https://www.zscaler.jp/ Zscalerのブログ — クラウド セキュリティに関する最新のニュースや見解 ja https://www.zscaler.jp/blogs/company-news/ams-executive-partner-summit-recap After hosting more than 100 partner executives at our Zscaler Executive Partner Summit, we are going into this week feeling both immensely grateful and highly energized. Time is our most valuable asset, and having the opportunity to engage with so many of our partner leaders from across the Americas was a humbling and inspiring experience. During the two-day summit, we showcased to our partner executives the ongoing strategic investments that Zscaler is making in our Partner Ecosystem and how we can help them continue to grow and accelerate their business with us. Our internal teams have certainly experienced the momentum and vision that we have for our Partner Ecosystem. Being able to host senior executives from our most strategic partners to share that vision with them, experience the excitement together for the opportunity that lies ahead, and discuss the momentous milestones that we’ll soon conquer together truly ignites our teams as we propel towards our joint-mission and goals. As Zscaler continues to grow and evolve on our journey to $5 billion ARR, we’ve welcomed many new leaders across our global organization. With their experience, talent, and fresh perspectives, we’re accelerating like never before. At the same time, our focus on partners has never been stronger—we’re implementing new, elevated strategies that will unlock growth opportunities for our partners, forging both greater partner alignment, innovation, and unprecedented business momentum. From global partner engineering and M&A to customer success, business development, sales, and beyond, every corner of Zscaler is investing in and aligning on partner success in new, dedicated ways. Our goal is to ensure that as Zscaler grows and succeeds, our partners excel alongside us. Beyond the executive presentations, technical breakout sessions, and impactful 1:1 meetings throughout the summit, we couldn't miss an opportunity to properly celebrate everything our partners have accomplished this year. We celebrated their achievements and successes in a night of Yacht Rock sailing the night away with live music, dinner, and discussions as we looked towards our exciting journey together in our next phase of monumental growth. Reflecting on the event, we are filled with gratitude and confidence in what lies ahead for our partner organization. We are fortunate to work with some of the greatest leaders and partner organizations in the world. It’s exciting to welcome amazing new leaders as we continue to make smart investments in partner success; delivering predictability and more opportunities than ever before for our Zscaler partners to win alongside us. Want to experience the excitement and energy at this year’s Partner Summit? Check out the complete recap video above! Thu, 25 4月 2024 10:35:51 -0700 Karl Soderlund https://www.zscaler.jp/blogs/company-news/ams-executive-partner-summit-recap https://www.zscaler.jp/blogs/company-news/zscaler-digital-experience-just-got-smarter-and-wiser-introducing-new-ai Businesses rely on technology to keep employees productive - organizations with 250+ employees use more than 100 SaaS apps, and todays’ end users expect flawless digital experiences when interacting with customer support, placing orders, or using online services. IT teams are the bedrock of these businesses, keeping their technology running smoothly. They must ensure that all networks, applications, and services - even those that they don't control - are always on and reliable. To this end, Zscaler is excited to introduce three new advancements that will significantly help IT teams improve efficiency, visibility, and collaboration across IT operations, service desk, and security teams. Copilot is an AI Assistant that leverages cutting-edge generative AI to answer all your app, network, and device performance questions, and offer domain-specific expertise. Hosted Monitoring enables you to continuously monitor applications and services from Zscaler-hosted, globally distributed locations to help you ensure that no customer or employee suffers from poor digital experiences. Data Explorer enables you to easily build and share customized reports that visually correlate data drawn from diverse datasets for uses ranging from troubleshooting to demonstrating IT’s impact on business performance. To learn more about these innovations, read on and watch the launch webinar where we dive deeper into these capabilities, why they are important for IT and security teams, and how you can use them. Introducing ZDX Copilot: Your AI-powered Assistant Unlike endpoint and network monitoring tools, Zscaler Digital Experience (ZDX) gathers performance metrics from 500T daily signals, and 390B daily transactions, across end user devices, networks, and applications. This simplifies your monitoring stack with a consolidated view and makes it easier to detect and fix performance issues. IT teams have to grapple with vast amounts of performance data across devices, networks, and applications. So, in May 2023, we introduced AI-powered problem detection and root cause analysis to help them accurately detect performance anomalies that can impact digital experience and make it significantly easier to isolate root cause of issues, fix them quickly, and put employees back to work faster. Today, ZDX Copilot takes us a step farther. ZDX Copilot, your AI assistant, unlocks productivity for IT teams by empowering them to get the information they need using a simple sequence of questions. Teams across IT and security benefit from using Copilot: Service desk teams Networking teams Security teams IT leaders can isolate root cause of user complaints to efficiently triage tickets and collaborate with other teams; they can also easily look up technical information can conversationally perform deep analysis across networks, applications, and regions to identify trends or find opportunities for optimization can ensure that their services are performing at all times as well as instantly expose root cause of issues and affected parties when performance lags can conveniently extract and present digital experience trends and performance insights to show progress or identify new opportunities ZDX Copilot is versatile and can be used in many ways: IT employees across functions can upskill themselves, automate tasks, draw digital experience insights, and perform deep analysis. Continuously Monitor Customer-Facing and Business-Critical Web Applications with the All-New Hosted MonitoringEarlier this year, Microsoft had connectivity issues impacting Azure, Teams, Outlook, and SharePoint for 90 minutes. Square had a DNS configuration issue, and its customers were unable to process transactions for more than 18 hours. You have likely heard about these outages, but these are only two of many more that happened. ISP, cloud service, and SaaS issues can have an enormous impact on employee productivity, customer experiences, and business performance. This is why it’s important to extend our monitoring strategy to all ISPs, applications, and services that our employees and customers across all locations rely on to connect to our business and customer-facing applications. With Zscaler Digital Experience Hosted Monitoring, you can monitor applications, such as an eCommerce website, from every region your customers are in. The Zscaler Zero Trust Exchange is distributed across more than 150 data centers on six continents, which enables users to access services securely from any device, any location, over any network. You can now continuously monitor performance of your business-critical and customer-facing applications and services from several of these locations. With continuous monitoring, you can: Ensure that your external websites perform at their best, no matter where you customers are located Monitor SLA compliance for applications and services you purchase from SaaS, cloud, datacenter, or network providers Confidently roll out new applications or expand into new regions as your business grows, whether organically or through M&A To learn more about how you can maximize your impact using hosted monitoring, review this eBook. Analyze Your Data Your Way with Data ExplorerFinally, ZDX has made it incredibly easy to gather trends and insights that are relevant to you, your team, and your business. With the new Data Explorer you simply select your applications, pick the metrics that you’d like to analyze, choose how to organize and manipulate your data, and pick the widgets using which you can visualize the results. Data Explorer provides value for engineers and managers in the following ways: Engineers can troubleshoot problems by comparing similar services or applications to expose differences and anomalies across time Managers and leaders can analyze trends that show how their team achieves their KPIs or to uncover areas for optimization How to Unlock These CapabilitiesZDX Copilot and Hosted Monitoring are available with ZDX Advanced Plus, while Data Explorer is available with ZDX Advanced and ZDX Advanced Plus. For a closer look at the various versions of ZDX, please review this comparison. Your Next StepsWith these new advancements, ZDX provides richer network and app telemetry, helping everyone in IT perform their tasks with maximum efficiency. Copilot, Hosted Monitoring, and Data Explorer give IT teams instant access to massive knowledge repositories using GenAI, so team members can upskill themselves and work collaboratively with speed and accuracy. To learn more about these innovations, watch our webinar, or request a demo. Thu, 25 4月 2024 03:00:01 -0700 Krishnan Badrinarayanan https://www.zscaler.jp/blogs/company-news/zscaler-digital-experience-just-got-smarter-and-wiser-introducing-new-ai https://www.zscaler.jp/blogs/company-news/2024-zscaler-partners-of-the-year Last week at the Zscaler Americas Executive Partner Summit we announced our 2024 Americas Partners of the Year. The Zscaler Partner Ecosystem is a key differentiator and force multiplier for us in the market; from deep technology integrations, key consultancy partnerships, solutions and services partners. We have the best partners in the business. Our thriving partner ecosystem continues to grow and excel as we secure and serve the world’s largest and most renowned organizations. And our partners continue to select and invest in Zscaler as the leading Zero Trust and AI vendor in their portfolio. While each partner is unique, this year’s cohort of winners have all demonstrated significant business growth, innovation, and investments with Zscaler. We are winning together. To each of our award winners, THANK YOU for your hard work and dedication, and for consistently investing in our partnership. The co-development, innovation, and customer obsession we share enables us to better serve and secure organizations all over the world. We are stronger together; delivering superior business outcomes in the ever evolving digital transformation landscape. Congratulations to our esteemed 2024 Americas Partner of the Year Award Winners: Partner of the Year: World Wide Technology GSI Partner of the Year: Accenture Go-to-Market Alliance Partner of the Year: CrowdStrike Cloud Alliance Partner of the Year: AWS Zero Trust Solution Partners of the Year: CrowdStrike & Okta Emerging Tech Partner of the Year: Rubrik GSI Managed Zero Trust Security Partner of the Year: Wipro GSI Growth Partner of the Year: Infosys Services Partner of the Year: Optiv Growth Partner of the Year: SHI PubSec Partner of the Year: Red River New Logo Partner of the Year: CDW These awards recognize our partners who have gone above and beyond, and excelled in our ecosystem. We are proud and grateful for these partnerships as we jointly deliver unparalleled customer experiences and innovation. Thank you to each of our award winners for your partnership. We cannot wait to see all of the great achievements in the years to come. Fri, 19 4月 2024 10:49:53 -0700 Karl Soderlund https://www.zscaler.jp/blogs/company-news/2024-zscaler-partners-of-the-year https://www.zscaler.jp/blogs/company-news/zscaler-acquires-airgap-networks-extends-zero-trust-sase OverviewToday, Zscaler has announced the next major step in its Zero Trust SASE leadership by signing an agreement to acquire Airgap Networks, which provides agentless segmentation for enterprise IT and OT environments. With this acquisition, Zscaler will combine its Zero Trust SD-WAN with Airgap to extend the Zero Trust Exchange to protect east-west traffic in branch offices, campuses, factories and plants with critical OT infrastructure. This next step in our SASE leadership will eliminate the need for east-west firewalls, NACs and microsegmentation and deliver greater operational simplicity. Controlling lateral movement is the cornerstone of Zero TrustTo understand why today’s news is important, let’s reflect on challenges that organizations face in combating attackers. Adversaries are becoming faster and ever more effective at evading even the most sophisticated security controls with AI-enhanced social engineering and identity-based attacks. Once they compromise an organization, they then move laterally to get to sensitive data or critical resources. Once the targets or crown jewels (typically high value data) have been identified and reached, the goal is to exfiltrate the data as quickly and quietly as possible. While Zero Trust cannot be achieved without a holistic strategy that addresses every stage of this typical cyber attack chain - also known as a defense-in-depth approach - restricting lateral movement, and proper containment of the adversary once your organization has been compromised, is where real Zero Trust technologies must prove their worth. To date, the primary vehicle for addressing lateral movement on local area networks has been network-based segmentation and microsegmentation. How traditional segmentation and firewalls have fallen shortSegmentation has been carried out with aging, IP-centric networking technologies like NAC and east-west firewalls, managed through complex constructs like ACLs based on MAC, IP addresses and VLANs. This complexity places considerable strain on network operations teams forced to write, maintain and update countless ACLs or internal firewall rules while addressing the inevitable misconfigurations that break business critical applications or leave gaps in segmentation coverage. The complexity that east-west firewalls bring means most segmentation projects are never fully implemented and, even those with partial completion quickly experience segmentation policy drift as workloads and applications move and organizations’ environments change. The significance of a ‘network of one’Why is Airgap’s technology so compelling? Their agentless, identity-based approach to segmentation is a total re-think of the complexity of legacy segmentation approaches, for stronger, more predictable segmentation outcomes and greater operational simplicity. This highly secure but simplified approach includes Dynamic Host Configuration Protocol (DHCP) proxy, which creates a "network of one" for all connected endpoints, including those enabled with static IP. For example, the DHCP proxy intercepts all DHCP requests from devices trying to join the LAN. This enables Airgap to assign a /32 IP address and default gateway, effectively creating a segment of one. Airgap can then dynamically control access through continuous assessment of identity and context. Now, Airgap can provide visibility and policy enforcement at every connected endpoint without adding any software to those sensitive endpoints. This approach eliminates the risk of east-west lateral movement on local networks as well as the complexity of traditional segmentation approaches like east-west firewalls, without hardware upgrades or operational disruption. Agentless SegmentationIt is critical to understand that an agentless approach is essential for effective east-west segmentation on LANs, given that in many scenarios, be it unmanaged devices, aging legacy servers, or headless IoT/OT infrastructure, deploying agents is an impossibility. However, with Airgap, Zero Trust segmentation is possible in campus LAN and OT environments, no matter the device. Comprehensive Zero Trust Segmentation If you have been a customer or followed Zscaler, you’ll know we take segmentation very seriously, as a measure to counter lateral movement of threats. In the Zero Trust Exchange, we currently protect thousands of organizations with Zero Trust Segmentation which comprises multiple methods of segmentation depending on the environment and scenario. This includes Zero Trust SD-WAN to securely connect locations and segment them without site-to-site VPNs. Zero Trust Segmentation is made up of: User-to-app segmentation: Users access private applications directly, without being put on a network. Location Segmentation: Zero Trust SD-WAN ensures connections are made directly to applications from an office, rather than connecting to a routable network. No more site-to-site VPNs Workload segmentation: Least-privilege access segments cloud workload-to-workload communications across hybrid and multi-cloud environments. Now with Airgap, we further extend Zero Trust Segmentation to deliver visibility and segmentation for east-west traffic on LANs, including critical OT environments. Some of the use cases that can be addressed on day one are: East-West Firewall Replacement We will extend Zero Trust to the LAN by enforcing segmentation on east-west traffic. This shrinks the internal attack surfaces and eliminates the threat of lateral movement on campus, data center, and OT networks. There is no need for NAC or firewall-based segmentation. To enforce zero trust segmentation on campus, branch, and data center networks, Airgap will: Automatically provision every device into a segment of one (/32) Auto group devices, users and apps by analyzing the traffic patterns. This prevents rogue devices using MAC spoofing to get on to the network. Dynamically enforce policies for east-west traffic based on identity and context of users and devices. IT/OT SegmentationAirgap’s technology acts as a ransomware kill switch, disabling non-essential device communication to halt lateral threat movement without interrupting business operations. Airgap’s solution neutralizes advanced threats, such as ransomware on IoT devices, OT systems, and agent-incapable devices. To secure IoT and OT, Airgap will: Autonomously group and enforce policy for known MAC addresses on any device; eg. RDP access to cameras denied except for Admins Automatically isolate unknown MAC addresses to limit blast radius in case of a compromised device. Integrate with asset management systems for secure access control policies. Automatic Device Discovery & ClassificationA significant portion of IT/OT traffic stays within the factory or campus, hence it is important to have continuous visibility into east-west traffic. With automatic device discovery and classification, network admins can better manage performance, uptime and security for IoT/OT systems without complex inventory management. For network and device visibility, Airgap will: Discover, classify and inventory IoT/OT devices without the need for endpoint agents Get a baseline of traffic patterns and device behaviors in order to determine authorized and unauthorized access. Gain AI-driven network insights for performance management and threat mapping. Modern segmentation for the enterprise, without the complexity Eliminate lateral threat movement across the LANs. Reduce operational complexity and cost associated with legacy segmentation tools. Gain enhanced visibility into east-west traffic with discovery, classification and device inventory without the need for endpoint agents. We invite you to learn more about Airgap’s technology in an upcoming briefing on April 16th. Thu, 11 4月 2024 05:00:00 -0700 Naresh Kumar https://www.zscaler.jp/blogs/company-news/zscaler-acquires-airgap-networks-extends-zero-trust-sase https://www.zscaler.jp/blogs/company-news/zscaler-is-showcasing-zero-trust-and-ai-at-the-2024-aws-summit-events-across-europe In today’s dynamic digital landscape, organizations are rapidly adopting artificial intelligence (AI) and Generative AI (GenAI) tools to increase productivity, gain new insights, and obtain a competitive advantage. The newly released Zscaler ThreatLabz 2024 AI Security Report sheds light on key trends, risks, and best practices in enterprise AI adoption, along with insights into AI-driven threats and key strategies to defend against them. Analyzing over 18 billion transactions from April 2023 to January 2024 across the Zscaler Zero Trust Exchange cloud security platform, some of the key findings are: Enterprise use of AI/ML tools has skyrocketed by nearly 600% 569 terabytes of enterprise data exchanged with AI tools ChatGPT usage has increased by 634%, even though it is also the most-blocked AI application by enterprise organizations AI is empowering threat actors in unprecedented ways This is not just a numerical phenomenon but represents a profound shift in the way organizations across industries and geographies are embracing AI technologies. However, with terabytes of data sent to various AI tools, the need for effective data protection measures is a top priority. Not only driven by the need to classify and protect sensitive data to prevent it from leaving the organization by mistake, but also to prevent data exfiltration caused by bad actors, malware, and new AI-powered threats. Never has the demand for robust cybersecurity been more important.Zscaler Leadership and Advantage: In AI, Data Wins Enabling more secure use of AI and GenAI tools in organizations and using AI to provide a stronger security posture are two crucial aspects in the modern landscape. An AWS Advanced Technology Partner, Zscaler has been a leader in zero trust for over a decade. As organizations wage the battle against cyberattacks, they must deploy robust defense systems, including zero trust architectures that utilize AI to effectively combat evolving threats, while keeping users productive. The best AI is powered by the best data, and