Zscaler’s CSO and Head of Security Research, Deepen Desai, recently discussed the latest advancements in AI, cybersecurity, and zero trust strategies during his talk at Zenith Live.
One of the key focal points of Desai’s presentation was the intersection of AI and cybersecurity. The Researcher explained the landscape of AI-driven attacks and how cybercriminals are leveraging AI to target enterprises. Stress has entered the equation around ‘can we keep up with criminals attacking us with AI vs the cyber community defending with AI?’
The answer is somewhere in the middle.
Desai made it clear on the defences in countering such threats, stating that companies should approach and harness the power of generative AI to detect and prevent potential breaches before they escalate.
Desai commented,
“And the goal over here is to harness the power of generative AI to prevent a breach before it progresses further.”
Desai explained Zscaler’s new product ‘Breach Predictor’, which combines generative AI with multidimensional predictive models to identify potential breach scenarios. Desai explained that this technology aims to preemptively predict and flag stages of breach scenarios within a company, allowing for proactive intervention.
Desai went on to say,
“We’re trying to combine generative AI with multidimensional predictive models to flag potential breach like scenarios before they progress further.”
My question was. But how does that work?
So many vendors are coming out saying we’ve integrated Gen AI or we can predict this or that. I’m always skeptical – but it’s worth asking the question.
Desai continued,
“Based on the intelligence that the team has compiled over the last 10 years, up here about 10,000 plus potential breach like scenarios, use that to train this AI breach prediction recommendation engine.”
The Researched explained that with all the real time traffic that they’re seeing in the organisation they take those transactions, feed it into their engine, and it’s able to point out where there may be a potential breach. For example: there is a high probability of threat actors or an attack campaign moving from stage A to stage B of a previously seen attack. Desai made it clear that this is not one a to one match, but these are variations of things that we have seen in the past which gives an indicator to predict a breach.
Another critical element discussed by Desai was Zscaler’s focus on zero trust architecture, aligning with the NSA’s zero trust security definition of “always verify, never trust.”
“You should explicitly verify with least privilege access, and you should assume breach scenarios. What would happen if this device that you’re using were to get breached? What’s the blast radius?”
Desai reiterated the need for a fundamental shift in the cybersecurity mindset, away from traditional VPN and firewall-based approaches to a zero trust model that prioritises user-to-app segmentation and proactive security layers such as cloud browser isolation and inline sandboxing.
Moreover, Desai touched upon the growing threat of ransomware attacks, highlighting the evolving tactics of cybercriminals who are now not only encrypting files but also exfiltrating valuable data from targeted environments.
Desai concluded with an exploration of the challenges and opportunities in the transition from traditional VPN-based approaches to a zero trust architecture. Desai enforced the need for a cultural and mindset shift within organisations to embrace proactive and more effective cybersecurity measures and to move away from outdated networking frameworks.
Why are people still using VPNs? Because people don’t like change and it’s easier said than done.
