As ransomware attacks evolve from encrypting data to stealing it, a zero-trust framework becomes increasingly critical. This approach replaces traditional security models with a “never trust, always verify” posture that treats every access request as a potential threat.
Zscaler Cloud implements its zero-trust framework by replacing outdated perimeter defenses with identity- and context-based access controls. These controls verify every user, device and application request as though it originates from an untrusted network, according to Deepen Desai (pictured), chief security officer of Zscaler Inc.
Zscaler’s Deepen Desai talks with theCUBE about the importance of a zero-trust framework in today’s digital landscape.
“This is one of the largest clouds where we’re protecting thousands of global customers,” he said. “Just to give an idea on the scale, we’re seeing close to 500 billion transactions daily. We’re extracting 500 trillion signals from it. Prioritizing a zero-trust framework becomes very important because you need to assume that employees may make a mistake and that identity may get compromised, that assets may get compromised. We saw about a 146% year-over-year increase in the number of ransomware attacks that were seen against these organizations that we blocked in Zscaler Cloud.”
Desai spoke with theCUBE’s Jackie McGuire at the Black Hat USA event, during an exclusive broadcast on theCUBE, News Media’s livestreaming studio. They discussed how Zscaler Cloud incorporates the zero-trust framework for enhanced cybersecurity. (* Disclosure below.)
A deeper look at the zero-trust framework
To prevent unauthorized access, limit breach impact and enhance threat detection, the zero-trust framework relies on three core principles. These principles are all deeply embedded in the Zscaler Cloud, according to Desai.
“When I talk to my CXO peers, I always use the four critical stages of the attack when they’re planning their zero-trust journey, but at a fundamental level, there are three principles,” he said. “One is ‘never trust, always verify.’ That’s where the identity piece comes in, the posture piece comes in. ‘Least privilege access’ as the access control, adaptive access control, which is risk-based [and] very, very important. Third is ‘assume breach,’ which is where ‘assume compromise’ fundamentally comes in.”
To prevent data theft, limit breach impact, block malware and reduce attack opportunities, the zero-trust framework follows four critical stages. They include reducing the attack surface, hindering compromise, stopping lateral movement and protecting sensitive data, according to Desai.
“With those three principles in mind, you should look at four stages,” he said. “One is to reduce your external attack surface. Number two is preventing compromise. This is where applying consistent security control, no matter where your users or assets are, whether the user is traveling … [or] in the office. Number three is eliminating the latter propagation phase — making sure you have truly implemented zero trust architecture with segmentation, where you’re not bringing users on the same network as the crown-jewel application. The last thing is [that] everyone is after your data.”
Here’s the complete video interview, part of News’s and theCUBE’s coverage of the Black Hat USA event:
(* Disclosure: Zscaler Inc. sponsored this segment of theCUBE. Neither Zscaler nor other sponsors have editorial control over content on theCUBE or News.)
Photo: News
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About News Media
Founded by tech visionaries John Furrier and Dave Vellante, News Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