that is what makes Zscaler stand out. Operating the world's largest security cloud and processing over 400 billion transactions daily, Zscaler ensures access to the most relevant cyber threat data. Prioritizing three key elements for effective enterprise AI – vast datasets exceeding 500 trillion daily signals, deep domain expertise, and a skilled team of data scientists, Zscaler leverages complete logs, full URL and anonymized data to train their LLMs. This approach ensures rich data for AI training, unlike DNS and firewall logs, which often lack detail or are blind to encrypted traffic. As a result, Zscaler continually improves its AI models with high-volume, high-quality data, empowering IT and security teams with valuable insights and solutions. Come and visit us at the 2024 AWS Summit events As apps move to the cloud, cyberattacks become more sophisticated, and users work from anywhere, using any device, perimeter security using VPNs and firewalls provide incomplete, inconsistent security and a poor user experience. With the Zero Trust Exchange powered by AI, Zscaler provides comprehensive visibility, control, and security for all cloud based applications within a unified platform. At the 2024 AWS Summit events, you can discover how Zscaler empowers organizations to: Improve security posture with zero trust Reduce attack surface and prevent lateral threats Accelerate migration of on-prem apps to AWS Enjoy fast, direct access to private apps and workloads Deploy AI-powered security for sensitive data, workloads, and GenAI data And more Visit us at the 2024 AWS Summit events, which include EMEA stops at: Amsterdam on April 9 London on April 24 Berlin on May 15-16 Milan on May 23 Stockholm on June 4 Madrid on June 5 The 2024 AWS Summits are free events that bring the cloud computing community together to connect, collaborate, and learn about AWS. Stop by our booth to learn more about Zscaler solutions for AWS and how to safely embrace GenAI tools, while leveraging AI for an improved security posture. To learn more about the 2024 EMEA AWS Summit events and to register, click here. And to learn more about Zscaler solutions for AWS visit our website. Tue, 09 4月 2024 02:07:52 -0700 Yaroslav Rosomakho https://www.zscaler.jp/blogs/company-news/zscaler-is-showcasing-zero-trust-and-ai-at-the-2024-aws-summit-events-across-europe https://www.zscaler.jp/blogs/company-news/the-old-social-engineering-playbook-now-with-ai When you’ve been in the security world long enough, you start to see old playbooks being reused, with new technology. Case in point: ‘Deepfake’ has been an increasingly common phrase in the news, describing digitally manipulated video being used to misrepresent a person or falsify identity. The latest example of deepfake targeting, where a successful video call resulted in a 25 million USD money transfer, captured people’s attention for a number of reasons. The main news value was in the enormous amount of money that the attackers were able to steal by faking a single video call. In itself, the technical playbook used to trick the person was nothing new. However, this deepfake example demonstrated once again just how high a level of sophistication is possible when AI is orchestrated creatively. People generally fear a relatively new technology, like AI, because they can’t immediately grasp its full potential and they have a fear of the unknown. Similarly, technological advancements also scare people when they feel like they pose a threat to their sense of security or working lives, such as losing their jobs to AI. The social engineering techniques used by adversaries have continuously evolved and usually these adversaries are faster to adopt new technologies for their benefit than we, the defenders, are to protect their victims. You can see examples of this in the not too distant past: In times of modem connectivity, a common piece of malware would dial up a modem in the middle of the night and connect it to a toll number, leading to enormous bills. A few years ago, a rash of malicious android apps hacked mobile phones to dial toll numbers as a way to make quick and easy money – which was basically a modern form of the old modem dialer tactic. Cryptominers harvesting the compute powers of infected systems was then the next step in this evolution. The human risk factor History has shown us a number of examples of the old social engineering playbook in use. The technique of faking a senior executive‘s voice by reusing publicly available audio clips to threaten users into taking action is already fairly well known. Faking video sessions showing a range of people in a live and interactive call, however, reaches a new (and scary) level of cybercriminal sophistication and has therefore sown a new level of appropriate and respectful fear around AI’s technological evolution. It is the perfect demonstration of how easily humans can be tricked or coerced into taking action – and of bad actors using this to their advantage. But this attack also highlights how a new piece of technology can enable adversaries to do the same tasks they have been doing before, but more efficiently. And bad guys are taking advantage of this technological advancement fast. Unfortunately, the general public is still not fully aware of how social engineering techniques continue to evolve. They don't follow security news and trust that these kinds of attacks will never happen to them. This is what makes traditional security awareness training difficult to prove effective, the public doesn’t believe they (as individuals) will be targeted. So when it does happen, they are unprepared and are duped into falling prey to the social engineering attack. In the wake of this recent attack questions were also raised about how – if AI is really good enough to make these video scenarios look so realistic – an employee would have any chance of detecting the fake. The fact is that human beings are not machines, and they will always be a risk factor as an organisation‘s first line of defence because they will have a variable level of security awareness (no matter how good the internal training process might be). Imagine if someone has a bad night or returns home late from a business trip or sports event. They simply might not be as laser-focused on detecting modern social engineering techniques or paying attention to the details the following day. The big challenge is that AI won’t have an off day – its targeting will remain consistent. The technology to fight these playbooks already exists – but it is not widely used The fact that these kind of plays keep working shows that businesses have not yet adapted their security and organisational processes to handle them. One way to counteract deep fakes videos starts at the (security) process level. My first idea is a simple one: to ensure that teleconferencing systems include a function to authenticate a logged-on user as a human being. A straightforward plug-in could do the job, employing two-factor authentication to verify an identity within Zoom or Teams, for example. Hopefully such an API would be fairly easy to develop and would be a huge step forward in preventing sniffing attacks via the phone as well. Additionally, the mindset about being afraid of AI has to change. It is an amazing piece of technology, not only when it is misused. Society just needs to understand its boundaries. AI can actually be implemented to stop these sorts of modern attacks if security executives learn how to control the problem and use the technology to get ahead of the bad actors. Deception technologies already exist, and AI can be used to detect anomalies much faster and more effectively, showing its potential for good. From a more all-up security perspective, adapting a Zero Trust mentality for security can enable organisations to continually improve their security posture on the process level. Zero Trust could not only help on a connectivity level, but it could also improve security workflows, which helps to verify whether everyone in a call is authenticated against an internal directory. Zscaler‘s Identity Threat Detection and Response (ITDR) is already mitigating threats that are targeting a user’s identity. With the help of the new service, the risk to identities is becoming quantifiable, misconfigurations are being detected, and real-time monitoring and privileged escalations are helping to prevent breaches. Finally – going back to the initial example of the successful deepfake – it is hard to believe that you can transfer so much money in a modern organization without verification processes operating in the background. Organisations would be well advised to check the overall risk level of such processes within their own infrastructure. It would raise the barriers to an attack greatly, if solid administrative processes were put in place to reduce risk – not only in the security organisation, but for operational processes like payments authentication as well. Not everything needs to be enhanced by a technological solution. Sometimes a new procedure where two people must sign off on a funds transfer could be the step which protects the organization from losing $25m USD. Tue, 20 2月 2024 05:54:06 -0800 James Tucker https://www.zscaler.jp/blogs/company-news/the-old-social-engineering-playbook-now-with-ai https://www.zscaler.jp/blogs/company-news/nis-2-0-new-cybersecurity-rules-eu Back in 2021, the White House issued an executive order compelling federal government agencies to develop a plan for implementing a zero trust architecture. This was followed by a memorandum that mandated federal agencies to achieve specific zero trust security goals by the end of 2024. Last year, as you may have heard, the SEC in the United States issued new rules compelling publicly traded companies to disclose material cybersecurity breaches. As it’s happened, the SEC has wasted no time in showing its regulations have teeth, with the first prosecutions having already taken place. So, there’s a lot going on in the USA, but it’s not the only place in the world where policymakers are pushing for—or even mandating—the adoption of zero trust principles. This year the European Union will be updating and tightening its Network and Information Systems (NIS) directive, and as anyone who experienced the arrival of the GDPR regulations on privacy will tell you, the reach of EU regulations can be great indeed. NIS 2.0 The NIS 2.0 directive comes into force in October 2024, mandating that management bodies within organizations in specific categories implement cybersecurity risk management measures. Impacted categories extend to: Energy Transport Banking Financial market infrastructure Health Drinking water Wastewater Digital infrastructure ICT service management (B2B) Public administrations Space Postal and courier services Waste management Manufacture, production, and distribution of chemicals Food production, processing, and distribution Manufacturing Digital providers Research As you can see, the directive is focused on critical physical and digital infrastructure within EU member states, but it also has reach. It applies not only to organizations within the EU, but also to any organization worldwide that provides services to any of the protected sectors within the EU. As with the SEC regulations, there are strict rules for prompt incident reporting. The stick The picture is abundantly clear at this point. Government bodies in regions covering hundreds of millions of citizens have recognized that the risk of inadequate cybersecurity practices is severe enough to warrant strict regulations and even severe penalties. The carrot has been in place for many years—now comes the stick! The carrot So, what’s the carrot? What are the positive aspects to strengthening your security defenses? Sure, it starts with reducing cyberattack risk and achieving compliance, but what else? Organizations that implement robust cybersecurity practices stand to gain significantly in terms of cost reduction, competitiveness, business continuity, and customer trust. Not just one carrot, but a whole bunch! Help is at hand. The NIS 2.0 directive itself includes clear guidance on how to improve your cybersecurity stance, and you won’t be surprised to learn that the first recommended cyber hygiene practice listed is the adoption of zero trust principles. In fact, as you review these lengthy regulatory and legal requirements, zero trust comes up routinely as the holy grail to aim for. “Users should log into applications, rather than networks” Help is also available from Zscaler, where we’ve been designing and building the foundational pillars of a zero trust architecture since 2007. If you’d like to speak to someone about implementing zero trust and achieving regulatory compliance, whatever your industry, please get in touch. Alternatively, join one of our monthly introductory webinars to learn more and ask questions. Click here and search ‘start here’ to find the next session to sign up for. Tue, 20 2月 2024 00:00:02 -0800 Simon Tompson https://www.zscaler.jp/blogs/company-news/nis-2-0-new-cybersecurity-rules-eu https://www.zscaler.jp/blogs/company-news/now-and-next-how-zscaler-transforming-fuel-channel-success Looking back at 2023, it was impossible to escape the constant buzz surrounding cybersecurity incidents in the market. But amid the chaos, one thing became clear: the cybersecurity market was booming and the role of leaders and partners in ensuring customer safety was crucial. The same still rings true in 2024. As the cyber security market continues to evolve, Zscaler is proud to be at the forefront of innovation, and now, we’ve put the programs in place to allow our partners thrive in this digital era alongside us. Both for what’s now… and what’s next. As we step into the second half of Zscaler’s fiscal year, we’re proud to showcase to partners the army of new opportunities we’ve designed to grow their business, maximize earnings, and elevate their skills. This includes a revamped incentive structure and new selling motions that empower partners with more collaborative selling opportunities throughout the sales cycle to deliver the greatest customer experience in their journey to digital transformation. We have transformed our partnering foundation to provide comprehensive support throughout the customer lifecycle. You’ve probably heard me say it before, zero trust is a team sport. In the 1H half of the year, we took on both an internal and external transformation to ensure that we have purposeful alignment, process, and engagement with our partners throughout the customer lifecycle. This means, from the earliest stages of our world-class sales process to the final delivery, our partners are integrated every step of the way, embedding their services and support to help our customers transition from legacy appliances to a true zero trust model. We’re leading the charge with the market-leading platform, and now the most lucrative incentive framework, in the market today. With the most comprehensive platform in the market today, Zscaler leads the charge. And now, we have introduced the most lucrative incentive framework to match. Over the past six months, my team and I hit the road to listen to our partners and understand what they truly desire in a partnership. One thing stood out loud and clear: they want to work with vendors who offer the most comprehensive security platform and drive profitability. That's why we have enhanced our incentives framework and channel-led selling motion, offering larger payouts, increased discount advantages, and performance bonuses. We want our partners to earn more and thrive in the cloud security market, establishing themselves as trusted advisors. As the digital landscape continues to evolve, Zscaler remains dedicated to supporting partners in driving customer success and achieving mutual growth. We’re empowering our partners to thrive in the cloud security market and establish themselves as trusted advisors. We know that for Zscaler and our partners alike, our number one commitment is driving customer success in the ever-evolving digital era. That’s why Zscaler not only continues to innovate its cloud security offerings to address emerging threats and challenges, but in the first half of our year, we simplified our certifications to help our partners become experts and build practices around zero trust. We also launched targeted enablement around Zscaler-powered customer outcomes to help our partners lead the way as trusted advisors to our customers. But our journey is far from over. As we enter the second half of our fiscal year, we have more exciting announcements lined up to fuel partner success. We will introduce new offerings and specializations to help partners seamlessly integrate Zscaler into their practices. We will optimize our collaborative partnering approach and launch industry-leading tools to make Zscaler the easiest to do business with in the industry. We’ll also continue to be in the field with you each and every day, to make sure our valued partners have the support to deliver transformational outcomes to our customers. We have achieved a lot in the first half of the year with your feedback and support throughout this transformative journey. We are fully dedicated to supporting our partners in reaching their maximum potential with Zscaler, both with what’s now and what’s next. Together, we are changing the channel and revolutionizing the cybersecurity market. Thu, 08 2月 2024 05:00:02 -0800 Karl Soderlund https://www.zscaler.jp/blogs/company-news/now-and-next-how-zscaler-transforming-fuel-channel-success https://www.zscaler.jp/blogs/company-news/zscaler-appoints-steve-mcmahon-new-chief-customer-success-officer In the past year, Zscaler achieved a significant milestone by surpassing $2B in ARR. We take great pride in the fact that we accelerated from $1B to $2B ARR within a span of just seven quarters. Looking ahead, our sights are set on surpassing $5B ARR, a testament to our continuous growth and the trust placed in us by over 40% of Fortune 500 companies for their secure digital transformation. As we embark on this journey, we are diligently ensuring that our organizational structure and leadership are well-equipped to propel us to the next level of success. While Zscaler has many impressive stats about its business, the stat I’m most proud of is the Net Promoter Score (NPS) of over 70 while the average NPS score for SaaS companies is 30. This is driven by our innovative architecture and customer obsession which are part of our key values. The organization that plays a critical role in making sure our customers are delighted is Customer Success. To scale the customer success organization and continue exceeding expectations of our global customers, I’m excited to welcome Steve McMahon to Zscaler as our new Chief Customer Success Officer. This strategic addition to our leadership lineup demonstrates our ongoing commitment to delivering exceptional customer experiences and driving long-term growth. With over 25 years of customer success and services experience at a range of leading technology companies including Cisco, Splunk and, most recently, CrowdStrike, Steve has the expertise and know-how for developing strategies and programs that drive customer satisfaction, retention, and advocacy. His extensive experience in this space will enable us to further optimize our customer engagement model, ensuring that we are providing the right level of support at every stage of the customer journey. The trusted relationship we establish and cultivate with our customers is paramount to our business, which is why customer obsession has always been at the heart of everything we do. I am confident that Steve’s contributions will have a positive impact on our organization and help us maintain our focus on driving customer loyalty and satisfaction. Please join me in extending a warm welcome to Steve and a big thank you to the Zscaler team for your continued support and commitment to making Zscaler the leader in cloud security. Wed, 31 1月 2024 11:01:44 -0800 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/zscaler-appoints-steve-mcmahon-new-chief-customer-success-officer https://www.zscaler.jp/blogs/company-news/reimagine-your-cloud-security-zscaler-aws-re-invent-2023 Zscaler will be at AWS re:Invent 2023, running November 27 - December 1 in Las Vegas! This will mark our second year attending AWS’s premier technology conference. If you’re heading to Vegas, be sure to visit us at booth #1259. We’ll be hosting exclusive giveaways (including a raffle for multiple drones), but even better, you’ll have a chance to learn about our latest groundbreaking features and see up close how Zscaler can secure your organization. We also recently revealed several innovative capabilities for Zscaler Workload Communications that will significantly improve your cloud workload security, including: Integration with AWS user-defined tags: This unique capability enables you to create custom security groups based on user-defined tags and native attributes in AWS, eliminating the complexity associated with legacy methods. Auto discovery of cloud resources in real time: Zscaler's native integration with AWS enables real-time automatic discovery of VPCs, subnets, and EC2 resources, along with their associated tags and attributes. Securing multi-session VDI deployed in the public cloud: An industry first, Zscaler inspects all ports and protocols for multi-session, non-persistent VDI deployments in the public cloud. Check out our recent launch blog post for more details. In addition to demonstrating how Zscaler can improve your cloud security, we’re hosting some awesome events in partnership with AWS, Okta, and Splunk. To register for these events, reach out to your Zscaler account team and visit our page! Learn more about our recent innovations in New Zero Trust Innovations Radically Simplify Cloud Workload Security. You can also visit our solution page. To learn more about what Zscaler is doing at AWS re:Invent, click here. And if you haven’t already, to register for AWS re:Invent 2023, visit their homepage. Wed, 15 11月 2023 08:00:01 -0800 Franklin Nguyen https://www.zscaler.jp/blogs/company-news/reimagine-your-cloud-security-zscaler-aws-re-invent-2023 https://www.zscaler.jp/blogs/company-news/zscaler-proud-be-one-best-workplaces-technology Today, Zscaler was named one of Fortune’s Best Workplaces in Technology, a significant accomplishment given the highly competitive nature of this ranking which is based on over 162,000 responses from employees at companies across the technology industry. And because this recognition also takes into account feedback provided by Zscaler team members, it’s an especially important endorsement from the very people who know our culture best. Like many iconic technology companies, Zscaler was born out of an original idea, a lot of hard work, and the unwavering belief that this idea had the potential to change the world. Sixteen years later, we’ve seen how cloud security has become an essential component in accelerating digital transformation initiatives and, as I look back over our company’s history, I’m reminded of all we’ve accomplished as we’ve grown Zscaler into the global cybersecurity leader it is today. Images from the early days of Zscaler. (Left) Mapping out a novel approach to cloud security that would later become the Zscaler Zero Trust ExchangeTM Platform. (Right) With a team of founding engineers who helped bring the vision to life. Every milestone adds to the mosaic that makes up who we are as a company and what we stand for. Over the years we’ve been recognized in a number of areas, such as our product innovation (we have over 400 issued and pending patents worldwide) and customer satisfaction (with an NPS of 70+, Zscaler’s score is over 2x the average for SaaS companies). But I firmly believe that our team members are our greatest strength, so as we continue to grow our ranks, it’s extremely important that we continue to invest in creating a positive culture and environment that enables our employees to do their best work and contribute in meaningful ways. This year has been quite eventful with Zscaler being named to a number of “Best Workplaces” lists, including: Fortune’s Best Workplaces in the Bay Area Fortune’s Best Workplaces for Millennials UK’s Best Workplaces for Women UK’s Best Workplaces in Tech Each award serves as further validation that Zscaler has come to be known as an iconic company that’s driving cybersecurity innovation and market growth with a talented and world-class team…fulfilling a dream that started 16 years ago. A big thank you to the Zscaler team for making us a “great place to work” - this award celebrates you and all of your valuable contributions. Congratulations, everyone Tue, 19 9月 2023 07:30:02 -0700 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/zscaler-proud-be-one-best-workplaces-technology https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-dataprotection このブログシリーズでは、2023年 9月15日に開催される Zenith Live ’23 Tokyo の Breakout Session のご紹介を、シリーズで各セッションスピーカーからお送りさせていただきます。 