On Tuesday 15th, November, I co-hosted Zscaler’s CxO Roundtable event, held at the always-elegant Rockpool Restaurant in Sydney, Australia.
In attendance was Kavitha Mariappan, EVP Customer Experience & Transformation, straight from Silicon Valley, accompanied by colleague, Heng Mok CISO for APJ, along with a select cadre of senior technology executives from the region.
With new cybercrime reported in Australia around every eight minutes, according to a recent Australian Cyber Security Centre report, the need for IT and security executives to work together and stand against this rise in cyber threats and data breaches has never been stronger. To this end, Zscaler is leading a new initiative by inviting their team to participate in a series of CxO events to foster these vital conversations.
Kavitha Mariappan shared her insights into what’s been happening in the United States, and how we might learn from the US on their approach to technology as we traverse an increasingly digitised world;
“What I see happening in Australia is the advent of a ‘new normal’ — a high volume of cyber attacks, a distributed, remote workforce, and an increase in enterprise cloud adoption for users and workloads — these trends all very much mirror what we’re seeing globally,” Mariappan said.
“Transformative IT and security leaders have realized that legacy castle-and-moat defenses will no longer protect them. They’re shifting focus from network security to zero trust security, considering identity, behavior, policy, and authentication to vet everything on their networks to ascertain appropriate access levels and privileges.”
As an industry, we need to be facilitating more conversations to talk through topical issues and what keeps Executives ‘up at night’ to provide a structure and a more collaborative approach to solving these challenges.
It can be lonely at the top, as Executives are under greater pressure due to the recent large Australian breaches. The focal point of this gathering was to talk through the spotlight generated by security being so visible in the news these past months. Boards are putting security in a rare place of primacy, and the additional attention – while in many respects contributing to mounting executive pressures – is also quite welcome as we see cybersecurity finally getting the attention it deserves.
It was opined by the group that security is more than just a series of tick boxes. How we manage being compliant, staying on budget, and getting ahead of the attackers with optimal deployments of security solutions is not an easy task, and one that needs to be approached judiciously.
Mok, drew on some of his strategies previously working on the client side as a CISO;
“We need to resist making ‘collective defense’ just another buzzword. It needs real teeth. That means both formal and informal information-sharing arrangements, peer groups, and conversations like this one. We should be thinking of our security colleagues not as business competition but as additional sets of eyes out in the field,” Mok said.
We need to be able to facilitate conversations in a peer-to-peer format to share what’s working, what’s not, and what’s on the horizon, to tackle some of the most pressing and omnipresent cyber challenges. Not enough conversations across industry at the C-Level are being held in an open forum, where issues are discussed fruitfully, and every possible answer or idea aired is not dissected with the sole intent of finding fault or an angle for thought-leadership contrarianism, as is the way of most online platforms. Instead, Zscaler is determined to help lead these conversations, and help executives cooperate in what is definitively not a zero-sum game of improving our collective security posture.