As the frequency and cost of cyber attacks are rising, so has the scale of enterprise infrastructure that is distributed across the globe and vulnerable to attack.
Technology trends like the Internet of Things (IoT), edge computing, and multicloud development make it harder for organizations to rely on the cybersecurity solutions that worked for their legacy on-premises infrastructure.
So what options do enterprises have when they’re working to secure a more fluid collection of devices, software, and users?
Deepen Desai — CISO and VP of security research at San Jose, California-based Zscaler, a top zero-trust company — offered Datamation some tips for better securing modern enterprise networks through zero-trust best practices:
Desai is responsible for global security research operations and working with product teams to ensure that the Zscaler platform and services are secure. Deepen has been a cybersecurity leader for 16 years, with seven of those years at Dell SonicWALL.
Also read: Cybersecurity Market 2021
Cybersecurity as a Career
Datamation: How did you first get started in or develop an interest in cybersecurity?
Desai: I took on a project of developing an anti-cheat client for an online gaming community. This was my first exposure to the world of Microsoft Windows APIs, DLL injection, and reverse engineering.
Although it started with a tool that catches hacks and exploits in an online gaming application, I was intrigued by the possibilities of making the operating system and applications more secure.
Datamation: What are your primary responsibilities in your current role?
Desai: As chief information security officer and VP of security research, I work closely with our product teams to ensure that the Zscaler platform and all our customer services are secure. I also lead our global security research operations, building next-gen detection technologies and running our ThreatLabZ research team.
Datamation: What makes Zscaler a unique place to work?
Desai: Zscaler is responsible for securing more than 400 of the Forbes “Global 2000” companies, providing zero-trust security products and services to some of the world’s most complex networks.
Our founder and CEO, Jay Chaudhry, emphasizes research and workplace flexibility, creating an environment that’s geared towards fostering innovation and excellence in customer service.
Developing a Strong Cybersecurity Strategy
Datamation: What sets Zscaler’s cybersecurity solutions or approach apart from the competition?
Desai: Zscaler’s zero-trust security products accelerate digital transformation, so customers can be more agile, efficient, resilient, and secure. A cloud-native, proxy-based architecture allows the Zscaler Zero Trust Exchange to protect thousands of customers from cyber attacks and data loss by securely connecting users, devices, and applications in any location.
Distributed across more than 150 data centers globally, the SASE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.
Datamation: What do you think makes a cybersecurity platform or service successful?
Desai: The most important part of any security platform is the architecture. A purpose-built, cloud-native, proxy-based architecture allows organizations to scale and apply consistent security with full SSL inspection, without having to worry about compute resources.
In addition, the best cybersecurity platforms must be able to do three things well:
- Prevent compromise: block the latest security threats by providing consistent security to all users and devices, no matter where they are.
- Prevent lateral threat movement: block threats from spreading laterally in your environment by implementing user-app and app-app microsegmentation and leveraging active defense technology.
- Prevent data loss: cybercriminals are after your data, and it is critical to have an in-line and out-of-band data loss prevention solution that is capable of performing exact data matching with custom dictionaries, among other things.
Datamation: What is an affordable and/or essential cybersecurity solution that businesses of all sizes need to implement?
Desai: Due to the changing security landscape and the growing variety of cyber attacks, I always recommend that businesses evaluate their infrastructure to see if they can deploy a zero-trust security framework. Zero-trust solutions secure user activity and application workloads more effectively than VPNs and prevent lateral threat movement that can result from malicious actors breaching legacy perimeter defenses via phishing, malware, or user error.
Datamation: What is the biggest cybersecurity mistake that you see enterprises making?
Desai: The biggest cybersecurity mistake I see enterprises making is having a legacy network architecture, lack of microsegmentation, and bringing the remote users on the same network via legacy VPNs. This allows an adversary to compromise an entire business operation just by successfully compromising a single user machine and performing lateral movement.
Datamation: How can companies develop a strong cybersecurity strategy that permeates staff actions at all levels?
Desai: At its core, the concept of zero trust is simple: assume everything to be hostile. Unless workloads have been identified by a set of attributes — a workload fingerprint or identity — they are untrusted and blocked from communicating. In that sense, it has to be an all-or-nothing approach or it becomes inherently insecure.
This means that employees of all levels, from the CEO down, need to be on board with the deployment of zero-trust security protocols and policies. In some organizations, this requires fundamental changes to business culture, but failing to make these changes means creating an insecure environment vulnerable to cyber attacks.
More on zero trust: Top Zero Trust Networking Solutions for 2021
Trends in Cybersecurity
Datamation: What do you think are some of the top trends in cybersecurity right now?
Zero-trust security architecture is growing in popularity as traditional VPNs and firewalls fail to stop attackers from breaching enterprise networks. Earlier this year, an average payout for a ransomware attack passed the $1.45 million mark, and many businesses are now playing catch-up to ensure their data stays secure.
I believe that we’re currently seeing a shift away from traditional castle-and-moat security architecture and a wider adoption of zero-trust infrastructure that treats every workload and user as potentially hostile. This approach provides a safer way of maintaining enterprise-grade networks and providing access to remote users in the cloud.
Datamation: What are the top cybersecurity challenges for businesses right now? What are some trending threats or attacks that you’re seeing?
There are several cybersecurity challenges that the Zscaler ThreatLabZ research team has been tracking. One of the most pressing issues is the growth of double-extortion ransomware, which is a type of ransomware attack defined by a combination of unwanted encryption of sensitive data by malicious actors and exfiltration of the most important files. Earlier this year, our research team published an extensive report on the growth of ransomware attacks, which are becoming increasingly prevalent in all markets, as sophisticated hacking groups try to extort businesses by holding their data hostage for ransom.