第8回最終回は、私の担当セッションである“クラウドからエンドポイントまで情報漏洩を防止する包括的なデータ保護ソリューション”についてご紹介します。 近年、オンライン上で共有される情報の量が増加するにつれて、リアルタイムなデータ漏洩の検出と迅速なインシデントレスポンスが重要性を増しています。本ウェビナーでは、データ漏洩を未然に防ぐためのZscalerソリューションを、未然防止策から運用ワークフローまで詳しくご紹介させていただきます。 1．移動するデータの保護 Security Service Edge (SSE)を取り入れることで, インターネット上で行われるデータ転送を最適なエッジで検査することが可能となります。Zscalerでは、世界最大級のSSEプラットフォームを活用し、多様な属性で精密な検査を行います。その詳細な内容をウェビナーにてご紹介させていただきます。さらに、ディープラーニング技術を活用した機密データを自動分類するツールや、Endpoint DLP、Email DLPについての最新の情報もご案内します。 2．保存されたデータの保護 移動データだけでなくあらゆる境界での静止データにも対応します。Zscalerではエコシステムを利用した充実した API 連携が可能です。例えば、サンクションアプリのマルウェア検知、健全性を評価するSaaS Security Posture Management (SSPM)、更にはSaaSアプリがサードパーティ製アプリやアドオンへ相互接続するサプライチェーンの実態を可視化するAPI連携ソリューションをご用意しております。 3. インシデントレスポンス 誰がどこで何を犯したか、IT管理部門が情報漏洩を確認し即座に誰へエスカレーションするべきか、どのようにインシデントケースを管理するか、様々なインシデントレスポンスの課題をお持ちではないでしょうか。このような課題に対して運用を一元管理・自動化するソリューションをご紹介します。 拡散されるデータがあらゆる境界で何が起こっているのかを把握し、それらの情報を一元管理した上で、効率的な運用ワークフローを実現することが重要です。すでにZscalerのソリューションをご利用頂いてるユーザ様もこれからご検討されるユーザ様も是非会場に足を運んで頂き、今後の漏洩対策に役立てていただければと思います。会場でお会いできることを楽しみにしております。 →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 第5回 ZTNAを実現するZPAの"使える"機能とユースケース 第6回 生成AIを活用したZscalerのイノベーションのご紹介 第7回 サイバーアタックを食い止めよ！ セキュリティフレームワークの活用とDNSセキュリティ 東京Tokyo開催に先駆けて、弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveのに参加してきた内容をブログにまとめました。 こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Thu, 31 8月 2023 23:24:25 -0700 Kenjiro Yajima https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-dataprotection https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-dns 皆様、こんにちは。Zscaler セールスエンジニアの川人（かわんど）と申します。 今年は本当に暑い日が続いていますね。くれぐれもお体に気をつけてお過ごしくださいませ。 このブログシリーズでは、2023 年 9 月15 日に開催される Zenith Live '23 Tokyo の Breakout Session のご紹介を、シリーズで各セッションスピーカーからお送りさせていただきます。 第7回となる今回は、私の担当セッションである サイバーアタックを食い止めよ！セキュリティフレームワークの活用とDNSセキュリティ についてご紹介します。 突然ですが ”フレームワーク” って何でしょう？直訳すると ”枠組み” なんですが私の理解は「何かしらのアイデアや答えに無駄なく確実に導く先導者」と考えています。何か難しい課題があってもフレームワークを活用することにより抜け漏れなく納得感のあるアウトプットが得られます。 さて、私たちが日々格闘しているサイバーセキュリティの世界ですがゼロトラストを導入・運用することが今やビジネスにおける至上命題になっていると思います。一方で、「言うが易し、行うは難し、どうすれば良いんだ？」という声が多いのが実状と思います。 安心してください！サイバーセキュリティの世界にもフレームワークはあるんです！ 私のセッションの前半では主要なセキュリティフレームワークとゼットスケーラーのソリューションを照らし合わせ、ゼットスケーラーが他に類をみないゼロトラストプラットフォーマーであることをご理解いただきます。 ここでサイバー攻撃者の戦術を可視化したCyber Kill Chain に目を向けてみましょう。初期〜後期フェーズで共通して悪用されているプロトコルがあります。それはDNSです。DNSを悪用した攻撃は巧妙に通常のDNS トラフィックのように見せかけるため、一般的に検知が困難です。IDCのレポートではDNS攻撃を経験した組織は87% にも上ることが示されています。 このような状況を踏まえ、後半のセッションではゼットスケーラーがどのようにDNSトラフィックを保護しているのか、ポイントとなるアーキテクチャや機能に関して解説します。　 　　✔すべてのDNS トラフィックをインラインで保護 　　✔暗号化されたDNS（DoH ）の制御／検査 　　✔サードベンダのProtective DNSとの連携 　　✔AI 活用型DNSトンネリング検知　 　　✔可視化（ダッシュボード、ログ、レポート） 　　✔DNSパフォーマンスの最適化 　　✔ユーザエクスペリエンスへの配慮 それでは当日、皆様にお会いできることをゼットスケーラー社員一同、楽しみにしております。 ぜひZenith Live ‘23 Tokyo にご期待ください！ →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 第5回 ZTNAを実現するZPAの"使える"機能とユースケース 第6回 生成AIを活用したZscalerのイノベーションのご紹介 東京Tokyo開催に先駆けて、弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveのに参加してきた内容をブログにまとめました。こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Thu, 31 8月 2023 19:04:41 -0700 Tetsuo Kawando https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-dns https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-ai 皆様こんにちは、ZscalerのSales Engineerの佐藤と申します。 このBlogでは、2023年 9月15日に開催される Zenith Live ’23 Tokyo の Breakout Session のご紹介を、シリーズで各セッションスピーカーからお送りさせていただきます。 第6回は、私が担当する “生成AIを活用したZscalerのイノベーションのご紹介”のセッションに関して説明いたします。 2022年11月30日に米OpenAI（オープンAI）が対話型生成AI（Artificial Intelligence）の「ChatGPT」を公開して以降、産官学を問わずに色々な活用方法が試されているかと思われます。米国ガートナー社の調査では、2025年までに、大企業から送信されるマーケティング・メッセージの30%が合成的に生成されたものになったり、2030年までにAI生成コンテンツ (テキストから映像まで) が90%を占める大ヒット映画が公開されたりするという予測まで公開されています。 生成AIが広く普及していく中で、zscalerが生成AIをどのようにソリューションに取り入れ、新たなイノベーションを生み出していくのかをセッションの中でご紹介いたします。 セッションの構成は次のとおりです 生成AIのデータ保護をどのように実現するのか AIやML（Machine Learning）を活用してゼロトラストの実現を効率化できるのか 生成 AI を活用して高精度な分析結果をユーザに提供できるのか 2023年6月、ラスベガスで開催されたZenithLive23にて公開された新製品も含めて、本セッションにてご紹介させていただきます。 →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 第5回 ZTNAを実現するZPAの"使える"機能とユースケース 東京Tokyo開催に先駆けて、弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveのに参加してきた内容をブログにまとめました。こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Mon, 28 8月 2023 20:35:23 -0700 Tomonori Sato https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-ai https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-ztna みなさん、こんにちは。ZscalerのSEの坂上と申します。 このBlogでは、2023年 9月15日に開催される Zenith Live ’23 Tokyo の Breakout Session のご紹介を、シリーズで各セッションスピーカーからお送りさせていただきます。 第5回は、私の担当セッションである“ZTNAを実現するZPAの”使える”機能とユースケース”についてご紹介します。 ZTNA（ゼロトラストネットワークアクセス）が定義されてから数年が経ち、この言葉もだいぶ市場に定着してきた感がありますが、皆様の組織では、すでにZTNAは導入されていますでしょうか？ 過去のGartnerの予測では、2023年までに60％の企業が段階的にVPNを廃止し、ZTNAへの移行が進むと言われていましたが、2023年6月に発表された国内での調査報告では、導入済みと１年以内に導入予定の割合を合わせても45％程度という結果になっており、やはり導入に慎重になられている組織が多いという状況のようです。 そういう状況になっている理由としては、私が過去に携わってきた案件での感触や、周りのSE達から聞く状況から考えますと、「ZTNAの有用性は理解するが、うちの組織の事情に合わない」とか、「今のZTNAではやりたいことが実現できない」といった状況が残念ながらあったように思われます。 上の図は、私の経験上、ZTNA導入検討時に課題としてお客様からご質問いただく問題点を図にしたものですが、黎明期のZTNAのサービスは、ユーザからアプリケーションへのアクセスに主眼を置いたものが多く、プリンタやIOTデバイスなどの機器から発生する通信は、その機能をクラウドシフトすることで解決していたか、従来のVPNや閉域網接続に頼らざるをえないケースがあったことは否めない状況であったと思います。 また、ZTNAのサービスの性質上、インターネット上のクラウドサービスにアクセスして利用する必要があり、理由があってインターネット経由での通信を許容できないケースや、サービスダウン時の事業継続対策に対応できていなかったケースもあったかと思います。 本セッションでは、ZTNAの定義と必要性をおさらいしつつ、弊社のZTNAサービスであるZPA(Zscaler Private Access)の最新の機能の紹介を交え、具体的にこういった課題や問題に対してどう対応できるのか？実際にどういう利用のされているのかをご紹介できればと思います。 →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 東京Tokyo開催に先駆けて、弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveのに参加してきた内容をブログにまとめました。こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Wed, 23 8月 2023 23:37:34 -0700 Kentaro Sakaue https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-ztna https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-iot-ot 皆様、こんにちは。Zscalerセールスエンジニアの武井と申します。 まだまだ暑い日々が続いておりますがいかがお過ごしでしょうか。 このブログシリーズでは、2023年 9月15日に開催される Zenith Live '23 Tokyo の Breakout Session のご紹介を、シリーズで各セッションスピーカーからお送りさせていただきます。 第4回は、私の担当セッションである ”拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大” についてご紹介します。 過去数十年にわたり、ビジネスや技術の進歩とともに企業の働き方は変化してきました。元来、組織と働く場所は切っても切り離せない関係で、従業員は会社へ出社して働くのが一般的でした。 ネットワークの進歩とともに拠点間を接続することができるようになると、本社と各拠点をネットワークでつなぐことで、生産性が向上し従業員の働く場所も拡大していきました。さらにVPN技術の導入より、拠点外の従業員も仮想的に社内ネットワークに入ることが可能となり、働く環境は複雑化してきました。ところがその一方で企業の管理しなければならない設備も増加し、設備投資計画の入念な検討やそれに伴う運用負荷の増大、不正アクセスなどのセキュリティインシデント対策など、生産性の向上と引き換えに様々な問題が発生するようになりました。昨今ではデジタルトランスフォーメーションによる業務システムのクラウド移行、コロナ禍をきっかけとしたリモートワークの一般化など、ますます複雑化したハイブリッドな環境の中で、企業は生産性とセキュリティをどのように両立させるかが課題となっております。 そこで脚光を浴び始めたのがゼロトラストによる場所に囚われないセキュリティであり、昨今様々な企業様が中長期の経営計画の一環としてインフラ改革に伴うネットワークの刷新を進めており、自社にとっての理想像を目指したゼロトラストセキュリティの段階的移行に取り組んでいらっしゃいます。既に多くの企業様では、ゼロトラスト接続による従業員や外部業者への社内リモートアクセスのご検討やご導入は実施されている認識ですが、一方でサーバーやIoT/OT機器、クラウドのワークロード・インスタンスに対してはSD-WANによるネットワークの最適化に留まり、ゼロトラスト接続はこれからというのが実情かと存じます。 一般的なSD-WANではVPN技術を応用した仕組みとなり、ネットワークの肥大化・複雑化による運用管理面の課題、機器の脆弱性リスクやマルウェア拡散などのラテラルムーブメントのセキュリティ面の課題は残り続けることになります。そのため、将来的にこれら領域に対してどのようにゼロトラストを適用していくかという問題がございます。 本セッションでは、ゼロトラストの接続性をいわゆるユーザーの通信のみではなく、拠点間通信やデータセンター・クラウド上のサーバーやIoT/OT機器にも適用可能なZscaler Branch Connector（拠点およびデータセンター向け）とZscaler Cloud Connector（IaaS向け）のご紹介をさせていただきます。 Zenith Live ‘23 Tokyo へのご参加を心よりお待ちしております。 →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 また弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveの内容をブログにまとめました。こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Thu, 10 8月 2023 00:16:55 -0700 Yuichiro Takei https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-iot-ot https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-dx みなさん、こんにちは。Zscaler SEの井上です。 このBlogでは、2023年 9月15日に開催される Zenith Live '23 Tokyoの Breakout Session のご紹介をシリーズで各セッションスピーカーからお送りさせていただきます。 第3回は、私の担当セッションである ” Zscalerが提供するデジタルエクスペリエンスの進化” についてご紹介します。 新型コロナを期に多くの企業がリモートワークを導入してきました、そしてコロナ後の現在では出社、在宅を含めた柔軟な働き方ができるハイブリットワークが定着しつつあります。 このような従業員が自宅やシェアオフィス、出張先などどこからでも仕事ができる環境を実現するために、クラウドサービスの利用も拡大している状況となっています。 そのような状況の中、新たに出てきたのが従業員のデジタルエクスペリエンスに関する課題です。 具体的には、自宅等のリモート環境のネットワークや端末負荷等の問題によって、クラウドサービスや企業内アプリケーションに快適にアクセスできず、従業員の生産性低下をまねいているということがあげられます。 また、このように様々な状況で使われるITシステムの問題に関する問い合わせ対応で、ITヘルプデスクの負荷も増大しています。 このような問題は利用するITや働く環境が変わっていく中で、ITのモニタリングツールが 従来のままポイントごとのモニタリングツールで、End-to-Endでの可視化が欠如していることが1つの大きな要因と考えられます。 本セッションでは、ユーザの端末から様々な情報を収集し、End-to-EndでSaaSのパフォーマンスの可視化や、Zoom等のWeb会議の品質をユーザごと可視化するソリューション、さらに各ユーザが利用しているSaaS、そのSaaSの利用ユーザ数、利用場所などの情報から導き出されるビジネスインサイトを提供するソリューションをご紹介をします。 Zenith Live ‘23 Tokyo へのご参加をお待ちしております。 →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 また弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveの内容をブログにまとめました。こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Wed, 09 8月 2023 23:31:33 -0700 Naoto Inoue https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-dx https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-resilience みなさん、こんにちは。Zscaler セールスエンジニアの樋口です。 このシリーズでは、2023年 9月15日に開催される Zenith Live ’23 Tokyo の Breakout Session を各セッションスピーカーからご紹介させていただきます。 第1回目は ”ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素” についてお届けいたしました。 第2回は、私の担当セッションである ” 事業継続を下支えするZscalerのCloud Resilience” についてご紹介します。 2010年代からクラウド型のWeb会議システムをはじめとしたSaaSや、仮想マシンやコンピューティング/ネットワークリソースをサービスとして利用するIaaSなどのクラウドサービスは日本企業においても利用を拡大してきました。 これら当社を含むクラウドサービスを提供するベンダーは、サービスの開発に金銭・人的リソースを投資し、機能だけではなく、日々安定してサービスを提供することを重要視しています。 一方でそのような莫大な投資が行われているクラウドサービスであっても障害、サービス停止は発生してしまい、「Web会議システムが障害で利用できない・遅い」、「メールにアクセスができない」、「IaaS上の仮想マシンが利用できない」といったこと経験した方は少なくないと思います。 このような背景から、近年はクラウドサービスの世界においてもResilienceが重要視されています。Resilienceとは「回復力」、「復活力」という意味で利用され、Cloud Resilienceは、クラウドサービスの障害時やサービス停止時におけるサービス提供の維持・復旧力を意味します。 当社は、SWGから数え15年以上クラウドベースのサービスを世界中のお客様に提供してきた経験、知見、技術、体制をZscaler Resilienceとして、安定したサービス提供やサービス障害時の復旧力をお客様にお届けいたします。 本Breakout Sessionでは、Zscaler Resilienceの以下の3つの要素を中心にご紹介することで、 Zscalerが安心してご利用いただけることプラットフォームであることをご理解いただきます。 ・安定したサービスを維持するための、信頼できる、回復力に優れたプラットフォームとクラウドライフサイクル 　→ 世界150カ所以上のロケーション・複数大陸に跨ったデータセンター群・利用者の増加やイベントに備えたパフォーマンス能力など ・各種障害に備えたZscalerのバックエンドの仕組みや機能とアプローチ 　→ 軽微なノードクラッシュだけではなく、データセンターやロケーションレベルの障害やパフォーマンス問題を解決する仕組みや機能 ・お客様がコントロール可能なDisaster Recovery機能 　→ 戦争や大規模な自然災害時など壊滅的破壊稼働を想定し、万が一当社のサービスの障害・一時停止が発生してしまった場合であっても業務を継続していただくための機能 これらを深掘りしてご紹介いたします。 ぜひZenith Live '23 Tokyoにご参加ください。 →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 また弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveの内容をブログにまとめました。こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Sun, 06 8月 2023 17:41:52 -0700 Kotaro Higuchi https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-resilience https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-session-7element みなさん、こんにちは。Zscaler 副技術本部長の古場です。 このBlogでは、2023年 9月15日に開催される Zenith Live ’23 Tokyo の Breakout Session のご紹介を、シリーズで各セッションスピーカーからお送りさせていただきます。 第1回は、私の担当セッションである ”ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素” についてご紹介します。 多くの企業様にて、SaaSの活用やデータセンターのクラウド移行が進んできております。それに伴って、アプリケーションへアクセスするための、ネットワークのトランスフォーメーションが必要となっており、これを実現するためには、セキュリティのトランスフォーメーションを併せて行わなければなりません。 これまでのネットワークとセキュリティは、データセンターを中心としたハブアンドスポーク型のデザインで構築されてきておりました。データセンターのセキュリティスタックを、インターネットの出入り口として社内と社外に境界を設けて、社内のネットワークを守る境界防御と呼ばれるアーキテクチャです。アプリケーションがデータセンター内部にあり、ユーザが社内にいる場合には、問題なく機能していたデザインでしたが、ユーザとアプリケーションが社内に存在しないケースが増えてきた現在では、ネットワークの効率的な利用とはかけ離れた構成となっています。 これに対して、境界防御からゼロトラストアーキテクチャへの移行を検討されているお客様や、すでに実装されているお客様も多くいらっしゃいます。実際に様々なベンダーからゼロトラストのソリューションが出ておりますが、一見同じようなメッセージに見えており、本当にそのソリューションで実現可能なのか？どんな観点で選ぶべきなのかが難しくなってきているのも現状です。 本セッションでは、お客様の目指すゼロトラストを成功に導くためのゼットスケーラーアーキテクチャの7つの要素をご紹介し、どういった点を考慮すべきなのかを弊社のアーキテクチャをベースにご案内できればと思います。お客様のゼロトラスト化の実装を促進し、デジタルトランスフォーメ‘ーション加速に向けてご参考になれば幸いです。 ぜひZenith Live '23 Tokyoにご参加ください。 →ご登録はこちら ≪Zenith Live '23 Tokyo セッション紹介シリーズ≫ 第1回 ゼロトラストを成功に導くゼットスケーラーアーキテクチャの7つの要素 第2回 事業継続を下支えするZscalerのCloud Resilience 第3回 Zscalerが提供するデジタルエクスペリエンスの進化 第4回 拠点間通信やサーバー・IoT/OT領域へのゼロトラスト接続の拡大 また弊社のプリンシパル セールスエンジニアの笹川がラスベガスで参加したZenith Liveの内容をブログにまとめました。こちらも覗いてみてください。 →Zenith Live 2023 米国ラスベガス 現地レポート Tue, 01 8月 2023 18:06:22 -0700 Kentaro Koba https://www.zscaler.jp/blogs/company-news/zenith-live-23-tokyo-session-7element https://www.zscaler.jp/blogs/company-news/zenith-live-2023-report みなさまこんにちは、ゼットスケーラーのプリンシパル セールスエンジニアの笹川と申します。 6/12週に米国ラスベガス、6/26週にドイツ ベルリンで開催されたZenith Live 2023、本日は9/15の東京開催に先駆けてラスベガスの現地レポートをお届けしたいと思います。 ラスベガスには合計1,000名以上のお客様やパートナー様にご参加いただき大盛況イベントとなりましたが、その中で創立者でCEOのJay Chaudhryの基調講演を始めとする60以上の講演でゼットスケーラーの革新的ソリューション、顧客事例、導入ベストプラクティスなどを多数紹介しました。本日はその中から2つの話題に絞ってお話ししたいと思います。 生成AIへの対応と活用 ChatGPTを始めとするGenerative AIと呼ばれる動向に対して「お客様が安心・安全に利用するためには」と「ゼットスケーラー自身のプラットフォームにどのように活用するか」両方の観点からの話題が多数ありました。 大多数のお客様が競争力や迅速性を期待してAIを利用したいものの、情報漏洩などリスクが大きく伴うため、踏み切れずにいらっしゃるかもしれません。Zero Trust Exchangeプラットフォームはゼロトラスト概念をベースにそれらAIサイトの識別、アクセス制御、可視化、からその先の脅威対策や情報保護までを提供します。また、その脅威対策や情報保護そのものにAI/MLを採用することでいままでの文書・画像ファイルの検知精度向上だけでなく、将来的には音声・動画ファイルに含まれる機密情報検出にも取り組んでいます。 Zero Trust ExchangeへのAI/ML採用は上述のセキュリティ用途だけでなく運用管理や可視化にも進められています。ダッシュボードやレポートで提供するリスク評価やユーザー問題発生時の自動診断切り分けにも既に使用され、将来的には管理者のマニュアル参照や各種運用管理作業も従来の管理画面での手作業でなく自然言語インターフェイスで対話式に行えるようになる予定です。 ゼロトラスト接続 今後お客様のネットワークが閉域からインターネットをメインとする構成に変わる中、ほとんどの場合は大小に関わらず拠点内のLANが今後も残ることは避けられない状況です。既にPCやモバイル端末はZscaler Client Connectorで場所を問わずゼロトラスト接続が可能ですが拠点内のサーバー、プリンタ、IoT/OTなどクライアントをインストールできない機器も存在します。 これら機器の双方向接続を提供するための新しいBranch Connectorが今までの仮想マシン形態だけでなくハードウェアアプライアンスとしてのリリースが新たに発表されました。Branch Connectorで拠点から任意の他拠点、データセンタ、クラウド、インターネットに対して閉域網のIPネットワーク延伸でなくゼロトラスト概念に従いネットワークIP層に依存しない接続が実現可能となり、お客様のネットワーク基盤をインターネット移行を実現します。 上記2点以外にも非常に多くの新機能がZero Trust Exchangeに実装予定されておりますが、まずはインパクトの大きそうな話題についてお伝えしました。 オンラインのウェビナーでも詳しくご紹介しますので、是非ご参加ください。 https://info.zscaler.com/webinar-innovation-series-event-2023 またラスベガスとベルリンで開催されたコンテンツは一部、以下のURLよりオンデマンド視聴可能となっております： https://reg.zenithlive.com/flow/zscaler/zenithlive23/home/page/event 来たる9/15東京にてZenith Live 2023 Tokyoが開催されます。開催が1日のためラスベガスやベルリンで開催された内容全てでなく一部となりますが、その代わり日本市場にカスタマイズした独自のコンテンツもご用意しております。ぜひZenith Live 2023 Tokyoに登録の上ご参加ください！ Zenith Live '23 Tokyo に参加する Sun, 23 7月 2023 23:50:20 -0700 Yutaka Sasagawa https://www.zscaler.jp/blogs/company-news/zenith-live-2023-report https://www.zscaler.jp/blogs/company-news/zenith-live-23-emea-closes-customer-calls-action-quest-innovation "Change is uncomfortable. Fear of the unknown leads to inertia. The bold and curious will succeed." – Jay Chaudhry, Zscaler Cybersecurity spending is projected to reach $219 billion in 2023. Nevertheless, researchers predict cybercrime to cost the global economy $10.5 trillion by 2025. How can we bridge the chasm between our mitigation efforts and the results they deliver? That was the question Zscaler CEO, Chairman, and Founder Jay Chaudhry opened Zenith Live 2023 in Berlin last week, and it’s one Zscaler colleagues, customers, and partners spent the rest of the conference trying to answer. It was time well spent with encouraging results. Why? For one, it starts with a refusal to settle for the status quo. Equinix VP of Technical Sales Vaishali Ghiya, who joined Jay on the stage for his opening keynote, summed up the endless possibility of this mindset perfectly when she remarked, “We said bye-bye to that appliance-based VPN, and it's been happily ever after ever since." Now, her expectations have reached new heights: "I look forward to getting on an airplane, firing up Zscaler, and getting all my work done on a long flight," she said. Refusing to sacrifice productivity while in the air demonstrates an unwillingness to settle. CompuGroup Medical is another shining example of a company that battled inertia and reaped the rewards. After organizing its IT environment around hub-and-spoke connectivity and castle-and-moat security for years, CompuGroup decided it had other options, as Jochen Klein and Tim Cottin reported to the audience. As one of the world’s leading e-health companies, its cyber and IT operations protect customer data, accelerate business transactions, and secure developers’ access to code databases to insulate the company against supply chain attacks. Following its transition to a zero trust architecture, Jochen and Tim reported that CompuGroup vaulted into the top 2% of companies for security in independent pen testing. It can connect employees productively on day one following M&A deal closures. "Because of Zscaler's ZPA, [third-party pen testers] were unable to penetrate our network and were not able to find any services to try to breach," Jochen said. In addition to a strong bias for action, the willingness to continuously innovate is another key factor contributing to successful digital transformations. Not surprisingly, this urge to improve was also on full display in Berlin last week. E.ON CISO René Rindermann, with whom I had the pleasure of sitting down for a fireside chat, spoke of digital transformation as the impetus for breaking down silos between departments at the European energy provider. By recognizing that digitization was a business priority rather than an IT priority, he said the company became more nimble in all facets, from product rollouts to enabling remote work. While Zenith Live is always an opportunity for Zscaler to showcase the innovations it has been hard at work on, that’s truly something best done by our customers. Few do it better than our longtime collaborators at Siemens Energy. VP of IT Infrastructure Wolfgang Schubert and Head of Threat Intelligence Dusan Vignjevic were on hand to highlight some of the company's efforts. Knowing the company is facing spikes of 30-40% in energy demand within the next 20-30 years, Siemens Energy is committed to innovating to meet this demand sustainably. As Wolfgang put it, “Technology drives decarbonization.” Specifically, he called out Zscaler Digital Experience (ZDX) as a tool the company uses to maximize its resources without sacrificing security. MAN Energy Solutions CISO Elena Furini, who also took to the stage at Zenith Live, has a similar focus. "Through our products, we want to reduce global emissions by 10% by 2030," she said. As one of Zscaler’s first Zscaler Private Access (ZPA) customers, we are proud to have supported Elena and MAN on their mission by providing a means for protecting crown jewels like Active Directory, granting secure access to third parties, and acting as a secure VPN replacement. I could not help but notice the synergies between Man Energy Solutions and Siemens Energy’s efforts and a point made by Jay in his opening keynote that Zscaler can drive a 93% reduction in carbon emissions compared to on-premise solutions. While this is ultimately a small contribution to a significant global problem, I am proud of its alignment between Zsclaler and its partners. Sadly, cybercriminals are as committed to innovation as upstanding technology leaders. For threat actors, data is gold. Protecting that data is critical for Zscaler customers like the staffing firm Randstad, financial services provider Equiniti, and banking conglomerate Absa Group. "For [Equiniti]," said CISO John Meakin, "knowing where the data is and where it's going is core to our business." Enter innovations in data loss prevention (DLP). Because so much of cybersecurity boils down to ensuring data is secure and confidential, this was a major theme running through the innovations unveiled at Zenith Live. Representatives of customers who took to the stage to discuss their DLP efforts highlighted the essential need to capitalize on the advantages offered by the cloud, the risks it introduces, and the high stakes with which they are all playing based on their industry. Knowing this is the case for many Zscaler customers, this year's innovations put a premium on distributed data protection with new features focused on LLM-related data governance issues, AI-powered cloud configuration monitoring, and forthcoming multi-modal DLP capabilities for audio and video file formats. These