|
|
|
|
|
|
|
How are you driving your business forward?
Kyle Fiehler, Sr. Transformation Analyst, Zscaler
CXOs’ responsibilities today transcend narrow categorizations like IT or security. They are expected to enable their organizations to achieve critical business objectives.
Ian Tan of SM Prime Holdings, one of Southeast Asia’s largest property development firms, views his role as critical to accelerating time to market.
Tan joined a recent Executive Connect Live to discuss data governance, ensuring a consistent end user experience, and navigating the intersection of IT and business goals. You can
watch a recording of the conversation or read a
quick recap.
The CXO REvolutionaries are keeping a close eye on how IT and security leaders' roles are shifting to meet growing expectations. Is the CISO role becoming too much for any one individual to tackle, for instance,
asks CXO Advisor
David Cagigal.
As always, we’re interested in hearing from CXOs about the changing nature of their work. To join in the conversation with accomplished peers, check out our lineup of
CXO-focused events coming this fall. We’d love to see you in Miami, Valencia, or a city near you for a world-class experience you’ll remember for years to come.
We hope to hear your take on the changing nature of your role along the way.
|
|
|
| |
From the Office of the CISO:
Data poisoning attacks: Sounding the alarm on GenAI’s silent killer
Sam Curry, Global VP & CISO in Residence, Zscaler
When researchers at software management company, JFrog, routinely scanned AI/ML models uploaded to Hugging Face earlier this year, the discovery of a hundred malicious models put the spotlight on an underrated category of cybersecurity woes: data poisoning and manipulation.
The problem with data poisoning, which targets the training data used to build AI/ML models, is that it's unorthodox as far as cyberattacks go, and in some cases, can be impossible to detect or stop. Attacking AI this way is relatively easy and no hacking in the traditional sense is even required to poison or manipulate training data that popular large language models (LLMs) like ChatGPT rely on.
Data poisoning can be used to make the AI model do your bidding. Or AI models can be convinced to give erroneous output by modifying the data sent into a trained model..
Learn how data poisoning and manipulation enable AI software exploits
|
|
|
|
|
Editor's Picks & Events
Zscaler has announced a pair of CXO Exchanges set to take place this fall. CXOs interested in joining the leading minds of IT & security in
South Beach, Miami on October 10-11 and
Valencia, Spain on November 21-22 should explore these unforgettable events. Join peers and Zscaler leadership for networking, skill-building, and strategic planning in top-tier destinations.
Learn more and sign up
|
Here’s a burning question I proposed to an audience I was presenting to at the recent Zenith Live ‘24 conference: Why does everybody seem to support threat-centric security conceptually, but few practice it operationally? To address this challenge, I joined a cross-functional team to pilot the “Zscaler MITRE ATT&CK MAPPING Program,” which maps Zscaler products, engines, controls, etc., against the scoring rubric from the Center for Threat-Informed Defense.
Mapping MITRE ATT&CK to common TTPs
|
Not long ago, companies were hesitant to disclose cyber incidents, fearing a backlash and damage to their reputations, and a loss of customer trust. In 2017, Equifax waited six weeks to disclose that sensitive customer information had leaked. But trends suggest the tide is turning, with more companies putting greater value on transparency and maintaining investor confidence.
A new era of cyber incident disclosures
|
With recent widespread IT outages, many organizations are evaluating their critical tech vendors’ strategies for resilience and disaster recovery. Join this briefing with Zscaler leadership to learn about business continuity planning and disaster recovery strategies, enhancing resilience against outages, and best practices for evaluating incident readiness.
Ensuring resilience for mission-critical clouds
|
Throughout my career, I always reacted to ideas of “zero trust” the same way. It sounds great in principle, but how do we execute on it? How do we demonstrate value? Pundits have been trying to define zero trust since the term was coined and even before, but how does one actually bring it about? For many, the term itself is still nebulous. For others, "zero trust" is synonymous with complexity.
Turning catalysts into zero trust transformations
|
|
|
|
| |
|
|
Podcast Center
Tune in and zone out to stories of digital business and cybersecurity excellence from across our CXO community.
|
|
|
Cloudy with a Chance of Trust | Ep. 53
ServiceNow veteran and current Zscaler CTO in Residence Venkat Lakshminarayanan joins host Pamela Kubiatowski to discuss IT's Holy Grail – a self-healing infrastructure. Venkat parses the differences between self-service, self-solve, and self-heal; explains how zero trust plays a role by simplifying the underlying architecture; and covers the essential role of AI/ML for pattern recognition and automated response.
Listen now
|
|
The CIO Evolution | Ep. 40
In the second part of a two-episode series, Zscaler CXO Advisor Bruce Lee shares how technology can drive innovation by drawing from his experiences at global enterprises to show how cloud infrastructure and zero trust security promote business growth and competitiveness. Along the way, he drops advice for CXOs about anticipating and preparing to be hit by innovation. So don't get too attached to any technology, he urges, even if it's the right capability today.
Listen now
|
|
|
|
|
|
|
|
|
|
|
Subscribe on YouTube: 
Follow us on Twitter: 
