 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/shifting-focus-vulnerabilities-exploitabilities SaaS, IaaS, and PaaS: What the shared responsibility model means for zero trust https://revolutionaries.zscaler.com/insights/saas-iaas-and-paas-what-shared-responsibility-model-means-zero-trust Consumers of cloud services opt for all different forms of delivery. What effect might the different models have on your zero trust rollout? Thu, 14 Jul 2022 12:24:34 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/saas-iaas-and-paas-what-shared-responsibility-model-means-zero-trust SSL inspection comes with great responsibility https://revolutionaries.zscaler.com/insights/ssl-inspection-comes-great-responsibility-0 The SSL/TLS protocol was designed to secure communication between only two parties Widespread abuse of this protocol, however, have made it necessary to inspect this traffic. Thu, 14 Jul 2022 11:58:14 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/ssl-inspection-comes-great-responsibility-0 If a recession comes, cut cyber professionals at your peril https://revolutionaries.zscaler.com/insights/if-recession-comes-cut-cyber-professionals-your-peril Fears of a recession are rising. Will cybersecurity investment suffer as a result? Mon, 11 Jul 2022 16:05:24 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/if-recession-comes-cut-cyber-professionals-your-peril To go far, go together: The value of collaboration in transformation https://revolutionaries.zscaler.com/insights/go-far-go-together-value-collaboration-transformation In episode 31, Zscaler Field CTO Pam Kubiatowski goes deep on key issues driving today's digital transformation challenges and success. Wed, 06 Jul 2022 12:38:49 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/go-far-go-together-value-collaboration-transformation CIOs reveal the secrets to thriving in an evolving workplace https://revolutionaries.zscaler.com/insights/cios-reveal-secrets-thriving-evolving-workplace Traditionally, a CIOs primary responsibility was cutting costs by creating or maintaining information systems that increased productivity. Today, cost-cutting is still a factor, but CIOs must also support key leadership initiatives. Thu, 30 Jun 2022 13:54:15 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/cios-reveal-secrets-thriving-evolving-workplace Cybersecurity spending and the roller coaster economy https://revolutionaries.zscaler.com/insights/cybersecurity-spending-and-roller-coaster-economy Is cybersecurity recession-proof? How should IT leaders prepare for a more turbulent world? All this and more in the latest episode of The CIO Evolution. Thu, 30 Jun 2022 08:59:58 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/cybersecurity-spending-and-roller-coaster-economy Lessons learned along the way to zero trust https://revolutionaries.zscaler.com/insights/lessons-learned-along-way-zero-trust In my role at Zscaler, when I talk with peers I tell them to learn from the lessons Larry and I experienced, both good and bad. So here are some tips for companies just beginning their zero trust transformation journeys. Wed, 29 Jun 2022 15:24:28 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/lessons-learned-along-way-zero-trust ThreatLabz June 2022 Report: Ransomware report, sextortion scams, new Lyceum APT backdoor, renewed Evilnum attacks, and PureCypter premier malware loader https://revolutionaries.zscaler.com/insights/threatlabz-june-2022-report-ransomware-report-sextortion-scams-new-lyceum-apt-backdoor ThreatLabz June 2022 Report: Ransomware report, sextortion scams, new Lyceum APT backdoor, renewed Evilnum attacks, and PureCypter premier malware loader. Fresh threat intelligence from global security provider, Zscaler. Thu, 07 Jul 2022 14:13:33 -0700 Daniel Ballmer https://revolutionaries.zscaler.com/insights/threatlabz-june-2022-report-ransomware-report-sextortion-scams-new-lyceum-apt-backdoor CSA and the pursuit of a zero trust ‘gold’ standard (podcast) https://revolutionaries.zscaler.com/insights/csa-and-pursuit-zero-trust-gold-standard-podcast This in-depth briefing with John Yeoh, Global Vice President of Research at Cloud Security Alliance highlights industry progress toward zero trust standards. Tue, 28 Jun 2022 12:25:15 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/csa-and-pursuit-zero-trust-gold-standard-podcast Security execs redefine threats facing the modern workplace - Zenith Live 22 recap https://revolutionaries.zscaler.com/insights/security-execs-redefine-threats-facing-modern-workplace-zenith-live-22-recap New insights pulled from big data reveal rising risks, supply chain complexities, and the double-edged sword of cybersecurity insurance. Mon, 27 Jun 2022 15:54:04 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/security-execs-redefine-threats-facing-modern-workplace-zenith-live-22-recap Ransomware rising: A look at ThreatLabz’ latest findings https://revolutionaries.zscaler.com/insights/ransomware-rising-look-threatlabz-latest-findings This year’s predicted increase in the severity and volume of ransomware attacks has come to pass. Zscaler’s ThreatLabz team found that attacks rose by 80% between February 2021 and March 2022. Tue, 28 Jun 2022 11:57:07 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/ransomware-rising-look-threatlabz-latest-findings NotPetya and learning the lessons of WannaCry https://revolutionaries.zscaler.com/insights/notpetya-and-learning-lessons-wannacry