Cloudy With a Chance of Trust

ServiceNow veteran and Zscaler CTO in Residence Venkat Lakshminarayanan returns to the show for part 2 on self-healing infrastructure. Venkat and host Pamela Kubiatowski discuss organizational considerations when pursuing highly resilient network architecture, including convincing leaders of the business benefits, equipping IT teams with the skills to build and maintain the environment, and the need to take calculated risks when replacing legacy technologies. Don't miss this fascinating follow-up to our first installment.

Salesforce veteran and current Zscaler CTO in Residence Venkat Lakshminarayanan joins host Pamela Kubiatowski to discuss IT's Holy Grail – a self-healing infrastructure. Venkat parses the differences between self-service, self-solve, and self-heal; explains how zero trust plays a role by simplifying underlying architecture; and covers the essential role of AI/ML for pattern recognition and automated response.

Why doesn't malware hop from smartphone to smartphone as with computers? That's the question that led former Airgap CTO Satish Mohan and his co-founders to a fundamental rethink of network segmentation. Mohan sat down with guest host and Zscaler CTO in Residence Sanjit Ganguli to discuss Airgap's origin story, challenges with traditional segmentation, and how a novel architecture helps to overcome them.

IT departments often battle the perception of being the "department of no.” In this episode, Zscaler CIO Praniti Lakhwara talks about her guiding principle of enabling every desk to be more productive while simultaneously managing the needs of the business. She discusses the CIO/CISO relationship, the biggest challenges facing CIOs today, the benefits of being “customer zero,” and more in this fascinating glimpse into the life of IT czar.

From missiles to your money, Regions Bank Senior VP of Cybersecurity Engineering Jay Patty has more than 20 years of cybersecurity experience protecting some of society's most important assets. In this episode, he recalls his career trajectory and the personal traits that keep him seeking cyber's toughest challenges. Tune in to learn critical differences between public and private sector cybersecurity, navigating complex compliance standards in regulated industries, and the crucial importance of having a hobby.

In her second sit-down with host Pamela Kubiatowski, Voya Financial CISO Stacy Hughes turns from the technical to the interpersonal. Hughes speaks as an industry advocate and mentor about the importance of going deeper than standard cyber awareness training, mentorship as "servant leadership," practical advice for dealing with the time constraints imposed on executives, and a few of the Atlanta-area organizations she supports.

What are CISOs to make of recent rulings against their colleagues and increasing scrutiny from the SEC, whose new reporting rules are dnow in effect? Host Pam Kubiatowski sits down with renowned Voya Financial CISO and FinTech veteran Stacy Hughes to discuss how the new rules affect incident response, the importance of CEO support, and considerations unique to the financial industry.

Without digital tools, there would be no business. We depend on popular collaboration apps like Slack, Teams, and Zoom to be up and running smoothly all the time, otherwise employee frustration mounts and productivity plummets.  Zscaler VP of Product Marketing Krishnan Badrinarayanan explains how digital experience monitoring tools must: Accommodate the 97% of organizations planning to make the transition to zero trust Transcend traditional silos between networking, security, and help desk teams Help to rapidly diagnose and remediate issues impeding employee productivity

From Microsoft to Salesforce, Syam Nair's work has left an indelible mark on the intersection of technology and business productivity. He recently joined Zscaler as CTO and EVP of Research and Development. In this episode, he relates lessons from the first 100 days on the job, the personal philosophies that guide his professional life, and what excites him most about the future of Zscaler from a technology perspective. His ability to inspire, engage, and be wholly life-enhancing is legendary among tech leaders.

When a prospect has trouble grasping the architecture underpinning zero trust, Zscaler calls in Brian Deitch. The Chief Technology Evangelist is known for his colorful technical whiteboarding sessions and passion for infosec. He joined the show to discuss his career, early experiments with social engineering, and influences on his distinctive style.

He never planned to climb the ladder of corporate technology leadership. But an obsession with hard problems led him down the path to becoming the CTO for South Africa's Capitec Bank. In this episode, learn more about Andrew Baker's career arc, including going from "my very first project was to remove Zscaler because I didn't see the value in it," to leading three successful zero trust transformations and becoming a Zscaler advisor.

Zscaler VP & GM of Product Management Dhawal Sharma joined the show to preview some of the innovations to be announced at Zenith Live '23 in Las Vegas and Berlin this June. But before he does, Dhawal provides a glimpse into the challenges and goals of product management teams, how they prioritize release roadmaps, and the importance of customer-centric innovation.

The big three cloud service providers are in an arms race to release new functions and win market share, which is great for innovation. On the flip side, orgs contend with misconfigurations, excessive entitlements, sensitive data exposure, unpatched vulnerabilities, and bindpsots across their asset inventories. Learn how the combined power of CNAPP and DLP can help you get back in control from Zscaler SVP & GM, Posture Control Rich Campagna.

