As organisations try to securely transform their networks and applications for a mobile and cloud-first world, Zscaler is helping customers every step of their journey.
Using zero trust principles, Zscaler helps IT move away from legacy network infrastructure to achieve modern workplace enablement, infrastructure modernisation, and security transformation.
Its flagship services, Zscaler Internet Access and Zscaler Private Access, create secure connections between users and applications, regardless of device, location, or network. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss. Distributed across more than 150 data centres globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform, according to the company.
Can you tell us about your role and responsibilities?
At Zscaler, I have three key roles. Firstly, I represent the organisation’s internal security to customers and prospects, including our certifications and audit processes. In addition, I carry out thought leadership with public speaking and writing on the topics which are important to Zscaler such as zero trust. Lastly, and probably my favourite, is using my 25 years of security practitioner experience to help customers get the most out of our platform and guide them with their overall security strategy.
What is your point of difference as a business?
Zscaler turns security architecture upside down by completely transforming the way its delivered. Previously, security was delivered at the network or host level – by choking traffic and impeding access, but Zscaler changes the architecture; security is applied to traffic, regardless of where it starts or ends. This has been a major mental shift for me, and others that have been in the industry for a long time, as it’s more universal and better overall.
What technology are you most looking forward to using more of?
The most exciting for me is leveraging more sophisticated tools which let us react more intelligently to security threats. Automated penetration test tools really start to simulate attacks in a better and safer way. Deception technology is also interesting, as until recently, I’d always thought it was for incredibly mature organisations. However, it actually has a place in less mature ones, because it allows them to have a very high fidelity security event stream.
What has been your career highlight prior to your current role?
In a previous role, I was essentially able to define what threat management meant, so my team and I created a threat intelligence management system. What I loved about this was being able to use multiple sources of threat intelligence, validate and verify them, and then start to remove whoever’s fidelity was very low, which I found to be fascinating. Other commercial platforms have been built since then, but for me, that was a major highlight as we were ahead of the curve and able to build something useful really early on in the market.
What has been your highlight in your current role?
Meeting and building relationships with some of those which in the past, I would have considered heroes. Being able to connect with global security CISOs from the top global 500 organisations, has been a huge highlight in my current role.
What is your leadership style?
My preferred style is leading through guided questions because I believe people learn so much more when they’re encouraged to come up with the answers themselves. Additionally, rather than simply telling customers what they should or shouldn’t do, we want them to recognise the path ahead of them on their own.
What exciting plans do you have coming up as an organisation?
We are refining and integrating our platform in exciting new ways. We can expect to see the future direction of the security industry with more intelligent controls and attack reduction. Going forward, our controls are going to become more intelligent and automated, which will make us less vulnerable to attacks.