I recently wrote about my experience working as an IT architect for a Copenhagen-based multinational energy firm during the WannaCry ransomware attacks of May 2017. I didn’t know it at the time, but it was only a dress rehearsal. Sun, 26 Jun 2022 18:20:14 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/notpetya-and-learning-lessons-wannacry Strategies for surviving in a multi-cloud world https://revolutionaries.zscaler.com/insights/strategies-surviving-multi-cloud-world Bryan Green moderated a panel discussion on ways zero trust and secure service edge (SSE) mitigate security risk in a multi-cloud world. With him were NetJets CISO John Graham and IFF Director of Security Architecture Michael Strause. Wed, 06 Jul 2022 10:16:24 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/strategies-surviving-multi-cloud-world Choose zero trust for security and spend – a conversation on business enablement https://revolutionaries.zscaler.com/insights/choose-zero-trust-security-and-spend-conversation-business-enablement To Security and Beyond: Zero Trust as a Business Enabler was an interactive panel featuring Zscaler President Amit Sinha, PhD; Dhawal Sharma VP & GM, Product Management; and Nathan Howe, VP, Emerging Technology & 5G. Thu, 23 Jun 2022 13:43:37 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/choose-zero-trust-security-and-spend-conversation-business-enablement CXOs see blurring lines between teams - Zenith Live 22 panel recap https://revolutionaries.zscaler.com/insights/cxos-see-blurring-lines-between-teams-zenith-live-22-panel-recap Technical C-suite leaders stress cross-functional collaboration to securely transform infrastructure and services as customer and business demands rise. Thu, 23 Jun 2022 13:23:59 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/cxos-see-blurring-lines-between-teams-zenith-live-22-panel-recap RSAC 2022: An attendee's perspective on hot topics and the elephant in the room https://revolutionaries.zscaler.com/insights/rsac-2022-attendees-perspective-hot-topics-and-elephant-room Zscaler CISO - AMS Bryan Green braved crowds and his own reservations to be on the scene at RSAC this year. He joined hosts Pam & Lisa to discuss what he learned. Tue, 21 Jun 2022 13:19:25 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/rsac-2022-attendees-perspective-hot-topics-and-elephant-room Defending against email attacks means optimizing your team (not just your tech) https://revolutionaries.zscaler.com/insights/defending-against-email-attacks-means-optimizing-your-team-not-just-your-tech Though cybersecurity is a swiftly evolving field, one principle remains constant: it’s often much easier to fool people than to circumvent security tech. Tue, 21 Jun 2022 09:10:30 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/defending-against-email-attacks-means-optimizing-your-team-not-just-your-tech Fortifying cybersecurity in a time of war https://revolutionaries.zscaler.com/insights/fortifying-cybersecurity-time-war Russia’s invasion of Ukraine has had profound cybersecurity implications. Organizations should continuously refine their cyber defense strategies to avoid becoming collateral damage. Wed, 15 Jun 2022 09:59:37 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/fortifying-cybersecurity-time-war The CISOs Report: A spotlight on today’s cybersecurity challenges https://revolutionaries.zscaler.com/insights/cisos-report-spotlight-todays-cybersecurity-challenges In a new study by the Cloud Security Alliance and in partnership with Zscaler, 80% of C-level respondents said they consider zero trust a priority for their organizations. Read a CISO's take on the findings here. Tue, 14 Jun 2022 16:11:54 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/cisos-report-spotlight-todays-cybersecurity-challenges Public sector zero trust fundamentals: Moving ahead in uncertain times https://revolutionaries.zscaler.com/insights/public-sector-zero-trust-fundamentals-moving-ahead-uncertain-times In 2021, President Biden signed an executive order mandating government agencies adopt zero trust. Guidance, however, is limited. Zscaler leaders sat down with public sector security professionals to hear about their approaches to zero trust. Wed, 08 Jun 2022 09:37:35 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/public-sector-zero-trust-fundamentals-moving-ahead-uncertain-times C-SCRM and the C-suite: Securing executive buy-in for supply chain risk management https://revolutionaries.zscaler.com/insights/c-scrm-and-c-suite-securing-executive-buy-supply-chain-risk-management It's not enough for today's IT leaders to concern themselves with the security of their own organizations. They must now concern themselves with their vendors' security as well. Mon, 06 Jun 2022 10:34:37 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/c-scrm-and-c-suite-securing-executive-buy-supply-chain-risk-management Optimize incident response plans with smarter security tabletop exercises https://revolutionaries.zscaler.com/insights/optimize-incident-response-plans-smarter-security-tabletop-exercises A good TTX will reveal whether an organization can handle a specific class of attack. Mon, 06 Jun 2022 06:00:01 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/optimize-incident-response-plans-smarter-security-tabletop-exercises Lock down cloud applications with a CNAPP https://revolutionaries.zscaler.com/insights/lock-down-cloud-applications-cnapp