were a few highlights from two truly incredible and inspiring days with colleagues, customers, and partners. If you could join us, I hope you took away important lessons and fond memories. If you missed us in Berlin, please register to watch the recorded sessions. To hear more customer voices from Zenith Live ‘23, check out the day one and day two recaps from our Las Vegas event. Wed, 05 7月 2023 13:40:20 -0700 Kavitha Mariappan https://www.zscaler.jp/blogs/company-news/zenith-live-23-emea-closes-customer-calls-action-quest-innovation https://www.zscaler.jp/blogs/company-news/power-zscaler-intelligence-generative-ai-and-holistic-view-risk Zenith Live ‘23 was a resounding success as we brought together a host of experts, industry analysts, and customers to learn, explore and exchange ideas on cybersecurity technology innovation and transformation. Each year, Zscaler announces several industry-changing innovations at this event, and this year was no different. One thing that captured the attention of attendees, however, was generative AI— and for all the right reasons. Your partner in the AI transformation journey At Zscaler, we believe Generative AI as a technology is fundamentally transformational, but delivering impactful AI-powered outcomes requires large volumes of diverse, high-quality data and a sophisticated AI engine to precisely train AI models. Zscaler’s AI advantage is a result of 15 years of expertise and leadership in developing and operating the world’s largest cloud security platform, which processes more than 300 billion daily transactions from users, IoT/OT devices, workloads, and business-to-business communications. The scale of Zscaler’s platform combined with our unique large language models (LLMs) differentiates our AI solutions in the industry. Just as we are helping organizations navigate through security and network transformation, Zscaler is committed to helping customers safely embrace Generative AI and accelerate their AI transformation journey. To that end, we made several notable announcements at Zenith Live ‘23—ranging from advancements in current products that customers love and use every day, to industry-defining new innovations that are coming down the pike. Generative AI is transformational Embracing AI transformation securely Several Zscaler products today leverage the benefits of AI and ML to recommend security policies, segment users and applications, classify data, and identify risks accurately. Recently, we have delivered additional capabilities to give customers more power over access control and protecting sensitive data to ultimately enable them to embrace generative AI more securely. Data protection for AI: Zscaler Data Loss Prevention (DLP) prevents potential data leakage and enables organizations to record and retain content, including prompts to generative AI queries and outputs of publicly available LLMs and AI applications, for security and audit purposes in their own environments. AITotalTM : a comprehensive grouping and risk classification for an exploding number of AI applications, for security and audit purposes in their own environment. AI visibility and access control: A new URL category and cloud application specifically tailored for monitoring AI application usage. This innovative solution offers the versatility to establish a variety of disparate policies for different user sets and groups, granting organizations precise control over access to AI applications. By implementing cloud-based remote browser isolation, Zscaler provides an additional layer of security while restricting potentially hazardous actions, such as uploads, downloads, and cut-and-paste functions, when accessing AI applications. More details about how Zscaler is making it safer for customers to embrace Generative AI tools are covered in this blog by Dhawal Sharma - SVP, Product Management at Zscaler. Patrick Foxhoven talking about Zscaler’s leadership in AI at Zenith Live ‘23, Las Vegas Ground-breaking Generative AI security innovations for the next generation of threats Zscaler is embracing generative AI and using it to develop several industry-leading innovations that were improbable (at least not with precision) even a few years ago. We previewed some of these at Zenith Live ‘23 and will share more soon. Security Autopilot™ with breach prediction: A proactive approach to securing data by enabling AI engines to continuously learn from changing cloud-based policies and logs. Between accurately recommending policies and performing impact analysis effectively, Security Autopilot simplifies security operations while preventing breaches. This is currently piloted by ThreatLabz, Zscaler’s advanced threat research and incident response team. Zscaler Navigator™: A simplified and unified natural language interface to enable customers to interact with Zscaler products and access relevant documentation details using a seamless, secure, and user-friendly approach. Multi-Modal DLP: Zscaler’s revolutionary approach to DLP will operate by integrating generative AI and multi-modal capabilities into its already capable DLP offerings to protect customers’ data from leakage across various media formats beyond text and images, such as video and audio formats. Introducing Zscaler Risk360TM: Holistic view of risk for organizations Zscaler is deeply rooted in solving some of the most complex security challenges for our customers. One thing that comes up in our conversations with CISOs across the globe is the need for them to have a near real-time view into the organizations’ holistic risk. The ever-increasing frequency of cyberattacks and external pressure from regulatory bodies, such as the Securities Exchange Commission (SEC), has made cyber risk quantification and reporting a board-level conversation. However, legacy solutions tend to be manual, static, and difficult to use. Leaning again on the strength of Zscaler intelligence coming from our Zero Trust Exchange and our commitment to solving the most complex security challenges for customers in an elegant fashion, we announced the limited availability of Zscaler Risk360 at Zenith Live ‘23. Zscaler Risk360 is a powerful risk quantification and visualization framework for remediating cybersecurity risk. It ingests data from external sources and your own Zscaler environment to curate a detailed profile of your risk posture across all four stages of a cyberattack - external attack surface, compromise, lateral propagation, and data loss - and all the entities in your environment, including assets, applications, workforce, and third parties. Zscaler Risk Dashboard Zscaler Risk360 gives security practitioners the ability to intuitively visualize holistic risk in real time and to use data-driven recommendations to take prioritized action to prevent breaches. CISOs can lean on Zscaler Risk360 to quickly understand the top risk drivers for the organization, make business decisions intelligently, and communicate simply and broadly to the executive team. Zscaler Risk360 is a game changer for security and risk professionals. You can read more in this blog by Raj Krishna - SVP of Product Management and Kanishka Pandit, Sr. Product Marketing Manager at Zscaler, or request a demo on our website here. I hope many of you joined us at Zenith Live ‘23 in Las Vegas or Berlin where we celebrated innovation, collaboration, and joint success with customers and partners. If you missed it, you can still watch the recording here. Thu, 29 6月 2023 08:00:02 -0700 Harsha Nagaraju https://www.zscaler.jp/blogs/company-news/power-zscaler-intelligence-generative-ai-and-holistic-view-risk https://www.zscaler.jp/blogs/company-news/zero-trust-connectivity-extended-plus-massive-leap-data-protection-zenith-live Day two of Zenith Live jumped right into our third innovation keynote of the conference, focused on our initiatives to extend zero trust connectivity beyond users to workloads and IoT/OT devices. In the same spirit, I’m diving right into key takeaways from the second half of our main event in Las Vegas. Extending zero trust connectivity beyond the user Dhawal Sharma, Zscaler VP & GM of product management, pivoted in his keynote from a security to a networking focus, taking the audience through the evolution of networks from monolithic, as workforces worked almost exclusively from corporate offices, to gradually more distributed leading up to the pandemic until ultimately taking their current hybrid form. For the past 30 years, Dhawal emphasized, IP-based networking worked well. But the movement of employees from behind the corporate firewall and increasing adoption of cloud-native applications mean routable networks expanded attack surfaces beyond reason. The Zscaler Zero Trust Exchange addresses these shifts, allowing users to be connected to resources without the need for routable networks, effectively hiding both from internet onlookers. Establishing this history is essential to understanding what we mean by extending zero trust connectivity. Many users sit outside the corporate network today, and workloads and IoT/OT devices make up an increasing proportion of corporate traffic. Workloads require a zero trust connectivity framework at the cloud level. Employees and IoT/OT devices need a zero trust connectivity framework wherever they reside. We released Cloud Connector and Branch Connector to cover these use cases. According to Dhawal, it is akin to the shared responsibility model in cloud computing. We aim to shoulder the responsibility for zero trust connectivity to lighten the load on our users. In other words, we are automating how users bring traffic to the Zero Trust Exchange. Cloud Connector innovations Brian Lazear, Zscaler Vice President, Product Management, took over for a deeper dive into the cloud workload innovations. Brian discussed three core challenges facing cloud development and security practitioners: Operational complexity – With hundreds of workloads in existence at any time and new ones being constantly created or retired. Manual segmentation – Unrealistic given the number of existing workloads, which can expose organizations to attacks and data loss. Multi-cloud environments – That often must be managed independently of one another due to nuances between platforms. He then explained how Zscaler helps address these challenges by: Simplify operations through enhanced, near real-time visibility offered by workload discovery-as-a-service, infrastructure-as-code integrations for easy templating and granular configurations. You can tie these to ZIA and ZPA policies. Automate segmentation with the ability to add app-to-app controls and machine learning-backed grouping policies, as well as visibility over which apps talk to which others for true microsegmentation capabilities. Unify multi-cloud environments by introducing Google Cloud Platform support in addition to existing AWS and Azure offerings. New capabilities stemming from our partnership with Equinix allow push-button direct connectivity to the Zscaler Zero Trust Exchange for uniform policy enforcement. Managing a multi-cloud environment was especially taxing for NOV VP of IT Patricia Gonzalez-Clark. "They're very similar, but then they each have their own nuances. That's why we are especially excited about the advances to the Zscaler Cloud Connector, especially policy by tags." Branch Connector innovations Cafe-like connectivity is the gold standard for branch locations, confirmed Zscaler VP of Product Management Naresh Kumar. He took to the stage to explain how Zscaler Branch Connector innovations make it possible to open a laptop and connect to the business from anywhere. To do so securely, we focused on removing the need to connect different office branches using SD-WAN-enabled site-to-site VPNs. These entail a discoverable attack surface and can enable lateral movement if breached. Instead, the Zscaler Branch Connector is a network edge function that forwards traffic via a TLS tunnel with no overlay network required. Essentially the same technology powering ZPA today, Zscaler Branch Connector provides a singular path for traffic from the branch office to the Zscaler security cloud. No attack surface. No opportunity for lateral movement. This innovation keynote ended with Zscaler Sr. Director, Product Management Javier Rodriguez Gonzalez and Sunbelt Rentals EVP, Chief Digital & Technology Officer JP Saini expounding on the benefits of Zscaler Digital Experience (ZDX )and its new feature set. AI enhancements simplify diagnosing performance degradations for customers by automating the discovery of problems with, for example, an internet service provider. This feature pinpoints issues quickly and delivers reporting on which users are affected and possible remediation steps, all at a speed only possible with AI assistance. ZDX "allows our teams to be more proactive in identifying issues and pursuing remediation accordingly," said JP. Taking a digital transformation road trip with CarMax Shamim Mohammad, EVP & Chief Information and Technology Officer at CarMax, walked attendees through a phased digital transformation journey. Founded on the idea that buying a car could be straightforward, CarMax and Shamim were determined to make their zero trust implementation equally easy. Though it broke the mold, CarMax had a more challenging time innovating in IT. Before its transformation, the company was sitting in a massive legacy environment. Hair pinning was causing latency and fragmenting the customer journey. So CarMax established two goals: Strengthening the business by setting the standard for the digital car buying experience Overhauling IT operations by prioritizing cloud-native productivity solutions for its workforce By migrating business applications to the cloud, CarMax could operationalize the massive data sets it had amassed across its roles as a direct-to-consumer car dealer, vehicle wholesaler, and financial institution (as a top-10 auto lender). The migration also shifted mindsets among Shamim’s team from project completion to business enablement, inspired by the feeling they could contribute to the company’s success. Next, CarMax locations switched to local breakouts so users could access the internet directly. The employee experience improved, network-related costs cratered, and security enforcement became more manageable. According to Shamim, CarMax is now confident that the online car buying experience is secure for customers, and the company can provide excellent insights garnered from its large dataset. "One thing I love about Zscaler is they're innovating," he said. "As a company focused on being an industry leader, we need a partner that can innovate." An integrated solution to distributed data protection How can data protection be secure, simple, and productive? For Zscaler SVP Take-Off Teams, Willie Tejada, that is the fundamental question driving his team to dream up innovative ways to keep organizations safe from data loss and theft. To rise to the challenge, Zscaler GM & VP, Data Protection Moinul Kahn said his team has delivered over 70 new features in the past six months. To what end? Comprehensive, fully integrated data protection capabilities with the least burden on Zscaler users. New features advancing this goal include: AI/ML-powered automatic data classification and enforcement – Using sophisticated techniques to automatically classify data on the wire according to categories and enforcing rules based on policy. Improved incident management – Automatically notifying users of data loss prevention (DLP) rule violations and providing the opportunity for justification of that action. Cloud app control – For granular policy control over applications like ChatGPT, which allow rules to allow use but block actions like uploading source code to third-party apps. Data protection for unmanaged devices – By enforcing remote browser isolation to protect against uploading and downloading, copying and pasting, and even watermarks to discourage screenshots. Email DLP – Through SSL/TLS inspection of outbound mail that checks subject lines, body text, and attachments for DLP violations. These capabilities are essential for John Graham, CISO at NetJets. His company possesses data critical to ensure its elite clientele is comfortable and accounted for on private flights. Their privacy is paramount for NetJets. After hiring a red team hacker to prove somebody can steal information belonging to clients from cloud applications, John called in Zscaler. "We utilized the Zscaler team to actually prove that, not only could we see this happening, we could stop it," John said. "It proved itself out right away." For Equinix Deputy CISO Gene Casady, the most valuable data protection capabilities involve a cloud access security broker (CASB) solution. As an administrator of SaaS apps, Gene was looking for a CASB that integrated several functions into a single solution to reduce cost and simplify operations. He looks forward to seeing how the latest product enhancements will increase efficacy. "What I'm most excited about is seeing how Zscaler will apply AI and ML models cross-functionally to my unique data sets to produce more accurate and actionable alerts," he said. Zenith Live 2023 in Las Vegas has wrapped. We look forward to hearing from more customers at Zenith Live EMEA in Berlin on June 26-29. What to read next Zenith Live ‘23 kicks off with stunning series of innovation AI ethics: One more reason to look forward to connecting with fellow women IT leaders at Zenith Live '23 In Their Own Words: Customers in the Spotlight at Zenith Live '23 Fri, 16 6月 2023 13:14:33 -0700 Kavitha Mariappan https://www.zscaler.jp/blogs/company-news/zero-trust-connectivity-extended-plus-massive-leap-data-protection-zenith-live https://www.zscaler.jp/blogs/company-news/zenith-live-23-kicks-stunning-series-innovation-announcements We were thrilled to welcome customers, prospective customers, journalists, and industry analysts to the opening day of our annual Zenith Live user conference in Las Vegas yesterday. My fellow Zscaler executives and I were excited to showcase all of the hard work our product and engineering teams engaged in over the past year. These industry-redefining innovations in the arenas of AI-enabled security, data-driven business intelligence insights, and product enhancements promise to further strengthen the platform underpinned by the world’s largest security cloud. Attendees fill the event space at the ARIA Resort & Casino in Las Vegas. Jay Chaudhry sets the table for disruptive innovation with his CEO keynote Zscaler CEO, Chairman, and Founder Jay Chaudhry introduced several new Zscaler innovations by stressing that these capabilities were built on top of the existing platform. A guiding principle for the 15-year-old company has always been to help its customers consolidate vendors and eliminate point products. "Our goal," Jay said, "is to be integrated, comprehensive so you don't have to deal with multiple point products that don't work with each other." New offerings weren’t cobbled together from a string of acquisitions to add functionality in areas that were lacking, he pointed out. They weren’t dreamed up to extend product lines and create additional revenue streams. They were not knee-jerk attempts to capitalize on the buzz surrounding AI. Instead, they capitalize on Zscaler’s massive cloud security data lake for training sophisticated AI models to provide advanced insights to our customers. These insights were always present in the more than 300 billion transactions and 500 trillion daily signals seen by the Zscaler Zero Trust Exchange each day. AI simply allows us to process and serve them to users in scalable, intuitive, and actionable ways. Zscaler CEO Jay Chaudhry opening Zenith Live ‘23 from the main stage. Customers are always central to the Zenith Live agenda, and this year’s features many who were instrumental in conceiving and developing the innovations unveiled at this year’s event. First, Jay welcomed Christopher Porter, SVP & Chief Information Security Officer at Fannie Mae, to the stage to describe how the company jumped out of the gate early to begin its transformation journey. Christopher explained how Fannie Mae’s digital transformation began after they migrated key business applications like ServiceNow and Office 365 to the cloud. The company’s on-premise proxies could not keep up with the scale of traffic headed for the internet. That all changed when they switched to Zscaler Internet Access, allowing users faster and more secure internet access. "[Zscaler] changed the experience to where it's the same whether you're home, whether you're at Starbucks or you're in one of our physical buildings," Christopher said. As with many companies, the pandemic accelerated Fannie Mae’s transformation. It was the impetus for pushing out Zscaler Private Access (ZPA). Porter said it allowed him to sleep better at night since it removed the threat of lateral movement previously introduced by a VPN solution. More data protection capabilities followed: exact data match, index document matching, and integration with Microsoft information protection capabilities. Next, Jay discussed Zscaler's first foray into hardware with Justin Dustzadeh, Chief Technology Officer at Equinix. Equinix is a global digital infrastructure platform with over 240 highly reliable data centers connected by a global software-defined backbone network. A partner for more than a decade, Equinix had a vision of evolving its infrastructure security and interconnection consumption from box-based point solutions to a cloud-native, software-enabled, and customizable platform that could secure any-to-any capabilities for its user while enforcing policies and preserving visibility. The result, Zero Trust Branch Connectivity, is a plug-and-play appliance for securely connecting branches while reducing the cost and security risks associated with VPN-over-SDN-WAN connections. "We are partnering to take friction away and make secure cloud-to-cloud and hybrid multi-cloud interconnection an easy and enjoyable experience for our users," Justin said. To cap off the CEO keynote, Microsoft Chief Security Advisor James Eckart joined Jay and Zscaler EVP, Business and Corporate Development Punit Minocha onstage to explore