Business continuity planning has become a board-level conversation. With so many resources now living in the cloud, outages threaten organizations' very survival. Host Pam Kubiatowski welcomes Harsha Nagaraju, Sr. director, product marketing to the show to discuss the features and capabilities Zscaler offers to enhance clients' resilience against minor and catastrophic failures of public cloud service providers.

Mergers and acquisitions in media, entertainment, and gaming are unique because users are in the driver's seat, and monetizing their engagement is the name of the game. Praveen Bhasin, managing partner at Tata Consulting Services rejoins Zscaler's Sami Ramachandran and host Pam Kubiatowski to discuss transactions in this dynamic sector, including how consolidation and 5G can reface the market landscape in coming years.

There are 44 countries and over 200 languages spoken in Europe, making for a complex place for organizations doing trade, complying with data privacy laws, and architecting a zero trust models. In this episode, returning guest Martyn Ditchburn, director of transformation strategy at Zscaler, says thinking globally but implementing locally while solving for real business challenges is what matters to success regardless of the economic climate.

Praveen Bhasin (Tata Consulting Services) and Sami Ramachandran (Zscaler) return for the second part of their M&A series, focusing on the trends in the rapidly transforming healthcare industry. Learn about notable transactions in the space, how greater value is extracted from speeding up integrations, and the ingredients needed that make deals successful today.

If you've ever sat on a couch or put on a jacket, chances are you've experienced a product from Coats. Ben Corll, former VP of cybersecurity for the more than two-century-old industrial thread manufacturer joins the show to talk about leading the company's digital transformation. He discusses gradually adopting a zero trust mindset, why his biggest hurdle wasn't a technical one, and how he ultimately ended up joining Zscaler.

Scalability may just be cybersecurity's saving grace, and AI can enable it. Howie Xu, Zscaler VP of machine learning and AI, explains how his team is going the distance to solve one of cybersecurity's thorniest problems: augmenting human intelligence where it would otherwise be spread too thin. Tune in to learn how collaborating with domain experts allows algorithms to keep pushing the limits of threat discovery, intrusion detection, and policy configurations.

Praveen Bhasin, Managing Partner at Tata Consulting Services (TCS), shares insights from his book of business and is bullish about life sciences, manufacturing, healthcare, and retail. In this episode, he joins Sami Ramachandran, Zscaler Managing Director, M&A, Divestiture, and Private Equity, and show host Pam Kubiatowski to discuss TCS's role in M&A transactions and the underlying market conditions that drive them.

Pam and Brad dissect their recent discussion with NIST Fellow Ron Ross (episode 34) and provide advice for applying the guidance in the special publications he helped develop. Listen to this complimentary deep dive to learn how best to apply controls, properly differentiate and value your data assets, rank and classify your apps, and manage risk by using cybersecurity standards.

The cybersecurity world can be divided into two halves--one above the waterline and one below it, says NIST's Ron Ross. Whereas certification & accreditations (C&As) and assessment & authorizations (A&As) have focused on the former, more needs to be done below the surface to better safeguard hardware, software, and firmware. In this special episode, Ross explains the role of security systems engineering in that effort while taking host Pam Kubiatowski and CISO - Americas Brad Moldenhauer on an insider journey across the origins of standards, including SP 800-37, SP 800-53, FIPS 200, and FedRAMP.

In this episode, co-host Lisa Lorenzin reveals she is embarking on the next step of her own transformation journey. She looks back on a nearly 30-year career in IT, from the help desk to Field CTO. Lorenzin covers milestones and learnings she picked up along the way, including her zero trust "aha moment" and the changing role of women in IT.

The man without a title joins hosts Lisa Lorenzin and Pam Kubiatowski to discuss the art of talking about technical topics with non-specialists. The master communicator says he stays focused on the “why” when trying to explain complex technologies – and discusses how virtual whiteboarding can be more effective at making a case for an IT purchase than doing it in person.

In this episode, Lisa Lorenzin hands the microphone to co-host and fellow Field CTO Pam Kubiatowski. They explore Pam's experience on topics spanning the "great resignation," soaring SaaS adoption, the importance of user experience, technical debt, and the ever-present pressure to cut costs. For those who've already begun their transformation, technology exists to address these issues. But too many organizations are still waffling on taking the first steps. Just joining the conversation is a good start.

Zscaler CISO - AMS Bryan Green braved crowds and his own reservations to be on the scene at RSAC this year. Afterward, he joined Pam & Lisa to discuss popular topics – including identity and access management, securing cloud workloads, and managing third-party risk – and draw parallels between COVID-prevention best practices and zero trust strategies. Listen now.