CNAPP can be considered a logical extension of DevSecOps into the cloud. It puts security at the heart of cloud-based application infrastructures, rather than tagging it on as an afterthought. Thu, 02 Jun 2022 13:10:50 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/lock-down-cloud-applications-cnapp Anatomy of a threat with Zscaler CISO and ThreatLabz chief Deepen Desai https://revolutionaries.zscaler.com/insights/anatomy-threat-zscaler-ciso-and-threatlabz-chief-deepen-desai What is ThreatLabz? In this podcast Zscaler's global CISO sheds light on what it really takes to stay a step ahead of cyber adversaries. Wed, 01 Jun 2022 12:31:14 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/anatomy-threat-zscaler-ciso-and-threatlabz-chief-deepen-desai Understanding phishing today: Bad actors 'dialed in' on sophisticated attacks https://revolutionaries.zscaler.com/insights/understanding-phishing-today-bad-actors-dialed-sophisticated-attacks Listen in to a CISO deep dive into new phishing data and tactical analysis provided by the Zscaler ThreatLabz team and learn the latest tricks the bad guys use to get you to click. Tue, 31 May 2022 08:44:50 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/understanding-phishing-today-bad-actors-dialed-sophisticated-attacks ThreatLabz May 2022 Report: Annual phishing study finds over four-fold jump in phishing attacks in ‘21 for retail, Lazarus APT hits South Korea, AsyncRAT targets travelers, and PrivateLoader deep dive https://revolutionaries.zscaler.com/insights/threatlabz-may-2022-report-annual-phishing-study-finds-over-four-fold-jump-phishing The May ThreatLabz update: annual phishing study finds retail sector in the crosshairs, keeping tabs on the Lazarus APT group, targeting Thailand's travelers, and a crash course on PrivateLoader. Fri, 27 May 2022 15:20:47 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/threatlabz-may-2022-report-annual-phishing-study-finds-over-four-fold-jump-phishing Zero trust a ‘blueprint’ for next version of the internet, says CSA’s Jim Reavis https://revolutionaries.zscaler.com/insights/zero-trust-blueprint-next-version-internet-says-csas-jim-reavis Jim Reavis and the CXO REvolutionaries Editorial Team discuss the promise of the CSA’s Zero Trust Advancement Center Tue, 24 May 2022 16:24:40 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/zero-trust-blueprint-next-version-internet-says-csas-jim-reavis Stop advanced hackers cold with cloud-driven deception intelligence https://revolutionaries.zscaler.com/insights/stop-advanced-hackers-cold-cloud-driven-deception-intelligence Operationalize the MITRE Engage framework with Zscaler Deception and make your network a hostile environment for attackers. Sat, 21 May 2022 09:41:20 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/stop-advanced-hackers-cold-cloud-driven-deception-intelligence Adapting the cloud service model to today's needs https://revolutionaries.zscaler.com/insights/adapting-cloud-service-model-todays-needs Director of Transformation Strategy AMS - West Brett James updates a decade-old diagram from David Chou depicting cloud service models. Thu, 19 May 2022 08:24:36 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/adapting-cloud-service-model-todays-needs With multi-device FIDO credentials, you can now go all-in on passwordless https://revolutionaries.zscaler.com/insights/multi-device-fido-credentials-you-can-now-go-all-passwordless Apple, Google, and Microsoft recently announced plans to expand support for multi-device FIDO credentials. Their united support removes a major barrier to the uptake of passwordless logins among consumers. Wed, 18 May 2022 08:38:55 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/multi-device-fido-credentials-you-can-now-go-all-passwordless Firewalls: the good, the bad, and the ugly https://revolutionaries.zscaler.com/insights/firewalls-good-bad-and-ugly What is the difference between Zero Trust and a traditional Firewall? How about a virtual firewall? Find out in this episode. Tue, 17 May 2022 10:30:07 -0700 Chris Jablonski https://revolutionaries.zscaler.com/insights/firewalls-good-bad-and-ugly A customer-centric approach: the key to the innovation paradox https://revolutionaries.zscaler.com/insights/customer-centric-approach-key-innovation-paradox As a woman leader in tech, I had the honor of speaking before the elite group of women who make up part of the melting pot of technology and innovation that is Silicon Valley. Thu, 12 May 2022 16:44:52 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/customer-centric-approach-key-innovation-paradox Phishing is on the rise: What CISOs should know https://revolutionaries.zscaler.com/insights/phishing-rise-what-cisos-should-know New research by Zscaler's ThreatLabz team suggests phishing increased a startling 29% from 2020 to 2021. A CISO details what you should know about this growing threat. Thu, 12 May 2022 15:54:31 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/phishing-rise-what-cisos-should-know WannaCry five years on: Revisiting my revelation https://revolutionaries.zscaler.com/insights/wannacry-five-years-revisiting-my-revelation Five years after the WannaCry ransomware attacks, a former IT architect takes a look back at the lessons he took from that day. Wed, 11 May 2022 15:52:48 -0700 Kyle Fiehler https://revolutionaries.zscaler.com/insights/wannacry-five-years-revisiting-my-revelation