the partnership between the two companies. "One of the things Zscaler first did with Microsoft, very successfully, was allow us to go straight from the endpoint to Office 365 while crossing Zscaler's complete security stack," James said, "so we could get around all of the hair-pinning and latency issues we were experiencing in our data centers. That was just really a boon for everybody. It created a lot of user delight." How the “strategic imperative” of cybersecurity aligns with Hyatt Hotels’ mission I also had the good fortune of sitting down with my good friend and longtime Zscaler customer Ben Vaughn, SVP & CISO of Hyatt Hotels, for a fireside chat. For Ben and Hyatt, cybersecurity is integral to the company's core purpose: care. "What an amazing purpose for a hospitality company, but what a really amazing purpose to have for a cybersecurity department," Ben remarked. As always when I talk to Ben, our conversation ranged from the idealistic underpinnings of a career in cybersecurity to its tactical implementations like risk transfer via cyber insurance – something for which Hyatt has a very innovative approach – to the importance of turning on SSL inspection to protect guests and employees from those who would try to do them harm online. Ben Vaughn and Kavitha Mariappan in conversation at Zenith Live ‘23 In talking about Hyatt's adoption of zero trust and what it means to the company, Ben acknowledged it has become a loaded term but boiled it down for his team as referring to validating traffic, identity, and security posture at multiple points within its environment. Vaugh also discussed the challenges of securing a highly mobile workforce that often shuffles among the company's more than 1,250 properties. "When we look for security technologies like Zscaler, cloud-based security delivery mechanisms are really important to us because we just can't rely on security to only exist the moments that you're inside our hotel," he explained. Of those 189,000 colleagues Hyatt and Ben rely on Zsclar to help secure, only roughly 40 work in cybersecurity directly. Vaugh attributes this to his team’s willingness to use the full suite of capabilities Zscaler offers to enhance Hyatt’s security posture. "I think we owe it to Zscaler and ourselves to push the buttons you give us because those buttons are the way we seize the initiative from threat actors," he said. “We make the amount of people that are required to respond to incidents that much smaller because we push the buttons” Ben wrapped our conversation with his advice for practitioners looking to stay in the field for the long run. "Find a way to tie what you do every day to what the company does every day," Ben says. "I think you might find that that makes it a lot easier to get permission to push that button." The power of Zscaler intelligence: Generative AI and a holistic view of risk Zscaler EVP & Chief Innovation Officer Patrick Foxhoven fittingly kicked off the Zenith Live innovation deep-dives by introducing many new features and enhancements made possible by AI. "We've been at this for a long time, so AI's not new, but I'll make a statement. We do think it has the potential to change everything," said Patrick. But the technology is not without risk, he noted. Both deepfakes and data loss can be enabled by the same generative AI capabilities we expect will also change the world in more positive ways. As Zscaler VP, Product Management Sanjay Kalra took over to explain, new Zscaler capabilities are focused on advancements in three key areas: Enabling Zscaler customers to use generative AI safely – You can’t protect against what you can’t see, so Zscaler began by adding a new URL category and cloud app for tools like Bard, ChatGPT, and others. This allows admins to finely control who is able to access these tools and enforce browser isolation to protect against sensitive data being uploaded. Zscaler also now provides risk scores for commonly used apps to determine if their AI integrations pose a threat based on the application’s security posture and data retention policies. Building new and enhancing existing products – Zscaler announced it is releasing its own proprietary natural language processor, dubbed Zscaler Navigator, which draws from the company’s own data lake so users can interact with products, request usage statistics, and query support in an intuitive and conversational format. Increasing the efficacy of everything we do – Multi-modal scanning makes data loss prevention (DLP) even more effective by scanning images, videos, and even Zoom calls for sensitive information like intellectual property and preventing them from being uploaded to third parties, assisting security teams with one of the most challenging threats to contain – insider attacks. Zscaler Global CISO Deepen Desai also walked attendees through the typical attack chain from downloading a malicious file to data exfiltration and, eventually, ransomware delivery. He explained how AI insights generated by Zscaler’s new Risk 360 platform can help security prioritize, isolate, and implement policies for preventing future process iterations. "In my opinion, this all ends with AI vs. AI," said Aflac VP, Security Operations & Threat Management DJ Goldsworthy, who joined Desai onstage to discuss the reduced response time necessary to compete with AI-enabled attacks and how he worked with Zscaler to limit his attack surface and automate remediation efforts. As Darin Hurd, Chief Information Security Officer at Guaranteed Rate, who provided feedback on the platform during development, put it, "What Risk 360 does for me is three things: First, it helps me more effectively communicate to my board. Second, it helps to prioritize where we spend our limited security resources. And third, at the end of the day, it inspires confidence because security is difficult and complex." Raj Krishna, SVP, New Initiatives, wrapped by previewing how the forthcoming Zscaler Business Insights will leverage company data to help solve business problems such as understanding licenses purchased versus those deployed or tracking employee usage patterns to understand their return-to-office journeys better. More on that to come… This article originally appeared on CXO REvolutionaries Fri, 16 6月 2023 13:13:41 -0700 Kavitha Mariappan https://www.zscaler.jp/blogs/company-news/zenith-live-23-kicks-stunning-series-innovation-announcements https://www.zscaler.jp/blogs/company-news/introducing-zscaler-risk360-tm-measuring-risk-holistically Given the current macroeconomic climate, IT leaders are judiciously re-evaluating their cybersecurity investments. Legacy solutions fail to provide the breadth of visibility into cyber risk and attack exposure necessary to accomplish this. Zscaler is introducing a new approach - a data-driven, real-time solution for managing cybersecurity risk. Cybersecurity is arguably one of the top priorities for organizations everywhere. The current macroeconomic environment and external pressure from regulatory bodies, such as the Securities Exchange Commission (SEC), require IT leaders to quantify and communicate cyber risk to internal stakeholders, business leaders, board members, government regulators, cyber insurance underwriters, and third-party vendors. Legacy solutions fail to meet this requirement for real-time, data-driven cyber risk management. These are often a medley of point solutions, spreadsheets, and manual aggregation of results. They just do not work. A new approach is required. Real-time, data-driven risk management with Zscaler Risk360 Introducing Zscaler Risk360, a powerful risk quantification and visualization framework for remediating cybersecurity risk. Zscaler Risk360 ingests data from external sources and your own Zscaler environment to curate a detailed profile of your risk posture in real time. Leveraging over 100 factors across your entire attack surface, it helps you understand your financial loss estimates, top cyber risk drivers, and the investigative workflows you can follow to remediate your cyber risk. More importantly, Zscaler Risk360 provides a powerful platform for CISOs to evaluate the efficacy of their cybersecurity controls across the four stages of attack - external attack surface, compromise, lateral propagation, and data loss - and all the entities in your environment, including assets, applications, workforce, and third parties. And given the criticality of communicating cybersecurity strategy across the entire enterprise, Zscaler Risk360 also generates CISO Board slides and high-fidelity peer comparison data to facilitate decision making. Zscaler Risk360 Dashboard Powerful risk quantification based on data and research Zscaler Risk360 leverages a highly complex, ThreatLabz-powered framework backed by hundreds of signals and several years of research to calculate risk scores for each of the four stages of breach - External Attack Surface, Prevent Compromise, Lateral Propagation, and Data Loss. Our model ingests data from your Zscaler environment and other external sources to evaluate your risk posture across more than 100 factors based on Zscaler’s unique inline vantage point. Zscaler Risk360 visualizes your cybersecurity risk across four entities - Workforce, Third Parties, Applications, and Assets. This allows enterprises to gain a more accurate picture of their risk exposure, correctly prioritize mitigation efforts, and make informed cybersecurity investment decisions. Intuitively visualize risk across your attack surface, in real time The Zscaler Risk360 web portal displays your organization’s cybersecurity risk in an intuitive, unified dashboard that allows you to quickly access key information. You can easily filter and drill down into the top drivers of your organization’s cybersecurity risk to further analyze and make security decisions. Business leaders, who are increasingly under pressure to demonstrate that their security programs adequately manage cyber risk, can explore financial loss estimates, including straightforward remediation recommendations. Zscaler Risk360 also includes a handy feature called “CISO Board Slides” which allows you to export a PowerPoint format slide deck to facilitate communicating key risk findings and dollar-value estimates of financial exposure consistently across stakeholders including Board, Audit, and IT Risk committees. Data-driven, prioritized actionable recommendations to prevent breaches Zscaler Risk360 surfaces risk insights with drill-down views for specific details and prioritized recommendations to amend policy. Once an enterprise’s risk posture is clearly understood, it’s critical that action is taken to prevent breaches. This is where the power of Zscaler Risk360’s prioritized remediation framework comes to bear. For example, when investigating users uploading sensitive files, Zscaler Risk360 provides guided investigative workflows that allow you to drill into suspicious users and apply critical policy changes to prevent further exposure. With Zscaler Risk360, you get to sit back and relax watching your risk score improve as your risk owners take policy actions over time. Fig: Actionable Recommendations Why Zscaler Risk360? Replace spreadsheets and third-party tools Gain a more accurate picture of your risk exposure along with a data-driven approach to estimated financial impact. Understand your top risk drivers Learn the top drivers of your enterprise’s cybersecurity risk with the ability to drill down into each contributing factor. Actionable recommendations to tune your loss expectancy Leverage Zscaler Risk360’s proprietary, research-backed guided workflows to investigate the most critical issues and prioritize actionable recommendations to remediate them. Board-level reporting and guidance Access curated collateral to share your quantified cybersecurity risk with your board, executive leadership, and other stakeholders. Wrapping up It’s time to put away your growing stockpile of third-party vulnerability management tools, attack surface reports, and spreadsheets. With Zscaler Risk360, signals across all your attack surfaces are aggregated in a single view, altogether with guided investigative workflows and prioritized actions to prevent likely breaches. Start your journey toward a more effective cybersecurity risk management posture today by talking with our team! Zscaler Risk360 is offered today in limited availability and is expected to become generally available soon. Read more and request a demo here. Thu, 29 6月 2023 21:30:01 -0700 Raj Krishna https://www.zscaler.jp/blogs/company-news/introducing-zscaler-risk360-tm-measuring-risk-holistically https://www.zscaler.jp/blogs/company-news/introducing-zscaler-itdr-tm アイデンティティーがサイバー攻撃の次の最前線になりつつある中、Zscalerは、アイデンティティーの態勢、状態管理、脅威検出のための機能を導入し、これらをアイデンティティーファーストのアプローチの柱としています。こうしたセキュリティ アプローチにより、ゼロトラストの原則が強化され、耐障害性のあるIT環境が構築できます。 アイデンティティー中心の環境におけるサイバー防御 すべての敵対的行動の最終目標は、リソースを活用して最重要情報にアクセスすることです。脅威アクターが悪用するリソースはさまざまですが、労力対影響の比率が最も高いのは、ユーザーのアイデンティティー、およびその延長にある、資格情報、特権、アクセス権などアイデンティティー関連のものです。 現在、2つのパラダイムシフトが起こっています。1つ目は、EDRがGartnerによるセキュリティ運用のハイプ サイクルにおける「啓発期」の最終段階に近づいているということです。EDRは、広く普及し、利用されています。その結果、組織は、悪意のあるツールとコードの実行の検出に関してこれまで以上に成果を上げています。 2つ目のパラダイムシフトは、ゼロトラストへの移行です。Gartnerは、新しいリモート アクセス展開の少なくとも70%が、2025年までにVPNサービスではなく主にZTNAによって提供されるようになると予測しています。この数字は2021年末時点での10%未満から大幅アップとなっています。Zscalerの7000以上のお客様の実情からも明らかなように、組織は、外部の攻撃対象領域を最小限に抑え、リソース アクセスを制限して、すべてのユーザーを検証するゼロトラスト アーキテクチャーの採用を進めています。 こういった2つのパラダイム シフトの結果、脅威アクターは戦略の方向転換を余儀なくされ、現在はアイデンティティーを狙っています。脅威の実行手口が最重要情報へのアクセスであるなら、正当なユーザーのアイデンティティーになりすます以上に優れた方法はありません。ユーザーを侵害して有効な資格情報を利用することで、攻撃者は従来の検出制御とゼロトラスト ポリシーを回避し、代わりにアクセス権や特権を活用して水平移動ができます。 攻撃オペレーションの労力対影響の比率の観点から見ると、アイデンティティー プロバイダーの構成、ロールベースのアクセス制御、およびWindows資格情報ストアで構成されるネットワークとホスト アーティファクトは、痛みのピラミッドの中ほどにあり、厄介ではあっても困難ではないとされています。 その結果、有効な資格情報を使用するアイデンティティーベースの攻撃は、組織化された脅威アクター(Lapsus$ / Nobelium / BlackMatter / Vice Society)だけでなく、サイバー犯罪コミュニティ全般にも広く浸透してきています(2022年の攻撃の80%はアイデンティティーに焦点を当てており、10組織中5組織がActive Directory攻撃を受け、Mandiant IRエンゲージメントの90%はActive Directoryの使用に関係していました)。 現在のアプローチは効果なし 組織は一般的に、これまでの脅威検出法とアイデンティティー管理のアプローチを使用してアイデンティティー攻撃のリスクを軽減しますが、これらのアプローチはアイデンティティーの脅威に対処するために構築されていないため、多くの場合、効果的ではありません。 悪意のある資格情報の使用を識別するため、UEBA / SIEM分析などの検知制御は古くから存在していましたが、これらは誤検知を起こしやすく、脅威検出チームが判断を下すためのコンテキストを常に欠いています(例：任意のユーザーXは、実際にY権限を変更できるのか）。 2FA MiTM、2FAスパム、SIMクローニング、セッション トークン ハイジャック/クッキー窃取などの攻撃は、IAM/PAM予防制御を標的にし、MFAをバイパスするので、多くの場合、ユーザーの賢明な判断が頼りです(これは歴史的に見ても決して有効な方法ではありません)。 さらに、アイデンティティーおよび資格情報の多くの内部形式は、サービス アカウント、多要素認証をサポートしないアプリケーション、証明書、セッション トークン、キーなどを含む多要素認証には適していません。 このようなパラダイム シフトに、既存のソリューションの有効性の限界が重なり、セキュリティにアイデンティティー中心のアプローチが必要となっています。 Zscaler Identity Threat Detection and Response (ITDR) – ゼロトラストにアイデンティティーファーストのセキュリティを Zscalerのアイデンティティーファースト セキュリティのビジョンは、以下のような3つの基本的な柱に基づいています。 アイデンティティー攻撃対象領域の可視化 アイデンティティーを保護するための最初の手順は、隅々にまで及ぶアイデンティティー インフラストラクチャーの分析です。Zscaler ITDRは、オンプレミスのActive Directoryを評価し(近日公開予定の追加アイデンティティー ストアのサポート)、アイデンティティー態勢、危険なユーザーとコンピューター、Active Directoryに存在する設定ミスや脆弱性を総合的に表示するほか、死角を特定し、フォーカスする場所の優先順位付けに役立つMITRE ATT&CKマッピングを取得する機能を提供します。 アイデンティティー保護の管理 アイデンティティー攻撃対象領域を可視化した後は、2番目のステップとしてアイデンティティーの状態管理を構築します。Zscaler ITDRは、Active Directoryの重要な変更が、新しいリスクを招き入れ、攻撃者が特権を昇格させて水平移動できる経路を開くことがないよう、リアルタイムでモニタリングします。リアルタイムのアラートに加えて、問題を解決するために使用する動画チュートリアル、コマンド、スクリプトといった形式の修復ガイダンスも得られます。 アイデンティティー脅威の検知と対応 アイデンティティー関連の問題や設定ミスをすべて修復することはほぼ不可能です。中にはビジネスクリティカルなものもあり、侵害の発生時には、組織は悪用される危険があります。最後のステップは、既存の防御を迂回し、このような設定ミスを利用して特権を昇格して水平移動するような、アイデンティティー攻撃を検知することです。Zscaler ITDRは、DCSync、DCShadow、LDAP列挙などの攻撃に対して精度の高い検知を提供します。 仕組み Zscaler ITDRは、アイデンティティー セキュリティにロータッチでシンプルなアプローチを採用しています。 ユーザーとアプリケーション、ユーザーとリソースの間の接続を安全に仲介する統合エージェントのZscaler Client Connectorに組み込まれています。 攻撃対象領域の可視化 Zscaler ITDRは、LDAPクエリを実行してアイデンティティー ストア内のスキーマ、ユーザー、コンピューター、OU、およびその他のオブジェクトのマップを作成することでActive Directoryを監査し、その後、これらのオブジェクトに対してチェックを実行して、Active Directoryに存在する設定ミスや脆弱性を検出します。 Active Directoryを評価するには、ドメインに参加しているWindowsマシンにインストールされたClient Connector上でZscaler ITDRを実行する必要があります。 セキュリティ部門はアクセスするActive Directoryドメインを指定し、スキャンを実行するClient Connectorがインストールされたマシンを選択して、スキャンを設定します。 評価が完了するまでの時間はActive Directoryの規模に応じて異なりますが、15～30分程度です。 評価が終了すると、結果はダッシュボードに表示されます。 評価には、ドメイン リスク スコア、修復を優先すべき重点領域、最もリスクの高いユーザーとコンピューターのリスト、重大度とリスク分類の基本的な分析、MITRE ATT&CKキル チェーン マッピング、検知された設定ミスすべてのリストが含まれます。 各設定ミスに対し、ソリューションからは以下が提供されます。 リスク分類 重大度 修復作業 MITRE ATT&CK IDおよび戦術 問題点の説明 想定される影響 影響を受けるユーザー、コンピューター、オブジェクトのリスト 修復ガイダンス 動画チュートリアル スクリプト コマンド アイデンティティー変更の検知 評価が構成されると、セキュリティ チームはActive Directoryドメインの変更検知を有効にすることができます。 変更検知によりActive Directoryのセキュリティ態勢に影響を与える構成の変更がほぼリアルタイムで明らかになるため、セキュリティ チームおよびディレクトリ管理者は迅速に対応して修復ができます。 Zscaler ITDRはActive Directoryに対して優先度の高い一連の設定チェックを実行します。 このチェックでは主に、敵対者に悪用される可能性が最も高い問題の検出に焦点を当てます。 このチェックは、指定されたドメインのClient Connectorがインストールされたエンドポイントから15分ごとに実行されます。 変更は、良い影響または悪い影響があるとマーク付けされます。 問題が解決された場合は、良い影響とされます。 潜在的な問題が発生した場合は、悪い影響とされます。 アイデンティティーの脅威検知 Zscaler ITDRは、アイデンティティーの悪用や窃取の可能性がある悪意を持ったアクティビティーを、SOCチームおよび脅威ハンターに警告する脅威検知機能を備えています。 アイデンティティー脅威検知機能は、指定のClient Connectorがインストールされたマシン上のエンドポイント ポリシーとして有効化できます。 DCSync、DCShadow、Kerberoasting、セッション列挙、特権アカウント アクセス、LDAP列挙などの検知機能を利用できます。 セキュリティ チームは、指定のエンドポイントで検知機能のすべてを有効にするか、組み合わせて有効にするかを選択できます。 パターンが検出されると、Client Connectorは脅威が検知されたことをZscaler ITDRに通知します。 Zscaler ITDRは、セキュリティ チームが調査を実行できるよう、関連情報で脅威シグナルを強化します。 セキュリティ部門は、Zscaler ITDRでオーケストレーション機能を構成して、アラートから転送、修復までのアクションを自動化できます。 Zscaler ITDRを採用する理由 追加のエージェント/ VMは不要 Zscaler Client Connectorに組み込まれたZscaler ITDRは、追加設定なしで新機能および保護を提供します。 アクセス ポリシーとの統合 Zscaler Zero Trust Exchangeは、ID攻撃が検出された場合、アクセス ポリシー制御を動的に適用して侵害されたユーザーをブロックします。 SOC統合 主要なEDRとSIEMを含む統合により調査と対応を強化します。テレメトリはOpenAPIに準拠しています。 メリット アイデンティティー保護は、ユーザーの侵害や特権の悪用のリスクを軽減することにより、ゼロトラスト態勢を強化します。 アイデンティティーリスクの定量化 どのような脆弱性が、どこに、なぜあるのか把握します。アイデンティティー セキュリティ評価はで、リスク スコアが生成されるため、アイデンティティー攻撃対象領域の態勢を定量化して追跡できます。 設定ミスを検出 攻撃者優位につながる問題を明らかにします。GPPパスワードの漏洩、制約のない委任、古いパスワードなど、新しい攻撃経路になり得る危険な構成を検出します。 問題の修復 修復ガイダンスを使い、強力なアイデンティティー保護を構築します。問題点、影響度、影響を受けるユーザーを把握し、動画チュートリアル、スクリプト、コマンドを利用したステップバイステップの修復ガイダンスを活用します。 リアルタイムでモニタリング 構成の変更によって新しいリスクが発生した場合にアラートを受け取るようにします。アイデンティティーのシステムでは、構成とアクセス許可の変更が常に行われます。リアルタイムのモニタリングで新たなリスクや問題に関するアラートを受信できます。 アイデンティティー攻撃の検知 アイデンティティー脅威の検知で権限の昇格を阻止します。設定ミスをすべて修復することはほぼ不可能です。侵害が発生した場合に、DCSync、DCShadow、Kerberoastingなどの攻撃を検出して阻止します。 おわりに Zscaler ITDRは、アイデンティティー攻撃対象領域の可視化、アイデンティティーおよびアイデンティティー システムに対する攻撃の検知、状態管理と封じ込め、修復を完結させることによるリスク軽減を実現する、新たなレベルのアイデンティティー中心型セキュリティ制御です。攻撃者が情報漏洩への道筋としてアイデンティティー侵害を好む中、Zscaler ITDRは、アイデンティティーファーストのセキュリティへの実用的なアプローチを提供し、既存の防御を迂回する脅威によるリスクを軽減します。 Tue, 13 6月 2023 21:30:01 -0700 Amir Moin https://www.zscaler.jp/blogs/company-news/introducing-zscaler-itdr-tm https://www.zscaler.jp/blogs/company-news/announcing-new-zscaler-platform-capabilities-identify-mitigate-and-manage-large この度、Zenith Live 2023においてZero Trust Exchangeプラットフォームの新たなイノベーションを発表できることを嬉しく思います。これらの新しいサービスは、拠点接続の保護を変革し、継続的なモニタリングと脅威の検出を提供するほか、リスクを定量化し、シームレスなITエクスペリエンスも実現します。 大規模な攻撃を特定、軽減、管理することでお客様をサポートできる新たな機能をご紹介します。具体的には以下の通りです。 Zscaler Risk360™ 拠点向けゼロトラスト接続 Zscaler ITDR™ ZSLogin™ Zenith Liveにバーチャルで参加し、最新のイノベーションを直接ご覧ください。 Zscaler Risk360: 強力なリスク定量化および視覚化フレームワーク Zscaler Risk360は、CISOがサイバーリスクを軽減するために、情報に基づいた迅速なビジネス上の意思決定を行えるよう支援します。Zscalerプラットフォーム内の内部および外部ソースからの豊富なシグナルセットを活用することで、100を超えるデータ駆動型要因から優れた可視性と実用的なインテリジェンスを獲得できるようになり、以下が可能となります。 強力なリスク定量化 サイバー侵害のすべての段階についてリアルタイムのリスク スコアを提供し、従業員、サード パーティー、アプリケーション、資産を含む4つのエンティティ全体でリスクを視覚化します。 直感的な可視化とレポート作成 サイバー リスクの上位要因をフィルタリングし、修復のための財務的な推奨事項を含む財務エクスポージャーの見積もり額を予測して、簡潔な取締役会レベルへのプレゼンテーション資料を作成。 実践可能な修復 ガイド付きワークフローで実用的な推奨事項に優先順位付けを行い、最も重要な問題を調査して修復し、組織のセキュリティを維持しながら運用をノンストップで実行。 ゼロトラストの拠点接続：拠点接続を再定義して優れたセキュリティと簡素化された管理を実現。 ゼロトラストの拠点接続は、シンプルさ、拡張性、優れたセキュリティを提供し、拠点でのMPLS接続に関連する定期的なオーバーヘッド コストを大幅に削減します。これは支店を安全に接続するための根本的に新しいアプローチで、SD-WANを介したリスクの高いサイト間VPNを排除し、ユーザー、アプリケーション、およびデータのセキュリティを向上させます。コストを削減して運用の複雑性を軽減すると同時に、M&Aのプロセスを大幅に加速できます。 新しいプラグ&プレイ ブランチ アプライアンスはゼロタッチ プロビジョニングが特徴のオプション製品で、簡単にインストールできます。Zero Trust Branch Connectivityにより、CISOは以下が可能になります。 サイト間VPNおよびコストのかかるMPLS接続をゼロトラストに置き換え 拠点とアプリケーション スタック間でユーザー、サービス、IoT/OTデバイスを安全に接続。 拠点のIT運用をシンプルに インターネットへの直接接続でクラウドベースのアプリケーションに接続するため、複雑な従来型のルーティングを維持する必要がなくなりインフラストラクチャーを削減。 コラボレーションする従業員をシームレスに統合 人とビジネス アプリケーションを統合することで、組織の生産性向上までの時間を短縮。 Zscaler ITDR: 継続的な可視性、リスク モニタリング、脅威検知によってアイデンティティー攻撃を軽減 サイバー犯罪者がユーザーのIDならびに資格情報を標的にするケースが増えています。Zscaler ThreatLabzの年次フィッシング レポートによると、最新のフィッシング攻撃の大半が盗まれた資格情報を使っています。Zscaler ITDRは、アイデンティティーの設定ミスと危険なアクセス許可を継続的に可視化することで、ビジネスのセキュリティ態勢を強化します。Zscaler ITDRにより、CISOは以下を実現できます。 アイデンティティー リスクの定量化 リスク スコアを生成することにより、アイデンティティー 攻撃対象領域の態勢を定量化および追跡。 設定ミスを検出 GPPパスワードの漏洩、制約のない委任、古いパスワードなど、新しい攻撃経路になり得る危険な構成を検出します。 問題の修復 問題、影響、および影響を受けるユーザーを把握し、動画チュートリアル、スクリプト、コマンドとともにステップバイステップの修復ガイダンスを活用。 リアルタイム モニタリング 構成の変更に伴う新しいリスクや問題についてアラートを受信。 特権昇格の停止 侵害が発生した場合、DCSync、DCShadow、Kerberoastingなどの攻撃を検知して阻止します。 ZSLogin機能：Zscalerは、ITプロセスの認証を合理化したログイン ダッシュボードの一元化により、IT管理者の作業を容易にすると同時に、以下の機能を提供して有効性を高めます。 認証の一元化 すべての管理コンソールにシームレスにアクセスするために、Zscalerにワンタイムで直接認証する機能。 エンタイトルメント管理の一元化 簡単な方法で、プラットフォーム全体のすべてのエンタイトルメントを確認し、管理者が適切なアクセス権を受け取るよう徹底。 パスワードレス多要素認証 パスワードレスの多要素認証をサポートし、使いやすくフィッシングに強い管理者認証の強度アップ。 管理者ID管理の自動化 SCIMを使用して管理者IDを管理し、お客様のIDプロバイダーからのIDデータに基づいて管理者の作成、エンタイトルメントの割り当て、および取り消しを自動化。 詳細はZenith Liveにバーチャルで参加して、最新のZero Trust Exchangeプラットフォームに関するイノベーションをご確認ください。 Tue, 13 6月 2023 21:30:01 -0700 Simon Tompson https://www.zscaler.jp/blogs/company-news/announcing-new-zscaler-platform-capabilities-identify-mitigate-and-manage-large https://www.zscaler.jp/blogs/company-news/it-s-time-reimagine-branch-connectivity はじめに 過去20年間で、ITの環境には多くの変化がありました。ひと昔前までは、誰もがオンサイトのデータ センターからITリソースが提供される職場のオフィスで仕事をしていました。大規模な組織では、支店がプライベート回線または専用線を介して本社と接続し、一元化されたデータ センターからITリソースにアクセスすることがよくありました。 2010年代に入ると、2つの点の置き換えがトレンドとなり、デジタル トランスフォーメーションのスピードが加速し始めました。まず、パブリックおよびプライベート クラウド アプリケーションが大きな存在感を示し始め、ローカルにインストールされライセンスされた融通の利かないアプリに取って代わりました。 次にソフトウェア定義型広域ネットワーク(SD-WAN)が登場し、より堅牢で高パフォーマンスのインターネットが、高価なMPLS回線や複雑な従来のWANルーティングに置き換わりました。SD-WANネットワークは通常、低コストのコモディティ ハードウェアを使用して構築されます。CLIではなくクラウドホストのGUIを介して管理され、インターネットを介したサイト間VPNを使用して仮想プライベート回線を作成します。 当然ながら、SD-WANは急速に普及を遂げてサイトを相互接続するとともに、ユーザーをアプリとサービスに接続するための事実上の手段になりました。サービス プロバイダーもこの傾向に従い、ミッションクリティカルなサービスを実行するためのビジネスグレードのダイレクト インターネット アクセス(DIA)サービスの販売に重点を置きました。 SD-WANが抱える課題 SD-WANを使用してネットワークを拡張すると接続性が高まりますが、一般的な実装においてはセキュリティの課題が生じる可能性があります。転送にインターネットを使用するすべてのSD-WANアプライアンスにはパブリックIPアドレスが必要であり、それにより簡単に検出できる攻撃対象領域が生まれてしまいます。そうなると、侵害が発生した場合に攻撃者はネットワーク内やサイト間を水平移動しやすくなります。これらのリスクに対処するには、ファイアウォール、侵入検知と防止、マルウェア対策などのこれまでのネットワークベースのセキュリティを導入する必要があります。