Zscaler CISO and VP of Security Research and Operations Deepen Desai has a big job. He's not only responsible keeping Zscaler secure, he's also tracking the pulse on the global threat landscape and ensuring customers around the world are protected. Desai joins hosts Lisa Lorenzin and Pam Kubiatowski to explain the objectives of ThreatLabz including performing cybersecurity analyses, issuing special reports on pressing topics like phishing and ransomware, and sparking conversations on developing threats.

When it comes to firewalls, things are...complicated. In this episode, Pam interviews Lisa to get at the heart of the dangers and drawbacks of using these legacy network protection tools. Traditional firewalls can't do zero trust, but they can coexist with your modernized infrastructure as you begin your journey. Listen now to learn more.

Did you know having a VPN is like getting bombarded with robocalls because you decided to have your phone number listed in a telephone directory? According to Tony Paterra, SVP Emerging Products at Zscaler, with VPN you're choosing to be a beacon for threats. In the latest episode, he joins Lisa and Pam to get to the essence of doing zero trust the right way, including the role of inline inspection of web applications, cloud and ML-powered intelligent policy, and active defense. Listen now to learn why ZTNA - minus the "N”- could be the best way to renovate your IT and cybersecurity “house”.

Nobody can outrun a bear. We're advised to stand tall, wave our arms, and talk loudly, yet calmly - but it might be easier to distract the bear, or to just not let him see you in the first place!  In cybersecurity, attackers and threats are hard to outrun using traditional network protections. In this episode, Pam and Lisa explore new approaches that make it unnecessary to run and instead confidentially secure your modern, cloud-enabled, perimeter-less environment - so it's out of sight and out of the danger zone, leaving others less fortunate to "run from the bears."

The "Wild West" is a term organizations sometimes use to describe the unregulated cloud environments they encounter along their transformation journeys. Compared to established public clouds with well-defined security guardrails, these lawless environments are often built by unknown dev teams and operate like black boxes for users. Even among the "big three" cloud service providers, there are hundreds of services on offer that complicate the task of securing them.

On this episode, our guest Misha Kuperman, Zscaler SVP cloud operations and ecosystem, returns for an update on the Zscaler cloud. He shares a platform review, thoughts on top issues like supply chain threats and geopolitical risks, and the implications of the Cold War between the West and China - exacerbated by the FCC's decision to revoke Chinese telecoms' authorization to operate in the US, citing national security.

Cybersecurity is often cited as a key obstacle for expanded cloud and multi-cloud migration, but what if the opposite is true? What if security delivered via the cloud can harden your entire enterprise information technology architecture? In this episode, Pam and Lisa confess their hesitations about moving to the cloud early in their careers, given the complexity, and walk us through how that changed. They detail how you can use the cloud to accelerate your application transformation while reducing risk and improving visibility. The conversation includes the evolution of user-to-app and app-to-app access as well as the role of cloud security posture management (CSPM) and cloud infrastructure entitlements management (CIEM).

Guest Martyn Ditchburn, director, transformation strategy at Zscaler, joins Pam and Lisa to recount his zero trust journey across the merger of companies, on- and off-network protection, and the COVID-19 transition. Using a modern approach to connect and secure users and apps in the cloud can radically speed up time to value for M&A, streamline the admin overhead, and simplify the user experience.

Operational technology leaders are at crossroads as the digitization of the industrial world accelerates. In one direction is the legacy "IT-centric" approach to data security that is ill-suited for OT and IoT systems. The other is extending the zero trust model to devices, effectively hiding hard-to-access and hard-to-patch, agentless IP-enabled sensors and data-generating assets from the Internet and shielding them from your attack surface. In this episode, Pam, Lisa, and guest Deepak Patel from the Zscaler Office of the CEO detail why zero trust is the best path forward for plant and factory owners to secure their assets and be more agile and resilient.

With 19 episodes in the rearview mirror, Lisa and Pam consider zero trust from a wider perspective, reflecting changes in hybrid work and solution maturity. Inspired by recent customer discussions in the field, they discuss how organizations are applying zero trust protection on-prem through tools such as Zscaler Private Access (ZPA), and how related advancements - such as automated granular policy and access controls, and visibility into user experience - are pointing to a future of a unified and complete zero trust solution for remote and in-office workers. 

If your malware problem is eclipsed by your adversary problem it's time for active defense. In this episode, guest Sahir Hidayatullah, VP, Active Defense at Zscaler, covers the latest strategies for marrying zero trust with active defense and how the Zscaler Zero Trust Exchange helps make it seamless. Listeners get a brief history of the origins of honeypots and intrusion deception, and a compelling case for baking fake attack surfaces into the architecture of zero trust to help supercharge security frameworks with protection, detection, and response.

Lisa and Pam shift gears to walk through their career milestones through the lens of coaching and mentoring and the influence of key individuals in both their professional and personal lives. Heartfelt and candid, they open up to share valuable stories about continuous improvement, career development, and empathetic leadership.