Another prevalent challenge for businesses is the growth of IoT devices in the workplace. The diversity and number of devices now present across many businesses creates net-new security challenges that many IT teams are not prepared for. The lack of device interoperability is particularly challenging, as many IoT devices have proprietary ecosystems with varying levels of embedded security.
Datamation: What do you think we’ll see more of in the cybersecurity space in the next 5-10 years? What areas will grow the most over the next decade?
Zero-trust security architecture adoption will grow significantly over the next 5-10 years. We will see enhancements of adaptive security policy engines and tighter integrations aimed at preventing threats in progress.
I anticipate almost all major organizations will be implementing active defense technology that helps detect and block post-compromise adversarial activity, which is critical in preventing a large-scale breach.
Datamation: What industries do you think do a good job of maximizing cybersecurity technologies and best practices? What do you think they do well?
Regulated industries like banking and government generally have better security than others, but the deployment of zero-trust security products continues to be uneven. In addition, the technology industry is better equipped than others to deploy new security products simply due to the fact that its culture is already geared towards the adoption of new technology.
Datamation: How has the COVID-19 pandemic affected you/your colleagues’/your clients’ approach to cybersecurity solutions? How has the pandemic affected attackers’ strategies?
The COVID-19 pandemic has been a catalyst for many organizations in their digital transformation journey, as they suddenly had to support a remote workforce while maintaining existing security policies. This shift motivated many to move network infrastructure into the cloud, creating opportunities to integrate new security features many IT teams had put off due to competing priorities. However, it also created brand new opportunities for cybercriminals as organizations were in different stages of their digital transformation journey, and deployment of new security features, as well as zero-trust architecture, was uneven. This imbalance created confusion among workers used to legacy castle-and-moat firewalls and exposed network assets that have never been exposed before.
An Expert Perspective on the Market
Datamation: How have you seen the cybersecurity solutions market change since you first started? How have the technologies, services, conversations, and people changed over time?
Next-generation firewalls and unified threat management appliances were new to the scene when I started, then came a decade of several interesting point-product technologies, ranging from sandboxing to UEBA to AI/ML-driven solutions. Many of these solutions were solving a few important pieces of the puzzle but were often found to be operating in silos, putting the burden of event correlation and management on IT and security teams. As the threat landscape evolved, many of these disparate and legacy security controls started proving to be ineffective, resulting in several large-scale breaches surfacing, many of which stayed undetected for a long time.
We are now living in the era of digital transformation, where most organizations understand the importance of having a comprehensive security platform and using zero-trust architecture to defend against sophisticated attacks. The goal is to enforce consistent security policies for all your users and devices regardless of their location and provide secure access to the internal application using user-app and app-app segmentation.
Datamation: How do you stay knowledgeable about trends in the market? What resources do you like?
Learning is a continuous process and even more so in the field of cybersecurity, where the threat landscape is continuously evolving.
I am subscribed to several dozen security feeds ranging from CERTs to CISA to various security vendor blogs. It is critical to keep up with the tools, techniques, and procedures being leveraged by cybercriminals in active attack campaigns to ensure that our security controls and threat intelligence are effective.
Datamation: How do you like to help or otherwise engage less-experienced cybersecurity professionals?
Security research, threat hunting and analysis, reverse engineering malware, and threat intelligence are some of the specialized areas that cybersecurity professionals will learn and grow expertise over the course of their careers.
It is extremely important early on in their career to encourage building strong fundamentals in the underlying tools and technologies. It is also important to show the impact of the work they do in protecting organizations from cybercriminals; this is one of the key motivating factors.
Datamation: Several people are talking about a shortage of qualified talent in the tech world. How are you/your company finding and recruiting qualified candidates for your cybersecurity teams?
There is a clear shortage of cybersecurity professionals, and Zscaler is proud to collaborate closely with universities and other institutions to increase the number of experts in zero trust and SASE through custom-made certification programs.
One example is our partnership with the New York University Tandon School of Engineering and their prestigious master of science in cybersecurity risk and strategy. This partnership helps students gain practical, first-hand knowledge of secure access service edge (SASE) and zero-trust best practices using Zscaler tools.
Zscaler also has highly focused recruiting teams, which are always looking for diverse talent with non-traditional backgrounds. We believe that great employees can come from many places and are happy to support potential employees that share our company values.
Work & Life
Datamation: What do you like to do in your free time outside of work?
I like reading books, playing badminton, and love hiking trips with my family over the weekend.
Datamation: If you had to work in any other industry or role, what would it be and why?
If it wasn’t a role in cybersecurity dealing with digital threats and viruses, I could see myself working in the field of medicine, tackling physical viruses and neutralizing threats to the human body.
Datamation: What do you consider the best part of your workday or workweek?
The best part of my work week involves investigating an active targeted threat campaign and helping our customers stay secure.
I also enjoy speaking to security leaders at our customers’ companies — learning from them, sharing my experiences, and solving complex security problems.
Datamation: What are you most proud of in your professional life?
On the professional front, I am really proud of all the threat-detection technologies that I have contributed to building and seeing in action, securing several organizations worldwide from cyber attacks.
Also, I have had the opportunity to hire, train, and work with some of the brightest talent in cybersecurity over the course of the last 17 years, and I am really proud of the progress many of them have made in the field.
Read next: Key Cybersecurity Trends 2021