一見、よりシンプルで費用対効果の高いソリューションのように見えるものの、以前のWANソリューションが抱えるコストや複雑性が多く残っている事実が明らかになったのです。 拠点の接続を見直し 幸いなことに、SD-WANの足場を築くのに役立った基礎的トレンドは、拠点の接続に対する新しいアプローチも生み出しました。Zscalerは、過去15年間かけてZero Trust Exchangeプラットフォームを開発し、ユーザーおよびワークロードを、アプリケーションおよびサービスに安全に接続してきました。その中で、任意のネットワーク上で実行できるセッションベースの暗号化トンネルを作成しました。これにより、クライアントVPNを使用する必要がなくなりました。このアプローチは、在宅勤務者、小規模なカフェ スタイルの拠点、または建物のオーナーにとって非ユーザーのデバイスが心配点となるコワーキング スペースに最適です。 大規模な拠点は、組織によって所有またはリースされている可能性が高く、社内のITリソースと、他のオフィスや本社のサービスへの依存が混在している状態です。また、サーバー、プリンター、IoT/OTデバイスなど、必要なクライアント コネクターを実行できないデバイスがある可能性が高くなります。 VPNに依存せずに拠点の接続に対するニーズを満たすために、Zscalerは、Branch Connectorを開発しました。これは、拠点から発せられる、または拠点へ向かうすべてのトラフィックを転送する機能を持ち、VPNを排除し、拠点内のユーザー、サーバー、およびデバイスに対してZero Trust Exchangeを介した安全なアクセスを提供します。 メリット Zero Trust Branch Connectivityには3つの主要メリットがあります。 VPNを排除することで攻撃対象領域の発見/悪用や脅威の水平移動のリスクを除去。 クラウドへの直接接続アーキテクチャーにより、複雑で旧式のルーティング可能ネットワークを維持する必要がなくなり、インフラストラクチャーを削減。それによりコストも削減。 新しい拠点、吸収合併、B2Bに向けた障壁が低く、コラボする従業員をシームレスに統合することが簡単になり、人とビジネス アプリケーションを一体化させることで組織が生産性を向上させるまでの時間を短縮。 拠点向けゼロトラスト接続の展開 Branch Connectorは、軽量の仮想マシン、または2023年後半にはプラグアンドプレイ アプライアンスとしてオンプレミスに実装されます。その役割は、任意のルーターを使用してインターネット経由でZero Trust Exchangeにトラフィックを中継し、拠点におけるすべてのトラフィック転送を管理することになります。Branch Connectorは帯域外で管理され、すべてのセキュリティ ポリシーはZscalerポータルから管理されます。そのため、セキュリティおよび IT管理者は、拠点で実行中のものに対する必要な可視性が得られるだけでなく、拠点のすべてのユーザー、サーバー、デバイスに簡単に適切なポリシーを一貫して適用できます。 Zscaler Zero Trust Branch Connectivityによるサイト間VPNインフラストラクチャーの置き換えについては、こちらをクリックして、データ シートから詳細をご確認ください。デモをご要望の場合は、Zscalerの担当者までお気軽にお問い合わせください。 Tue, 13 6月 2023 21:30:01 -0700 Simon Tompson https://www.zscaler.jp/blogs/company-news/it-s-time-reimagine-branch-connectivity https://www.zscaler.jp/blogs/company-news/join-us-aws-re-inforce The next AWS re: Inforce 2023 is just around the corner, taking place June 13-14 at the Anaheim Convention Center in California. For the second consecutive year, Zscaler will sponsor this two-day security conference, where cloud security leaders and practitioners will network and learn about the latest cloud security innovations from AWS and its partners. Zscaler plans to unveil several innovations at AWS re:Inforce that will help you foster secure digital transformation and achieve cloud security. We invite you to visit our booth #776 at AWS re: Inforce to learn how Zscaler innovations can help your organization be more agile, innovative, and secure in AWS environments while maintaining compliance and optimizing ROI. Additionally, you can: Discuss your AWS security roadmap with Zscaler security experts. Work with our experts to discover how Zscaler can solve your security challenges with a comprehensive platform approach. The Zscaler team is offering mini speakers and some exciting swag just for meeting with the on-ground team during the event and booking a personalized on-site Zscaler Posture Control demo. Experience Posture Control Freemium version Secure up to 250 AWS Workloads with Zscaler Posture Control for Free with the industry’s most comprehensive CNAPP - Posture Control, free of charge as we announce the launch of the Zscaler Posture Control Freemium version. Explore the Zscaler Posture Control platform With our free, no-obligation Cloud Security Risk Assessment, you can kick-start your cloud security program. Experience the power of Posture Control, simply connect cloud accounts to Posture Control for immediate onboarding and complete monitoring. Take advantage of exclusive offers AWS customers can also visit AWS Marketplace and check out Zscaler Posture Control procurement information, offerings, and exclusive offers. Discuss and finalize exclusive offers and deals on Posture Control. Learn about Posture Control Dive into Posture Control—learn about its functionality and modules, and discover how it gives you 360-degree visibility to protect all your cloud resources. Register for the Posture Control self-guided workshop We look forward to seeing you at AWS re: Inforce! To learn more about the conference and to register visit https://reinforce.awsevents.com/ Tue, 06 6月 2023 08:00:01 -0700 Mahesh Nawale https://www.zscaler.jp/blogs/company-news/join-us-aws-re-inforce https://www.zscaler.jp/blogs/company-news/reinforce-your-security-strategy-zscaler-aws-re-inforce-2023 For the second year, Zscaler will be at AWS re:Inforce – AWS’s primary conference focused on cybersecurity. This year, the conference will be located in sunny Anaheim, California and will run from June 13 - 14. If you plan to attend, make sure you swing by booth #766 to speak with our product experts and learn how Zscaler is best positioned to properly secure your AWS cloud environment and workloads. We’ll be providing live demos of Zscaler Workload Communications and Posture Control (CNAPP) and giving out some great swag for you to take home. We’ve also partnered with AWS, Deloitte, and Crowdstrike to host an exciting invite-only networking event at Disney California Adventure Park! You’ll be able to enjoy top-notch cocktails and gourmet bites while taking in the amazing sights and sounds of the park. Reach out to your Zscaler account team for an exclusive invitation! Additional Information Before the conference, if you want to test out Workload Communications, we have a free self-guided lab you try out in a live AWS environment. We also provide a complimentary security assessment of your AWS environment which you can sign up for here. To learn more about the conference and to register, visit https://reinforce.awsevents.com/ We hope to see you there! Mon, 22 5月 2023 08:00:01 -0700 Franklin Nguyen https://www.zscaler.jp/blogs/company-news/reinforce-your-security-strategy-zscaler-aws-re-inforce-2023 https://www.zscaler.jp/blogs/company-news/zscaler-microsoft-build Conference Overview Microsoft Build is an annual developer conference (hybrid format event with on-the-ground and digital presence) that provides excellent insight into various Microsoft cutting-edge technologies. This event is designed to help developers, students, engineers, and technology professionals to learn more about Microsoft products, associated technologies, and Microsoft partner ecosystems. Taking place at the Seattle Convention Center, Washington, the Microsoft build event is scheduled for May 23rd and will end on May 25th. Pre-day workshops will begin on the 22nd. Zscaler at Microsoft Build 2023 We are proud to sponsor the Microsoft Build conference. Our theme for the Microsoft Build event this year is ‘Build, Deploy and Run Secure apps with Zscaler Posture Control’ We plan to showcase several new innovations at the Microsoft Build event. Technology Showcase We invite you to our booth #321 (third floor) and interact with leaders and experts to learn how we help to manage cyber-risks in the ever-increasing threat landscape with a platform approach. We offer exciting swag just for meeting with the on-ground team during the event and booking a personalized on-site Zscaler Posture Control demo. You may also explore Microsoft Build online. Breakout and Demo session: You can watch the Zscaler Posture Control breakout session plus demos or talk to our experts onsite Breakout session Level-Up Your Cloud-native Security - In this session, Matt Barrett and David Glading from Zscaler will explain how CNAPP with advanced risk correlation can help security teams effortlessly identify and fix critical incidents. Posture Control demos Shift-left with Posture Control: Learn about Zscaler Posture Controls' integrated approach to embed security across the development lifecycle Prioritize risk with Posture Control: Learn how to eliminate noise, uncover, and prioritize hidden risks and accelerate remediation with Posture Control Not attending Microsoft Build this year? Explore Posture Control to see how it gives you 360-degree visibility and control to protect all your cloud resources. You can also start your Free security assessment here. If you haven’t yet registered for the event you can register here. We look forward to seeing you at Microsoft Build. Fri, 19 5月 2023 07:07:02 -0700 Mahesh Nawale https://www.zscaler.jp/blogs/company-news/zscaler-microsoft-build https://www.zscaler.jp/blogs/company-news/expert-labs-and-free-certification-zenith-live-23 Zenith Live ’23 is an unbeatable opportunity to sharpen your professional skills, build your expertise, and accelerate your career with focused in-person technical training and certification sessions. Best of all, this year, all half-day sessions and certifications are completely free with registration! Take a look at our full lineup: Free Half-Day Sessions Data Protection Workshop Develop the hands-on skills and knowledge you need to operate Zscaler solutions to protect sensitive and distributed data. SSE for Workloads in Zero Trust Environments Get hands-on experience deploying workloads to the cloud and locking them down to operate securely through the Zscaler Zero Trust Exchange. Zero Trust Architecture Certification Training Understand the need to transform to a true zero trust architecture, and discover the seven elements of an effective zero trust architecture. Prepare for the Zero Trust Certified Architect (ZTCA) exam. Zscaler Cybersecurity Services Certification Learn how Zscaler provides state of the art security to stop threats and reduce business risk for today’s hybrid workforce with a proactive, intelligent, and radically simple security architecture. Paid Full-Day Training Ready to take it to the next level? Check out our only full-day training to learn the ins and outs of our zero trust platform. SSE for Users Workshop In this instructor-led lab, learn how to deploy and configure ZIA, ZPA, ZDX, and Zscaler Client Connector (ZCC). Seats are filling up fast—save yours now Register today for these can't-miss certifications, labs, and training sessions at Zenith Live ’23! Zenith Live ’23 | Las Vegas, Nevada Register now Zenith Live ’23 | Berlin, Germany Register now Tue, 16 5月 2023 10:18:11 -0700 Ben Powell https://www.zscaler.jp/blogs/company-news/expert-labs-and-free-certification-zenith-live-23 https://www.zscaler.jp/blogs/company-news/what-s-new-zscaler-digital-experience-greater-insights-deeper-intelligence First, a quick recap Before we unpack what’s new with Zscaler Digital Experience (ZDX), let’s quickly review how we got here. Apps, data, and employees are distributed Did you know that organizations with 250+ employees typically use more than 100 SaaS apps? And with workloads migrating to the cloud, by 2024, most enterprises aspire to have $8 out of every $10 for IT hosting go toward the cloud. As apps and data disperse to the cloud, IT teams have added additional performance monitoring telemetry to their arsenal to gain visibility across all their assets on and off the cloud. In the meantime, the workplace as we know it has changed. Today’s hybrid workforce relies on home Wi-Fi networks and local ISPs to directly access SaaS and cloud-based services. More than 63% of employees prefer hybrid or remote work. Broad cloud adoption and hybrid workplaces have put pressure on network operations, service desk and security teams. They’ve seen a 35% increase in support ticket volumes and a rise of more than 30% in service cost per ticket. Point monitoring tools leave IT teams poorly prepared Device, network, and application monitoring tools leave blind spots between the user’s device and the app, and require IT operations and service desk teams to manually export and correlate data from each tool. This lack of end-to-end visibility into digital experience forces IT teams into firefighting problems after they have been reported, versus proactively finding and fixing them. Additionally, each of these tools send numerous alerts that are often not actionable and frequently misguide teams when uncovering the root cause. Zscaler Digital Experience (ZDX) unifies monitoring silos As part of the Zscaler Zero Trust Exchange, ZDX helps IT teams monitor digital experiences from the end user perspective to optimize performance and rapidly fix offending application, network, and device issues. By securely monitoring your business’s SaaS, public cloud, and data center-based applications right from within your end user devices, Zscaler is able to present user experience insights across your organization, along with an end-to-end view on performance and availability across the entire application delivery chain. Armed with these insights: Network Operations teams can review digital experience health, detect bottlenecks across all their enterprise applications in real time, and rapidly resolve service degradation before users complain. Service desk teams have readily available root cause analysis for every user complaint, helping them quickly triage and efficiently resolve problems, and get employees back to work faster. Unveiling new capabilities for Zscaler Digital Experience As a product of continued efforts to empower network operations and service desk teams to deliver flawless digital experiences and support workforce productivity—especially within businesses where applications, data, and their users are widely distributed—we are delighted to announce the Industry’s Most Intelligent Digital Experience Monitoring solution that enables IT teams to amplify the impact of doing business anywhere. Let’s unpack the details. Maximize digital dexterity a.k.a usage with global insights Businesses thrive when employees fully and willingly use digital tools and data to collaborate and get work done efficiently. ZDX now gives you more insights to help ensure optimize performance of digital services and everything they rely on. 1. Monitor the quality of Webex meetings: Presently, you can use ZDX to monitor the quality of MS Teams and Zoom meetings to instantly isolate root causes of poor experiences, and thus ensure uninterrupted and productive meetings. With this release, we have extended these capabilities to Webex! 2. Get quarterly insights for productivity reviews: While insights that help us keep the lights on day-to-day are incredibly valuable, IT teams need to be able to review their impact periodically to celebrate successes and seek opportunities for optimization. With quarterly business review (QBR) reports, you can do just that, on a monthly or quarterly basis, and share your teams’ impact with all stakeholders. Achieve faster IT resolutions using AI Digital-first businesses, complex environments, and remote workers’ devices, when monitored for performance, generate vast amounts of data. With AI, this can produce valuable insights. 1. Automate root cause analysis: ZDX uses machine learning to accurately expose root cause by garnering information from past experiences, ensuring that IT addresses the core issues causing poor user experience, instead of just remedying the symptoms. 2. Perform AI-powered analysis: IT teams can also review what factors changed, between when user experience was optimal and when it was degraded, or a fixed point in time. 3. Automate alerts using built-in intelligence: With the multiple factors that can impact user experience, it is close to impossible to create alerts and set meaningful thresholds for every scenario. ZDX has greatly simplified alert configuration. By observing what “normal” looks like for specific users, regions, applications, devices, or networks, ZDX is automatically able to identify when anomalies occur and triggers precise alerts. No longer do admins need to routinely configure and maintain alerts. Effortlessly scale global enterprises A growing business is a healthy business. And they need to scale quickly. IT can help by quickly onboarding employees and ensure that they have great user experiences no matter their location, device, or the applications they rely on to be productive. IT environments are complex. With this release, we introduce capabilities that help implement digital experience monitoring practices more broadly. 1. Get endpoint performance insights: Desktop support teams often struggle with resolving device issues for remote workers and employees in other regions. This release adds a range of key metrics including device health, active processes for ChromeOS and Android (Windows and MacOS are already supported), and Windows OS metrics drawn from Microsoft Intune that are critical to troubleshooting device issues. Device health metrics CPU, memory, battery, disk I/O and usage, network I/O and bandwidth, Wi-Fi Process metrics Top processes and utilization across CPU, memory, disk I/O, network I/O Windows OS metrics Focus time, boot up time, crash reports, software events 2. Capture packets remotely: With 80% of performance issues in hybrid workplaces being largely caused by network problems, this gives IT teams critical information to isolate and fix these issues. 3. Monitor private apps without causing denial of service: For applications protected by Zscaler Private Access (ZPA), this release introduces web caching within the app connector thereby reducing the load on applications without impacting monitoring fidelity. 4. Get end-to-end visibility when using third-party proxies: Adopting zero trust is a journey, one where firewalls, VPNs, and Zscaler ZIA/ZPA co-exist. Now, ZDX can provide you with end-to-end cloud path performance insights across these complex network architectures and help you expose root causes for latency with confidence. See how you can use ZDX With these new capabilities, ZDX presents an even more powerful digital experience monitoring solution that can help IT teams positively impact employee experience, morale, and productivity, and as a result, business performance. To learn more about these innovations, watch our webinar, and read our technical deep dive, or request a demo! Tue, 09 5月 2023 04:00:02 -0700 Krishnan Badrinarayanan https://www.zscaler.jp/blogs/company-news/what-s-new-zscaler-digital-experience-greater-insights-deeper-intelligence https://www.zscaler.jp/blogs/company-news/top-5-reasons-attend-zenith-live-23 Join us at Zenith Live ’23 to experience the latest zero trust security innovations, hear firsthand from industry thought leaders, and take part in exclusive technical sessions. Register by May 31 to save $50 on your Full Conference Pass! Let’s count down the top 5 reasons to attend: Reason #5 Learn best practices for the latest cloud security and connectivity tools, tactics, and playbooks. Elevate your skills and knowledge to keep your organization secure and productive. Reason #4 Connect with peers, innovators, and leaders sharing real-world zero trust use cases and approaches. Plus, learn all about Zenith Community, a collaborative knowledge base for Zscaler users. Reason #3 Discover effective, concrete strategies to increase economic value, optimize technology costs, enhance user productivity, and improve your security posture—directly from real Zscaler customers. Reason #2 Take technical deep dives in expert-led training, hands-on labs and demos, and 60+ focused breakout sessions built for security, networking, and IT practitioners and leaders. Reason #1 Get certified on-site at no cost, including the new exclusive Zscaler for Users - Essentials credential. Spots are limited, so get a jump on your development before they run out: reserve your seat! With free certification training and more best practices, practical insights, and technical sessions than ever before, Zenith Live ’23 is set to be the best yet. See you there! Las Vegas, Nevada | June 13-15 Register now Berlin, Germany | June 27-29 Register now Mon, 08 5月 2023 08:00:02 -0700 Ben Powell https://www.zscaler.jp/blogs/company-news/top-5-reasons-attend-zenith-live-23 https://www.zscaler.jp/blogs/company-news/top-5-reasons-zscaler-partners-can-t-miss-zenith-live-23 Zenith Live is back, better than ever! As a Zscaler partner, you’ll find all the latest tools and strategies you need to stay competitive. Plus, you’ll have the opportunity to hear directly from new Zscaler Channel Chief Karl Soderlund on how we’re taking partnerships to the next level. Check out the top 5 reasons partners should attend Zenith Live ’23: Hear from visionary leaders, including Zscaler executives and guest CISOs, sharing innovations and use cases to help you accelerate your business, no matter the size of your team or the shape of our partnership. Attend our Partner Summit to learn how we're investing in your long-term growth in FY24, plus dive into the transformative power of partnership with Zscaler Channel Chief Karl Soderlund. Train with the experts in partner-specific workshops, hands-on labs, and certification sessions to elevate your Zscaler knowledge—check out AMS sessions here, and EMEA sessions here. Explore the Innovations Expo to meet other partners and sponsors in our global ecosystem, as well as discover powerful cross-sell opportunities and added-value solutions for your customers. Celebrate with Partner Awards, where our leaders and a special guest will recognize partners who have gone above and beyond in their partnership to become our Zero Trust Heroes. Register by April 30 to save $150 on Full Conference Passes with our Super Early Bird pricing. On top of that, we’re running a special partner-exclusive promotion: Enter code ZL23_EB to save an additional $100, for a total discount of $250 Zenith Live ’23 at the ARIA Resort & Casino | Las Vegas, Nevada (June 13-15, with Partner Summit on the 15th) Register now Zenith Live ’23 at the InterContinental Berlin | Berlin, Germany (June 27-29, with Partner Summit on the 28th) Register now See you at Zenith Live! Mon, 03 4月 2023 08:00:01 -0700 Elorie Widmer https://www.zscaler.jp/blogs/company-news/top-5-reasons-zscaler-partners-can-t-miss-zenith-live-23 https://www.zscaler.jp/blogs/company-news/zscaler-named-leader-2023-gartner-magic-quadrant-security-service-edge-sse 2023年Gartnerセキュリティ・サービス・エッジ (SSE)のMagic Quadrantが発行され、Zscalerは再度リーダーの1社と評価されました。SSEは、セキュアWebゲートウェイ(SWG)、ゼロトラスト ネットワーク アクセス(ZTNA)、クラウド アクセス セキュリティ ブローカー(CASB)を単一のプラットフォームに統合するサイバーセキュリティの最新のアプローチです。ZscalerがGartnerのMagic Quadrant*でリーダーの1社と評価されたのは、今回で12年連続となります。また、2022年Gartner Peer Insights™ "Voice of the Customer" for Security Service EdgeレポートにおいてもCustomers' Choiceの1社と評価され(2022年5月31日時点の411件のレビューに基づき、5つ星のうち4.6を獲得)、レポートの8セグメントすべてにわたってCustomers' Choiceと評価された唯一のベンダーとなっています。こうした評価によって、SSEベースのゼロトラスト アーキテクチャーの基準を高め続けているZscalerの姿勢がさらに裏付けられたといえます。 Zsclerは、2022年Gartner Peer Insightsの"Voice of the Customer" に選出されました。 