How different is zero trust for federal agencies as compared to the private sector? To find out, Lisa and Pam invite guest Zscaler Federal CISO, Danny Connelly, who has been on both sides of the fence. The three experts share advice on separating hype from reality when evaluating approaches to IT modernization, and why square one of your foundational zero trust knowledge should start with NIST and CISA.

You can never know enough about the performance of your SaaS and critical applications and the best source for insights is from the end-user perspective. Modern toolsets use this approach to help teams diagnose issues and enhance the experience in ways legacy troubleshooting technologies can't. In this episode, Lisa and Pam welcome guest Sanjit Ganguli, VP, Transformation Strategy at Zscaler and one of the industry's top experts in digital experience monitoring to explain the latest advances that allow customers to improve the performance of not just public cloud-based apps, but private apps as well, a longtime struggle for IT teams in the remote work era.

Internet connectivity with mainland China is strictly regulated by the government, with sweeping laws banning many types of content and sites, and ongoing traffic inspection. The patchwork of technical and regulatory requirements results in “choke points” for content providers and their customers, who grapple with application availability and performance issues. To help make sense of it all, Zscaler SVP of Cloud Operations & Ecosystems Misha Kuperman speaks with Lisa and Pam, explaining why the country is such a dynamic landscape and the role Zscaler plays to help customers with operations there.

The modern workplace is now up to every organization to define. Enabling it, however, means the same thing: secure user access to apps and data with full visibility and granular control without compromising a seamless experience wherever that experience takes place. In this episode, Lisa and Pam offer advice on how to deliver remote access in a hybrid environment, pull back on the risks tolerated over the last 18 months, and how legacy technologies, such as VPN and VDI can hurt more than help.

5G means a lot of different things to different people and there's a world of difference between it and previous wireless generations. In this episode, Pam and Lisa interview Nathan Howe, VP of Emerging Technology at Zscaler, who covers the specific points of differentiation that every enterprise technology leader should know about as they plan for the future.   

Lisa and Pam discuss the most interesting things they heard at Zenith Live 2021 this summer - innovations, customer insights, and more - plus how to access the conference presentations on-demand.

Lisa and Pam discuss what segmentation means, why it's important, why it's difficult, and how approaches to segmentation have evolved as cloud and mobility have driven new workflows.

Don't forget to register for Zenith Live at www.zenithlive.com

Lisa and Pam talk about the Executive Order that President Biden recently signed to improve the nation's cybersecurity and protect federal government networks. This will help the federal government avoid and respond to malicious events like the one a week ago for the East Coasts pipeline. What does this Executive Order do, and why is everyone so excited about it?

Topics Covered:How does transitioning to SASE change a typical organization structure Why are people transitioning to SASE? People and apps are anywhere now… Need to be agile, and enable the business  What are some of the things to think about prior to starting the journey Focus on your technical staff not only the skills but their mindset...are they open to change and what that means The relationships and dependencies between various groups such as Cyber and Network What areas may be lacking with this change Do you have legacy environments Do you have the right visibility Do you recommend doing a POC and what should someone focus on or look for? Don't only think about what is working and what isn't think about how the change will be operationalized What type of training can you get for IT and offer for all IT Look at the logs determine what logs you would start with and add to them later What would you tell someone who hasn't started  You will uncover the sins of the past just set expectations Identify a partner that can help walk you through your journey, as you don't know what you don't know..look for those who have an idea

We recap our digital event on April 20th - Seize the Zero Trust Moment Jay - overview / market / move to Zero Trust Zero Trust Exchange - modern architecture Part of your zero trust ecosystem - API integrations Problems we solve Modern workplace enablement: work from anywhere, great user experience Security transformation: cyber threat protection, data loss prevention Network transformation: transform hub & spoke, take zero trust to the world of the cloud Amit - platform / innovations Private Service Edge Cloud Browser Isolation New public APIs Kavitha - people / enabling IT leaders Zero Trust Academy… advance their skills in best practices REvolutionaries….connect leaders in a community to share journeys and get updates on others   Punit - process / validated designs Identity (Microsoft) Context (Crowdstrike) Automation & remediation (Splunk) Next steps Watch on demand - https://www.zscaler.com/zero-trust-moment  IT executive - check out REvolutionaries - https://revolutionaries.zscaler.com IT practitioner - enroll in Zero Trust Academy - https://www.zscaler.com/resources/training-certification-overview Everyone - join us in June for a deeper dive into Zero Trust at Zenith Live - https://www.zscaler.com/zenithlive

How Zero Trust has evolved over the past decade - Pam interviews Lisa on: Where does the term Zero Trust come from? Gartner talks a lot about ZTNA and SASE - is it the same thing?  Why didn't it take off when it was first introduced? What does it mean today? And is it the same for all? Where do you see companies struggle with moving to a Zero Trust architecture?