Customers’ Choiceの1社と評価されたZscaler (8セグメントすべてにわたって評価されたのはZscalerのみ) このレポートでリーダーに位置付けられたことで、SSEにおけるZscalerの強みが強化されると考えています。SSEを構成するサービスは、業界初のクラウドネイティブなマルチテナント型プロキシベース アーキテクチャーであるZscaler Zero Trust Exchange™の基盤を形成するものであり、Zero Trust Exchangeは現在、1日あたり3,000億件以上のトランザクションを処理しています。 インターネット、SaaSアプリ、プライベート アプリへのセキュアなアクセスと、ユーザーとそのデバイスの保護を目的としたCASBとを組み合わせたZscaler for Usersの導入により、Zscalerはユーザー向けのSSEを構成する基本的なセキュリティ サービスを構築して業界をリードしています。巧妙なサイバー攻撃が増加し、組織や従業員がハイブリッド ワークや完全なリモート ワークへと移行する中で、SSEカテゴリーの重要性は確実に高まってきています。ユーザー向けのSSEを実現するために、ポイント製品からプラットフォームへのアプローチへと市場の進化を導いたGarnerに敬意を表します。新しい市場に向けたイノベーションの推進を担ってきたZscalerは、SSEをユーザー以外にも拡大する取り組みをすでに開始しています。 ユーザーの保護だけにとどまらないSSE 15年にわたるサイバーセキュリティの革新と多くのCIOやCISOからのフィードバックに基づき、ZscalerはSSEの機能をユーザーの保護だけでなく、次の3つの重要なエリアの保護にも拡張することを展望しています。 ワークロード向けのSSE - ワークロードとインターネット間のトラフィックの保護、ゼロトラストのワークロード間通信の提供、クラウド ワークロード ポスチャーの保護(CNAPP) IoT/OT向けのSSE - インターネットへのIoT/OTアクセスの保護、IoT/OTシステム間でのゼロトラスト接続の提供 B2B向けのSSE - アプリへの迅速かつシームレスなゼロトラスト アクセスを顧客とサプライヤーに提供 Zscalerは、SSEプラットフォームをユーザー以外にも拡張することで、組織全体を保護できる包括的なクラウドネイティブSSEベースのプラットフォームを使用して、IT運用を簡素化します。統合された包括的なSSEベースのゼロトラスト プラットフォームを進化させるために、Zscalerは「情報が常に安全かつシームレスにやりとりされる世界を実現する」というビジョンに従い、イノベーションの道を歩み続けています。 お客様によって証明されたZscalerの価値 私たちの成功の真の尺度は、Zscalerがお客様に提供する価値とデジタル トランスフォーメーションを進めるお客様がZscalerに寄せる信頼にあります。Zscalerが業界内で認知され、前進していることは次の点からも証明されており、私たちの誇りにつながっています。 Fortune 500の40%がZscalerのテクノロジーを利用して業務を保護 北米で約50％、それ以外の地域で約50％の売上高を達成する世界的な展開力 80以上のネット プロモーター スコア(顧客満足度の業界の指標)。SaaS企業の平均的なNPSは30 SSE MQの評価期間終了後、300以上の最先端SSEイノベーションを追加 SSEベースのゼロトラスト プラットフォームの実装を目指す組織への支援は、イノベーションを生み出すというZscalerの取り組みを後押しするものです。Zscalerは変化するお客様のセキュリティ要件の一歩先を行くために、クラウド ワークロード通信、IoT/OTアクセス、B2Bアクセスを保護する新機能をZero Trust Exchangeに追加する取り組みをすでに開始しています。 こちらから2023年Gartner SSEのMagic Quadrantレポート(無料)を入手して、Zscalerがリーダーの1社と評価された理由をご確認ください。 *Zscalerは、Gartner SWGのMagic Quadrantで10年間、Gartner SSEのMagic Quadrantで2年連続リーダーの1社と評価されました。 Gartner免責事項 Gartner, Magic Quadrant for Security Service Edge, 10 April 2023, Charlie Winckless, et al. Gartner, Gartner Peer Insights ‘Voice of the Customer’: Security Service Edge, Peer Contributors, 3 August 2022. Gartnerは、Gartnerリサーチの発行物に掲載された特定のベンダー、製品またはサービスを推奨するものではありません。また、最高のレーティング又はその他の評価を得たベンダーのみを選択するようにテクノロジーユーザーに助言するものではありません。Gartnerリサーチの発行物は、Gartnerリサーチの見解を表したものであり、事実を表現したものではありません。Gartnerは、明示または黙示を問わず、本リサーチの商品性や特定目的への適合性を含め、一切の責任を負うものではありません。 Gartner Peer Insightsのコンテンツは、プラットフォームに掲載されたベンダーに関する個々のエンドユーザー自身の経験に基づく見解を表したものであり、事実を表現したものではありません。また、Gartnerまたはその関連会社の見解を表すものではありません。Gartnerは、本コンテンツに掲載された特定のベンダー、製品またはサービスを推奨するものではありません。また、明示または黙示を問わず、本コンテンツの正確性または完全性について、商品性や特定目的への適合性を含め、一切の責任を負うものではありません。 GARTNERおよびMagic Quadrantは、Gartner Inc.または関連会社の米国およびその他の国における登録商標およびサービスマークであり、同社の許可に基づいて使用しています。All rights reserved. Thu, 13 4月 2023 08:31:01 -0700 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/zscaler-named-leader-2023-gartner-magic-quadrant-security-service-edge-sse https://www.zscaler.jp/blogs/company-news/zscaler-nacd-partner-advance-boards-cyber-understanding The SEC’s intent to standardize cybersecurity reporting rules for public companies has caused business leaders to reevaluate their board communications. Board members are increasingly eager to better understand cyber risk threats to their organizations and best practices for mitigating them. Boards of directors act as fiduciaries on behalf of organizations and their shareholders, which includes the responsibility to inform and offer appropriate guidance on critical business matters. Cyber risk today falls squarely within this category. Unfortunately, there is a significant gap in cybersecurity domain knowledge. One study recently found that 90% of organizations lack even one board member with cyber expertise. This widespread need for further education is one reason I am excited to announce a new partnership between Zscaler and the National Association of Corporate Directors (NACD). Our collaboration will focus on helping board members build foundational cyber and zero trust knowledge, advance effective cybersecurity discussions between executives and boards, and promote a deeper understanding of overall cyber risk exposure. Cybersecurity risk demands increased vigilance Zscaler’s ThreatLabz team documented a 20% jump in encrypted attacks, which make up the majority of all cyberattacks, between 2021 and 2022. Hacks make headlines daily, and investors are watching. Now demand is growing for greater transparency regarding how companies mitigate this risk. The proposed SEC rule would enforce disclosure of governance methods, risk analysis, and management processes in SEC filings. Enterprise boards that were comfortable in the traditional areas of financial performance, strategy, business risk, talent, and governance are expected to expand their scope to areas such as environmental, social, and governance (ESG); diversity, equity, and inclusion (DEI); and cybersecurity risk oversight practices. This is on top of persistent macro issues like economic downturns, climate change, social unrest, and war. To guide their organization appropriately, boards now require high-level oversight on cyber risk management and threats. This represents a significant opportunity for both board members and growth-oriented IT and security leaders to step in and become trusted board advisors on such topics. Applying risk-cost-benefit analyses to cybersecurity Only a quarter of organizations today could accurately assess the financial impact of a cyber incident, a Deloitte poll recently found. This haziness about the possible consequences of a cyber incident undermines a core responsibility of boards: managing organizational risk. In cybersecurity, there is always a balancing act between absorbed, assumed, mitigated, and transferred risk. To better gauge risk exposure, board members should consider questions including: What is an appropriate level of risk exposure and tolerance? How can the board best work with executives to evaluate the cybersecurity investment balance between risk, controls, and related costs? How do I determine whether new cyber-related initiatives can provide a return on investment? Board governance of cyber risk Zscaler and the NACD have partnered to help boards build the knowledge required to lead their enterprises into the cloud-first future. Without the proper cybersecurity strategy and solutions in place, CISOs and their teams spend too much time on reactive security – plugging gaps in risk mitigation or minimizing the impact of cyber events – rather than developing strategic, comprehensive risk reduction regimes to address current and future threats. To improve outcomes, when in front of boards security leaders must stress: Cyber risk is business risk. No longer an IT-specific concern, the risk from disruptions and breaches threatens brands and their reputations, with major financial implications for organizations and their shareholders. Cybersecurity is a never-ending job. Especially given the current threat landscape, leadership must continually re-assess cyber risk. For many organizations, cyber risks are only re-assessed in case of a trigger incident (i.e., breach, disaster recovery, during M&A, a review of tech budgets). Your adversaries only need to succeed once. Cybercrime is ever-growing and ever-changing, at an unprecedented rate. Criminal groups are now well-funded. Nation-state actors (whether tacitly or explicitly government-supported) are growing in sophistication and capability, with many attacks tailored to target and harm a specific organization. These individuals only need to identify one small, exploitable weakness in an organization to gain access. Security should be proactive. CISOs and security teams must expand beyond continuous tactical defense mode to developing a whole-of-organization, strategic cyber risk solution to properly address root solutions to current and future threats. Everyone must step up. Security, privacy, risk, and compliance do not fall under specific roles in the organization; everyone must share responsibility for organization-wide reduced risk. The time to act is now Whether focused on strategy or governance, a board’s role is responsive to crisis levels. Managing cyber risk, on the other hand, requires a constant and proactive fine tuning of threat detection capabilities, risk exposure, and acceptable levels of risk. Attackers target corporations as much as they do governments, and the risks, along with the loss of a competitive edge, are too critical to leave unaddressed. Boards and CXOs must: Understand their cybersecurity strategy and how the organization’s data, users, and customers are protected in order to ensure the executive team is making decisions inline with the organization’s risk tolerance. Articulate cyber risk exposure based on data and the economic impact For boards to meet their fiduciary responsibility to their organizations, cyber risk should be a top-of-mind, continual conversation with their executive team. Zscaler believes in educating all business leaders on cybersecurity risks and taking steps to help their organizations become more secure. We are proud to partner with the NACD in advancing that aim. While we won’t be able to inject cybersecurity expertise into every board overnight, we can advance top-down cyber risk literacy through initiatives like NACD advocacy and the CXO REvolutionaries. What to read next: Navigating the New Cyber-Threat Landscape: Zero Trust Risk Measurement and Mitigation Best Practices Challenge everything, trust nothing: What boards should know about zero trust Digital architecture risk is a fiduciary responsibility of the board Cybersecurity, governance, and the implications of oversight: How your board of directors could be at risk Wed, 22 3月 2023 10:10:47 -0700 Kavitha Mariappan https://www.zscaler.jp/blogs/company-news/zscaler-nacd-partner-advance-boards-cyber-understanding https://www.zscaler.jp/blogs/company-news/zscaler-experiences-no-impact-svb-closure As most of you have seen in the news, Silicon Valley Bank (SVB) was closed by regulators over concerns about its solvency. While this failure has affected SVB clients, many of whom are venture capitalists and tech companies, Zscaler has not experienced any negative impact to our business operations or ability to service our customers. To provide some added context, SVB was put into receivership with the Federal Deposit Insurance Corporation on Friday, one day after its stock declined precipitously and the bank experienced a run on deposits by its customers. In simple terms, this means that a large number of SVB depositors, fearing that the bank will be unable to repay their deposits in full and on time, simultaneously withdrew their funds. Those events were triggered by SVB’s report of a $1.8 billion loss from the sale of investments and plans to raise $2.25 billion in equity capital. Although SVB had been our banking partner in the past, our current banking partners are among the largest, most stable global banks, and our deposits at SVB currently represent less than 0.1% of our $1.9 billion of cash and investments. In fact, the vast majority of our $1.9 billion is not held in bank deposits at all, but rather in extremely safe and liquid investments like short-term US Treasuries or government money market funds. Fortunately for those impacted, the US government just announced it will step in to backstop SVB depositors, with depositors having full access to their cash as early as Monday. Sun, 12 3月 2023 18:55:13 -0700 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/zscaler-experiences-no-impact-svb-closure https://www.zscaler.jp/blogs/company-news/take-cloud-native-security-next-level Securing public cloud environments with tools like Cloud Native Application Protection Platforms (CNAPP) has become a top priority for InfoSec leaders. In fact, cloud security spending has increased (statistics show that the market is growing at a rate of 25.1% year over year, from $10.98 billion in 2021 to 13.73 billion in 2022¹), but unfortunately, so has the number of data breaches, with the 2021 Data Breach Investigations Report from Verizon finding that 90% of data breaches target the public cloud.² The whole point of this increased spend is to protect sensitive data in the cloud, so what’s wrong? One of the things I hear from customers several times per week is that they don’t know what sensitive data they have in the cloud and they certainly don’t know where that sensitive data resides. Unfortunately, the CNAPP solutions that they’ve invested in can’t help. While these solutions do a great job of characterizing the likelihood of an incident by correlating weaknesses and visualizing attack paths, they don’t understand the impact of the potential incident because they don’t know whether it would result in sensitive data being exposed to the attacker. In other words, most CNAPP solutions are unable to differentiate between a “critical” severity event with no sensitive data exposure versus a “high” severity event with millions of records of PII at risk. At Zscaler, our customers have repeatedly asked us to solve this problem, and that’s what is so exciting about today’s announcement. We are combining the capabilities of our comprehensive CNAPP solution, Zscaler Posture Control, with the time-tested data protection capabilities that are already trusted by thousands of organizations. Growing pains in the public cloud Cloud services like Amazon S3 Buckets, Azure Blob, and Google Storage have been widely adopted across enterprise cloud deployments and approximately 90% of enterprises³ use multiple clouds for data storage. However, data’s exponential growth poses a risk: the more data stored in the public cloud without proper controls, the easier it is for bad actors to steal them. As a result, the top challenges of securing sensitive data are now because of: CNAPP solutions that lack visibility into sensitive data: With data distributed across cloud applications and services, organizations are experiencing 10K data loss events annually.⁴ Without a deep integration of data exposure into the correlation and prioritization engine, enterprises are unable to really understand which risks are most important. Additionally, most solutions focus only on object storage, such as S3 and Azure Storage Blobs, but sensitive data, malware, secrets, and more can be found across the cloud, including in VM and container images. Too many alerts, not enough resources or context: Siloed security policies from point products yield thousands of isolated alerts, but approximately 30% of alerts go uninvestigated⁵ due to volume, context, and talent scarcity without helping the organization understand and prioritize true risk. Insecure configurations: Cloud service configurations are complex—especially in multicloud environments that lead to configuration errors or excessive permissions—and can result in high-profile exposures and compliance penalties. With these challenges in mind, here at Zscaler, we believe a new approach is needed. Introducing the industry’s most comprehensive CNAPP solution with integrated DLP and threat intel Zscaler Posture Control addresses these challenges so organizations can take advantage of the cloud without compromising on security or productivity. With the latest release, we are excited to share that we will be strengthening our Posture Control, Cloud Native Application Protection Platform (CNAPP) solution by natively integrating our best-in-class Data Loss Protection (DLP) solution and ThreatLabz threat intelligence which is powered by the world’s largest security cloud. Deep understanding of how incidents will occur and the resulting data exposure gives DevOps and security teams an unprecedented sense of where to focus their limited resources. The result? Increased security AND increased efficiency. Get the biggest return on your investments By bringing these capabilities together, security teams can get rid of siloed point products and more accurately correlate hidden risks caused by the combination of misconfigurations, threats, and vulnerabilities across the entire cloud stack. With this precision, you can eliminate alert fatigue and enable security teams to prioritize risks more effectively, allowing faster response time and greater security while being more resource- and cost-effective. In addition, embedding DLP and threat intelligence into Posture Control makes it easier for security and cross-functional teams to understand who is doing what with your sensitive data and implement tighter controls when and where needed. This tighter integration of components also allows for better cross-team cooperation across the entire application lifecycle. Key benefits: Resource and cost reduction with point product consolidation: A single, easy-to-deploy agentless solution that eliminates point products by unifying CSPM, CIEM, CWPP, and DLP, continuously securing every stage of the application lifecycle. More accurate risk identification, correlation, and prioritization: Integrated DLP and threat intelligence that identifies attack paths and detects ongoing attacks by automatically correlating seemingly low-risk signals when viewed individually but can be considered great risks when viewed holistically. Efficiency at scale: An integrated graph-based correlation and prioritization engine that expedites remediation and reduces alert fatigue by focusing on the risks that matter most. Native, end-to-end solution without silos: A solution that reduces security and DevOps silos with 360-degree in-depth visibility of risks across the entire multi-cloud footprint – including virtual machines (VMs), containers, and serverless workloads – from build to run. Summary Data breaches and sophisticated threats will continue to rise. As a result, organizations undergoing digital transformation or building new cloud apps must streamline security processes. Zscaler is committed to helping organizations address the digital transformation challenges they face in an ever-changing cloud native environment. Bringing CNAPP, DLP, and threat intelligence components together is part of that commitment. A unified, cloud native security solution like Zscaler Posture Control is designed to identify, prioritize, and remediate the most critical cloud security risks. For more information please watch the on-demand launch webinar or sign up for a free security risk assessment. 1: https://www.cnet.com/news/privacy/record-number-of-data-breaches-reported-in-2021-new-report-says/ https://www.statista.com/statistics/1266461/tam-cloud-security-spend-global/ 2: https://www.verizon.com/business/resources/reports/dbir/ 3: https://www.forbes.com/sites/forbestechcouncil/2022/01/03/dark-data-the-clouds-unknown-security-and-privacy-risk/?sh=2f655cc7375a 4: https://info.zscaler.com/resources-industry-reports-2022-threatlabz-state-of-data-loss-report 5: https://www.cnet.com/news/privacy/record-number-of-data-breaches-reported-in-2021-new-report-says/ Wed, 15 3月 2023 04:00:01 -0700 Rich Campagna https://www.zscaler.jp/blogs/company-news/take-cloud-native-security-next-level https://www.zscaler.jp/blogs/one-true-zero-live-post-report-2 本ブログでは、2023年2月10日（金）に開催されたONE TRUE ZERO LIVE TOKYO内の2セッションのサマリをお届けいたします。 【テクニカルセッション②】 Secure Your Workloads ゼットスケーラー株式会社 プリンシパルセールスエンジニア 笹川 裕 本セッションでは、スピーカーである笹川より、Zscaler for Workloadsについてご紹介しました。 冒頭、デジタルワークロードをクラウドネイティブに展開する「クラウドトランスフォーメーション」が加速しており、2025年には95%以上のワークロードがクラウドネイティブに展開されるという背景と、その中で直面する以下の課題について説明しました。 クラウドへの安全な移行 マルチクラウドの管理と接続 ワークロードからインターネットへの接続 シフトレフトセキュリティを実現するDevSecOps 次に、これらの課題を解決するZscaler for Workloadsの「Posture Control」と「Workload　Communications」の機能について、シナリオを用いて説明しました。 「Posture Control」はクラウド上のワークロードやユーザー権限の情報を収集することで、脆弱性やコンプライアンス違反などを検出し、対応の優先順位づけを行う機能になります。この機能を活用することで、設定ミスや脆弱性による問題の回避に加え、セキュリティのシフトレフトが実現できるため、アジャイル開発が進む中で生じる開発者とセキュリティ担当者の中の衝突回避にも繋がります。 「Workload Communications」はワークロードからインターネットへのセキュアな接続と標的型脅威からのワークロードの保護を実現する機能になります。この機能を活用することで、ワークロードのインフラから機密データの漏洩を阻止することが可能です。 Zscaler for Workloadsは「Posture Control」と「Workload Communications」の機能を備えた、構築から実行までを網羅する包括的なセキュリティプラットフォームです。 【テクニカルセッション③】 Secure Your IoT and OT ゼットスケーラー株式会社 技術副本部長 丸山 龍一郎 本セッションではスピーカーである丸山より、IoT/OTを保護するソリューションについて触れました。 これからのインダストリー4.0を実現するためにはIoTやクラウドコンピューティング、ビッグデータ等の最新のテクノロジーが活用されます。そしてその際に当然考えなければならないのがサイバーセキュリティです。 そしてインダストリー4.0を進める中で考えなければならないセキュリティリスクとして、従来の境界型防御の限界やITセキュリティの方法をそのままOT環境には適用できない問題についても触れました。 またビジネス面での課題としては、コロナ禍における技術者のリモートアクセスの必要性やコスト、シンプルなインフラが求められる点について説明しました。 そしてそれらのセキュリティリスク、ビジネス課題を解決するためのユースケースの紹介をしました。例えば、特権リモートアクセスによって監視、メンテナンスを安全に行うこと、IoT/OTからセキュアにインターネットにアクセスしてコンテンツチェックを行うアプローチを紹介しました。 一つの例として、工場のOT環境の取るべき戦略についても紹介しました。 工場のセンサーにはエージェントが入れられません。そこでDMZでセキュリティをコントロールすることになります。そこで、工場の中にゼロトラストエクスチェンジを持ち込むことによって、工場内でもこれまでと同じセキュリティを維持できるということや、外部からの攻撃表面のリスクを抑えるソリューションとしてブランチコネクターについても紹介しました。 最後に、実際に利用されているユースケースとして、シーメンス社とマンエナジー社の事例を取り上げました。 シーメンスは工場内のIoTデバイスを保護するために、Zscalerのアップコネクター/ブランチコネクターをハードウェア内に格納してセキュリティ性を担保している例を紹介し、マンエナジー社の例では、船舶上のエンジンを管理する仕組みをゼロトラストの仕組みでセキュアにリモートアクセスすることができた事例を紹介しました。 →前編はこちら ONE TRUE ZERO LIIVE TOKYO 2023 開催レポート（1/2） Thu, 16 2月 2023 01:12:46 -0800 Toru Horie https://www.zscaler.jp/blogs/one-true-zero-live-post-report-2 https://www.zscaler.jp/blogs/one-true-zero-live-post-report-1 本ブログでは、2023年2月10日（金）に開催されたONE TRUE ZERO LIVE TOKYO内の2セッションのサマリをお届けいたします。 【オープニング キーノート】 What Is Zero Trust? | Why One True Zero? ゼットスケーラー株式会社 代表取締役・エリアバイスプレジデント 金田 博之 本セッションでは、代表取締役・エリアバイスプレジデントの金田より、ゼロトラストの真実とZscalerが支援できるゼロトラストアーキテクチャーのメリット・ビジネス価値を紹介いたしました。 はじめに、企業リソースの分散化による攻撃対象領域の拡大化と、従来のネットワークセキュリティモデルの限界について、ゼロトラストが求められる背景を説明しました。 一方で、この流れはトランスフォーメーションで競争優位を確立する絶好のチャンスだと考えております。ゼロトラストアーキテクチャによるアプリケーション、ネットワーク、セキュリティの三位一体の同時変革 -「セキュアDX」を果たすことで下記のメリットが実現可能です。 ユーザー企業全体の生産性の向上 リスクの低減 シンプルな運用管理とコスト削減 次に、従来のHub & Spoke型ネットワークの歴史を辿り、ファイヤーウォールのパススルーアーキテクチャとVPNの脆弱性について解説しました。 そして、真のゼロトラストアーキテクチャの定義について、またZscalerがZero Trust Exchangeアーキテクチャにより支援できる点を説明しました。 具体的には、ユーザー、デバイス、ワークロード、IoT/OTがZscalerのZero Trust Exchange（クラウドプラットフォーム）を経由し、社内外のアプリケーションへ直接接続することが可能です。それにより、ファイヤーウォールやVPNでは解決不可能な下記の点を実現可能とします。 ①攻撃対象領域の最小化 - Zero Trust Exchangeを媒介にし、アプリへ直接接続することで外部からIPアドレスが見えない状態にする。 ②水平移動の防止 - セッションごとにポリシーを適用し、アプリへ接続する ③セキュリティ侵害やデータ流出の防止 - マルウェアやデータ流出等の全トラフィックを検査する Zscalerのサービスだけではゼロトラストを実現できないと考えており、他の主要なプラットフォームと連携したエコシステムを推奨しております。これによりお客様が一社に依存する危険性やベンダーロックインを回避し、各社のプラットフォームの個別進化を実現するなど、柔軟性の点においても大きな利点があると考えております。 最後に、お客様がゼロトラストによるDXを実現する為の４つのフェーズとZscalerを導入することで実現可能なROIを中心とした様々なアプライアンスの導入コスト、運用コストの削減をご紹介いたしました。 【テクニカルセッション①】 Secure Your Users ー サイバーセキュリティ - データ保護 - ゼロトラスト アプリケーションアクセス - デジタルエクスペリエンスの最適化 ゼットスケーラー株式会社 エバンジェリスト&アーキテクト 髙岡 隆佳 本セッションでは、ソリューション&アーキテクトの髙岡より、ハイブリッドワークにおいてセキュリティと生産性の両立をどう実現するのかというテーマで紹介いたしました。 コロナ禍が落ち着きつつある今、リモートワークのメリットを享受しつつ、オフィスへの出社と合わせたハイブリッドワークが増えてきています。しかし同時に、SSL通信におけるサイバー攻撃/ITインフラに課題を抱える組織/通信に関するサポートチケット、特にこれらの増加が顕著になっています。 今後ハイブリットワークがより標準になっていくためには「場所やアプリに左右されないシームレスで安全なアクセス」「高度なサイバー脅威対策」「あらゆる場所でのデータ保護」「可視性とトラブルシューティングの強化」が必要不可欠であると語りました。 ZscalerのZero Trust Exchangeプラットフォーム（Zscaler for Users）では、サイバー脅威やデータ流出から保護しながらも、ハイブリッドワークでのアプリ接続とユーザエクスペリエンスの強化が可能となり、それによってビジネスリスクの軽減、生産性の向上の両立を実現すると説明しました。 実際のユースケースを紹介するため、デモ形式でリモート出社/ハイブリッド勤務/請負業者といった、それぞれに異なるユーザ権限/ロケーション/課題を取り上げました。 中でも最新の機能/ユースケースとして、 フィッシング対策においては、通常のアクセスポリシーでの制御に加えて、ユーザの振る舞いを確認した上で、ユーザのリスクスコアに応じてIsolation（Web無害化）のポリシーに誘導するなど、より抑止力を担保しつつも生産性を維持するソリューションも可能になりました。 データ保護の観点では、これまでのDLPの設定負荷の増大などの課題を踏まえ、運用の自動化/最適化について紹介しました。 会社として認めているサンクションアップ/シャドーIT、これらの可視化をした上でポリシーに落とし込んでいくため、過検知/誤検知の心配も不要となります。 セッション最後には、「ゼットスケーラーの目的は、クラウドセキュリティを売ることではなく、お客様のインフラを最適化することだ」と強調しました。 「お客様の理想の形、現在の構成や本当の課題を正しく理解した上で、どんな手順/スキーム/スピード感で最適化していくのが理想なのか、ぜひディスカッションの機会を頂ければと思います」と、セッションを締めくくりました。 →後編はこちら ONE TRUE ZERO LIVE TOKYO 2023 開催レポート（2/2） Thu, 16 2月 2023 01:07:07 -0800 Toru Horie https://www.zscaler.jp/blogs/one-true-zero-live-post-report-1 https://www.zscaler.jp/blogs/company-news/zscaler-announces-industry-first-cloud-resilience-capabilities さまざまな規模の組織がイノベーションと効率化を推進するためにクラウド技術を採用していますが、その方法はここ10年で大きく変化しました。現在、94%の組織がクラウド サービスを使用しており、これにはユーザー アイデンティティー、セキュリティ、生産性などのミッション クリティカル サービスが含まれます。Zscalerはクラウド セキュリティのリーダーとして、40%以上のFortune 500企業のトラフィックとデータを保護しており、テクノロジー スタックの重要な構成要素としての地位を確立しています。 金銭的損失を招きかねない業務中断 クラウド コンピューティングのメリットは計り知れませんが、先日発生したロンドンのInterxionデータ センターの機能停止やフランスのインターネット ケーブル切断で証明されたように、ミッションクリティカルなサービスの回復力に対する懸念がないわけではありません。実際、80%の組織が過去3年間に何らかの形でクラウドの機能停止を経験しており、収益、生産性、評判が低下するという事態を招いています。このような機能停止が発生する要因として、停電やソフトウェアの問題、自然災害、国家規模の攻撃などが考えられますが、その要因が何であれ、業務の中断は決して起きてはならない事態です。組織はブラックアウト、ブラウンアウト、壊滅的な障害に対応できる強力なクラウド レジリエンスを備える必要があります。 Zscalerのクラウド レジリエンス機能「Zscaler Resilience」 Zscalerは組織の敏捷性、効率性、安全性を高めるイノベーションでお客様をサポートしています。また、お客様にとってZscalerがいかに重要であるかを理解しており、当社製品の信頼性、可用性、保守性(RAS)を会社の最優先事項としています。Zscaler製品には、業界をリードするサービス レベル アグリーメント(SLA)に支えられた、アップタイムに関する長い歴史がありますが、そこからさらなる進化を目指しています。 本日、ZscalerはZscaler Resilienceをリリースしました。 Zscaler Resilienceは、ブラックアウト、ブラウンアウト、壊滅的な障害などが発生した際に事業継続性を確保するための包括的な機能セットです。プラットフォームの高度なアーキテクチャーに基づいて構築されており、オペレーショナル エクセレンスを活用して常に高い可用性と保守性を提供します。お客様が管理するZscalerのディザスター リカバリー機能は、堅牢なフェイルオーバー オプションと組み合わせることで、あらゆる障害シナリオにおけるお客様の事業継続計画の取り組みをサポートすると同時に、業界で最も回復力に優れたセキュリティ クラウドとしての位置づけを確立します。 回復力に優れた設計 処理能力と冗長性をオーバープロビジョニングしてゼロから設計されたハードウェア システムは、回復力の高い基盤を提供します。Zscalerのクラウドネイティブなマルチテナント データ センター アーキテクチャーとキャリアニュートラルな接続を組み合わせることで、Zscalerのクラウドはネットワークやワークロードに負荷がかかった際にも回復力を維持します。 Zscalerは12年以上にわたる世界最大のインライン セキュリティ クラウドの運用経験を通じて、回復力に優れたインフラに加え、回復力の高い一連の運用プロセスを完成させました。アジャイル ソフトウェア開発、専用設計された展開インフラ、プロアクティブなクラウド モニタリング、インシデント管理により、クラウドで継続的にイノベーションを起こすための総合的な運用プロセスが実現します。 あらゆる障害シナリオに対応する回復力 すべての障害がクラウドで発生するわけではありませんが、クラウドにつながる相互接続によって、パフォーマンスが低下してしまう場合があります。こういった障害はディスクやデータ センターの機能停止といった単純なものや、エンド ユーザーがアプリケーションにアクセスできないというクラウドの機能停止など、他の障害につながる可能性があります。 図1: Zscalerのエンドツーエンドの回復機能 軽微な障害のほとんどは、継続性を維持しながらZscalerの堅牢なアーキテクチャーとオペレーションによって自動で解決されるため、通常お客さまが気づくことはありません。 Zscalerの回復力に優れたインフラストラクチャーは、ブラックアウトまたはブラウンアウトが検出された際に動的かつ自動的に対策を講じることができます。特定のデータ センターへのアクセスが影響を受けている場合、Zscalerはネットワークの問題を軽減するために、別の通信事業者またはデータ センター プロバイダーに切り替えるか、データ センター自体のオーバープロビジョニングされた容量に依存して、追加の一時的な負荷をサポートします。Zscaler Client Connectorを使用すると自動フェイルオーバーが有効になり、トラフィックがセカンダリー ゲートウェイに切り替わります。ただし、ブラウンアウトによってネットワーク サービスの品質が予想外に低下した場合、管理が適切にされていなければ、生産性と収益の両方の観点から大きな損失を被ることになります。Zscaler CloudOpsが上流のISPが最適でないルーティングを行っていることを検出した場合、プライマリーISPを利用して問題を解決する間、セカンダリーISP経由でトラフィックを再ルーティングできます。 いずれの場合も、Zscalerのデジタル モニタリング ソリューションであるZscaler Digital Experienceが重要な役割を果たします。ユーザーが経験するパフォーマンスの低下は、ユーザーとアプリケーションの間のすべてのインターネットおよびネットワーク ホップで継続的にモニタリングされ、管理者が問題の状況を正確に把握できます。これにより、特定の地域のトラフィックに対して任意のルーティングを選択し、すべてのユーザーに最適なパフォーマンスを提供できます。   図2:ネットワーク パフォーマンスの詳細情報を提供するZscaler Digital Experience 業界初の新機能でZscaler Resilienceを強化 Zscalerのプラットフォームが誇る既存の堅牢な機能に追加され、Zscalerのクラウドを最も回復力のあるセキュリティ クラウドへと後押しする3つの新機能を紹介します。 パフォーマンスベースの動的なサービス エッジの選択 ゲートウェイのHTTPレイテンシーを継続的にプローブしてトラフィックに最適なパスを選択するトンネルを自発的に確立することで、ユーザーとアプリケーション間のパフォーマンスを低下させる可能性があるブラウンアウト発生のシナリオから速やかに回復できるようになります。エンドツーエンドのHTTP接続では、レイテンシーを算出する際に双方のゲートウェイに対して継続的にpingを実行してから最終判断へと移ります。この強力な機能は現在テスト段階にあり、まもなくリリースされる予定です。 図3:最適なパフォーマンスのためにゲートウェイを継続的にモニタリングし、自動で切り替えるClient Connector お客様がコントロールするデータ センターの除外 この機能により、お客様はサブクラウドをカスタマイズして接続の問題が発生しているデータ センターを一時的に除外し、問題が解決されると自動でサービスを回復するようにコントロールできます。例えば、ロサンゼルス空港で発生したSaaSアプリケーションのピアリングの問題(解決に数時間かかる)など、データ センターで機能の問題が発生した場合は、管理ポータルで該当するデータ センターをサブクラウドから除外できます。次に、Zscaler Client Connectorは新しいプライマリー ゲートウェイとセカンダリー ゲートウェイをフェッチして、新しいデータ センターへのZトンネルを確立します。 図4:顧客側でデータ センターを手動で除外してカスタム サブクラウドを作成可能 ディザスター リカバリー(DR) DR機能により、クラウドの機能停止につながるブラック スワン現象が発生している最中でも、重要なインターネット、SaaS、プライベート アプリケーションに引き続きアクセスできるようになります。DRモードで動作している場合、インターネットへの直接アクセスはClient Connectorを利用してローカライズされたコンテンツ フィルタリングを使用する重要なビジネス アプリケーションのみに制限できます。プライベート アプリケーションの場合、組織のローカル データ センターまたはパブリック クラウドにあるZscaler Private Service Edgeに接続し、ビジネスを中断させることなく最新のセキュリティ ポリシーを適用することができます。 図5:壊滅的な障害が発生した場合でも簡単に切り替えられ、中断のない継続性を確保するZscaler DRモード Zscaler Cloudの機能が復旧すると、製品は通常の動作に戻り、Zscaler Zero Trust Exchangeを最大限に活用してゼロトラストのセキュリティと接続を提供します。DRモードでアクセスするアプリケーションをお客様自身が柔軟に決定できるほか、ZscalerのプラットフォームがDRモードと通常モードを簡単に切り替えるため、業界で他に類を見ない高度なセキュリティとユーザー エクスペリエンスを実現することができます。 すぐに開始できるZscaler Resilience クラウド レジリエンスは、Zscalerが常にお客様と話し合っているテーマであり、すべてのお客様に対して中断のない事業継続性を提供することが当社のミッションです。1ペアのPrivate Service Edgeを含むZscale Resilienceは、現在、Zscaler Internet Access (ZIA)、Zscaler Private Access (ZPA)、Zscaler for UsersのBusinessエディション(およびそれ以上)に含まれており、ほとんどのお客様がすぐに使用できます。また、当社のテクニカル アカウント マネージャーやカスタマー サクセス マネージャーと連携して、組織のインフラストラクチャーのZscaler Resilience AuditTMを実行し、不測の事態が混乱を引き起こす前に改善が必要な領域を特定してギャップを解消することも可能です。 Zscaler Resilienceの詳細については、当社のWebサイトまたはソリューション概要をご覧ください。 Wed, 01 2月 2023 07:14:07 -0800 Harsha Nagaraju https://www.zscaler.jp/blogs/company-news/zscaler-announces-industry-first-cloud-resilience-capabilities https://www.zscaler.jp/blogs/company-news/securing-world-possibility 15年前、完全にシームレスかつ安全に情報をやり取りできる世界を作るというビジョンに基づき、私はZscalerを創業しました。創業にあたり、この分野のリーダーとなるような象徴的な会社を作ることを目指したのです。この歩みにおいて、サステナビリティーの実現と環境負荷の軽減は常に重要な課題となっており、最優先事項として扱われています。私は、Zscalerはお客様のデータを保護してインターネットへのアクセスをより安全にするだけでなく、世界全体をより良い場所へと変えることで、社会に対しても計り知れない価値を提供する立場にあると確信しています。お客様やパートナー、投資家の方々や従業員と会うごとに、私たちが日々提供している価値を再認識しており、一貫した方向性と責任を持って誠実に事業を運営するという、私たちのコミットメントは一層強固になるばかりです。  テクノロジー、時間、資金調達、専門知識など、どのような分野であっても、私たちはそれぞれサステナブルな未来に向けた貢献を行うことができます。また、責任を持ってビジネスを成長させ、倫理的な慣行と価値観を遵守することは、リーダーに与えられた役割の一部であると信じています。今日では、多くの企業が同じ価値観を共有するベンダーと協力したいと考えており、このようなコミットメントの重要性は軽視できません。 Zscalerでは、成長を続ける中でESGを考慮した事業拡大に取り組んでいます。6,700を超える世界的な組織と強固なパートナーシップを結んできた経験から、心強いパートナーに求められるのは信頼と安心感を育む健全なビジネス慣行の堅持であることを当社は熟知しています。責任ある事業運営を促進し、責任共有モデルをサポートする一環として、このたびZscalerは2022年版ESGレポートを発行しました。本レポートでは、以下の各分野に影響を及ぼす、社内のグローバル事業全体にわたるプログラムについて詳述されています。 環境：効率性は当社のビジネスの中核として確固たる地位を占めており、クラウドネイティブのZscaler Zero Trust Exchange固有の利点の1つです。100%再生可能エネルギーで稼働するZero Trust Exchangeを用いることで、コストが高いうえに非効率的な従来型のアーキテクチャーを排除できます。2022年、当社は関連する温室効果ガス排出カテゴリーにおいてカーボン ニュートラルを達成しており、2025年までに炭素排出量をネット ゼロにすることを目指し、環境への影響をさらに削減していく目標を掲げています。 社会：当社は、インターネットの安全性を高めることに尽力しています。それは、デジタル セキュリティは各種の情報サービスと連携した、個々の力を発揮できるインクルーシブな社会の基盤であるためです。それと同時に、私たちにとっての最大の財産は「人」です。Zscalerは、成功に寄与する文化を維持しながら、グローバルなチームを成長させてきました。また、地域社会に還元するプログラムを通し、従業員にとって意義の深い取り組みをサポートしています。 ガバナンス：私たちは、効果的なガバナンス構造、管理、および倫理的なビジネス慣行を構築することで、信頼の基盤を生み、誠実さと卓越性、イノベーションの文化を育んでいます。お客様より託されているビジネスの保護という責任を真摯に受け止め、期待に沿う水準のセキュリティを提供するためのプロセスや認証、フレームワーク、説明責任構造についてお伝えするのは義務であると捉えています。 公開されたZscalerの2022年版ESGレポートを通して、私たちの環境、社会、ガバナンスのイニシアチブに関する総合的な最新情報をご確認いただけます。詳細については上の画像をクリックしてください。 第1回目の本レポートは、創業当初より会社の方向性を導いてきた、確固としたビジネス倫理と価値観に沿った経営というこれまでの歩みに基づいています。私たちの未来をより良くしていくために、責任ある意思決定をこれからも継続していくなかで、今回のご報告ができることを嬉しく感じています。 当社のESGイニシアチブの最新情報は、当社の企業責任のページをご覧ください。レポート全文(英語)についてはこちらをクリックしてください。 Tue, 20 12月 2022 15:20:18 -0800 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/securing-world-possibility https://www.zscaler.jp/blogs/company-news/zscaler-s-entire-zero-trust-exchange-platform-fedramp-authorized Trust is paramount when it comes to protecting federal government IT systems - from the critical data of our nation to the millions of employees and citizens accessing those systems. This is why the Federal Risk and Authorization Management Program, better known as FedRAMP, is an invaluable assessment and authorization process. The goal of FedRAMP is to make sure federal data in cloud products and services used by U.S. Federal agencies are consistently protected. Zscaler has always had the goal to help secure IT modernization of our government, and we have worked diligently over the past five years to secure FedRAMP authorization at all levels across our full portfolio. I am proud to share a new milestone for Zscaler - with Zscaler Private Access (ZPA) now authorized at the moderate level, our entire Zero Trust Exchange platform suite of solutions is FedRAMP authorized at both moderate and high levels. You can read the press release here. FedRAMP authorization is a rigorous process to give agencies assurances around confidentiality, integrity and availability. FedRAMP high authorization is based on 421 controls in these three areas and 325 controls for FedRAMP moderate authorization. Zscaler has committed to successful FedRAMP authorizations to help Federal agencies, the Department of Defense (DoD), and intelligence organizations strengthen cyber defenses using Zero Trust to secure their users, secure their workloads and secure their IoT/OT. Government is making great progress with digital transformation at the same time that new vulnerabilities continue to surface. The attack surface has expanded and become more complex, making it harder to protect. Zscaler is leading the effort to implement Zero Trust solutions with the first and only Zero Trust Architecture and SASE platform to be offered end to end at both moderate and high baseline. ZPA in action Government agencies are transitioning private applications that once ran solely in the data center to public clouds. At the same time, they are searching for ways to enable productivity as users work from anywhere and on any device. ZPA is a cloud-delivered zero trust service that uses a distributed architecture to provide fast and secure access to private applications running on-premise or in the public cloud. ZPA applies the principles of least privilege to give users secure, direct connectivity to private applications while eliminating unauthorized access and lateral movement. When a user (employee, third-party contractor, or customer) attempts to access an application, the user’s identity and device posture are verified to provide a seamless user experience whether the user is remote or on-premise. In addition to ZPA achieving FedRAMP Joint Authorization Board (JAB) High Authority to Operate, the Department of Defense granted ZPA a Provisional Authorization to Operate (P-ATO) at Impact Level 5 (IL5). Government agencies and their contractors are able to use ZPA for systems that manage their most sensitive Controlled Unclassified Information (CUI) as well as unclassified national Security Systems (NSSs). ZPA delivers a central platform that gives IT control over application access As more private applications move to public cloud environments such as Amazon Web Services, Azure and Google Cloud Platform, access must be secured through the internet. With ZPA at the Moderate and High Baseline levels, agencies can provide secure and consistent access regardless of where an application is running, remove the need for the VPN gateway security stack or back-hauling traffic to the Trusted Internet Connection (TIC) before going out to the cloud, and accelerate application migration through rapid deployment and a seamless user experience. Since achieving FedRAMP Moderate certification in 2018, Zscaler, a Leader in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE), a security-specific component in the SASE framework – has completed SSE deployments for more than 100 US federal government and federal systems integrator customers at the moderate impact level. Many of these deployments supported the requirements of the Executive Order 14028, including Zero Trust, and met TIC 3.0 use cases. ZIA Improves security controls – Keeping IT focused on innovation with TIC in the cloud per the President’s recent Executive Order Another core solution of the Zero Trust Exchange, Zscaler Internet Access (ZIA) – Government (Secure Web Gateway – vTIC)™ is a multi-tenant Cloud Security Platform known in the government that meets the Cybersecurity and Infrastructure Security Agency (CISA) TIC 3.0 guidelines. It has been the market leader as agencies work to meet modernization goals of shared services, mobile workforce enablement, improved FITARA scores, and more. Zscaler powers the shift to a modern, direct-to-cloud, Zero Trust architecture, regardless of device or user location. Federal IT leaders can improve on the who, what, where, when, and how they see, protect, and control user traffic to the internet by moving TIC security controls and other advanced security services to a cloud platform. The goal: immediate remediation on a global scale. This approach offers agencies global internet access and peering with FedRAMP-authorized applications. In addition, agencies can capture extensive log/telemetry data and store all agency data on U.S. soil with citizen-only access. Agencies can also provide the telemetry data to CISA’s Cloud Log Aggregation Warehouse (CLAW). With ZIA at the Moderate and High Baseline levels, agencies have access to global TIC or more secure U.S.-only TIC solutions. Achieving a Zero Trust model with the Zscaler Zero Trust Exchange for all Through our Zero Trust exchange and FedRAMP high and moderate solutions, all Federal agencies can achieve the Zero Trust goals mandated in the Cybersecurity Executive Order and implement CISA’s TIC 3.0 guidelines. Most agencies will need to approach Zero Trust in bite-sized chunks, setting priorities based on their unique needs. Check out our Zero Trust Playbook for prescriptive guidance on key steps that can be taken over time, leveraging a security ecosystem to achieve the end goal of Zero Trust. Zscaler is committed to helping agencies accelerate modernization securely, and has invested heavily to meet the unique requirements of our government. Over the last five years we have built a compliance program, launched an entity dedicated and focused on the needs of our US government (Zscaler US Government Solutions), and continued to build on our commitments to the NIST National Cybersecurity Center of Excellence (NCCoE), the Advanced Technology Academic Research Center (ATARC) Zero Trust working groups, and the American Council for Technology-Industry Advisory Council (ACT-IAC). Now we have also achieved FedRAMP authorizations at all levels across our full portfolio, emphasizing the importance of public and private partnerships to better protect our nation's critical assets, and giving our government customers the flexibility to choose the best solution to meet their needs. Visit our Zscaler US Government Solutions page for more information. Wed, 30 11月 2022 05:05:09 -0800 Kumar Selvaraj https://www.zscaler.jp/blogs/company-news/zscaler-s-entire-zero-trust-exchange-platform-fedramp-authorized https://www.zscaler.jp/blogs/company-news/zscaler-debuts-zero-trust-certified-architect-ztca-program-address-it-secops An increase in large-scale cyber attacks has driven widespread interest for organizations to migrate to a Zero Trust architecture. A Zero Trust architecture is a new, clean architectural paradigm - one that is built to reduce a network's attack surface, prevent lateral movement of threats, and lower the risk of a data breach. This new Zero Trust architecture is based on the core tenet of Zero Trust, in which implicit trust is never granted to any user or device. The Zero Trust security model puts aside the traditional "network perimeter" built with firewalls and VPNs - inside of which all devices and users are trusted and given broad permissions by putting them on a routable network. A Zero Trust architecture eliminates the biggest problem associated with routable networks - lateral threat movement - by preventing access to the network, period. As Zero Trust became popular, the term was hijacked, with every vendor claiming to have a Zero Trust architecture. This is causing widespread confusion for customers and partners. A Zero Trust architecture is a new architecture, and cannot be bolted onto a traditional legacy-based approach. While it’s becoming more widely understood that legacy network-based firewall and VPN models simply cannot protect today’s modern cloud-first and hybrid working enterprise, one of the major pain points that IT and security operators are facing today is a skills gap, both in terms of (a) understanding what is true Zero Trust and how it contrasts with a legacy firewall and VPN-based approach, and (b) learning how to actually implement a Zero Trust architecture. Modern security teams need a specialized set of skills - one that isn’t based on 30 years of legacy networking and security principles - in order to address today’s cloud-first security requirements. To provide the necessary skills required for network and security professionals interested in building a holistic security approach based on Zero Trust principles, Zscaler is introducing the Zero Trust Certified Architect (ZTCA) program. This advanced certification program is designed to provide a comprehensive overview on the fundamentals of a Zero Trust strategy along with practical guidance for the planning, design, implementation and maintenance of a Zero Trust architecture. The course follows NIST’s Zero Trust guidelines, and directly compares and contrasts a Zero Trust architecture with the legacy routable networks and firewall- based approach. We’ve designed the course to help the learner be clear on the pitfalls of a legacy-based architecture, and understand how to implement true Zero Trust. Developed to be relevant and useful in today’s dynamic security environment, the curriculum features custom content that specifically addresses the needs of modern enterprises to secure their hybrid workforce and cloud-based data, applications, and workloads. When I speak with CXOs, they always tell me that the “people element” is the most important part of any digital transformation journey. And it’s no secret that the competition for talent within the IT and security industries continues to be fierce, so we’re pleased to be able to provide a means for network and security professionals to differentiate themselves, while acquiring the necessary skills to lead their organizations’ secure digital transformation. For more details on this exciting new certification program, please visit the ZTCA site. Mon, 14 11月 2022 17:08:20 -0800 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/zscaler-debuts-zero-trust-certified-architect-ztca-program-address-it-secops https://www.zscaler.jp/blogs/company-news/celebrating-15-years-innovation This year, I’m thrilled to celebrate Zscaler’s 15th anniversary. When we first started the company in 2007, I knew that we had a real opportunity to transform the security industry, especially in light of enterprises’ migration to the cloud - we had a bold idea, bright minds, a solid business plan, and the conviction to make it work. But the journey was not without risk, nor was it always easy. Like many companies, we had our own share of growing pains, but we also shared many moments of discovery, camaraderie, excitement, and accomplishment. These moments are now woven into the fabric of our company’s DNA and are truly what makes me proud when I reflect on how far we’ve come. Fifteen years ago, we signed The Arc Mid-Hudson, as our first, and now longest-standing, customer. They are a not-for-profit organization in New York State dedicated to supporting individuals with intellectual and developmental disabilities and they were looking for a cloud-native security solution that would allow them to provide secure connectivity to employees, while maintaining client data integrity and adherence to strict healthcare compliance mandates. I still remember the excitement we had over winning the account and how great it felt to know that Zscaler technology would be helping them to better serve their community. Today, The Arc Mid-Hudson is still a Zscaler customer and they’re leveraging the power of the Zscaler Zero Trust Exchange to support its transition from a site-based human services provider to a remote and highly mobile service model. The first Zscaler solution slide that was created in 2007 is still relevant today. Since then, we have kept the same focus and mission. It’s extremely satisfying to know that there are customers who have been with us since the very beginning. These relationships are built on trust, openness, and an exceptional level of service. Customers have the confidence of placing their most precious data assets in our care and that’s a responsibility that we take to heart each and every day. It’s what motivates me to continue to develop and deliver solutions that improve our customers’ security posture. Our success as a company heavily depends on our commitment to our customers and we never lose sight of that. Among our current workforce are employees who have been with the company since the very beginning. Recently, we came together to reminisce about how it all started and I jotted down a few memories which I thought really captured the sentiment and entrepreneurial spirit that underpins our company culture today: “It was during dinner at Jay’s house when he first proposed the idea of a cloud security platform. After we spoke, I was so convinced that this is the future, but the problem wasn’t easy to solve from a technology standpoint and it hadn’t been done. After four months of development, discussion and lots of trial and error, it seemed that we had a viable solution.” - Kailash Kailash, Zscaler Co-Founder “Kailash called me up, explained the concept, and suggested we do a workshop and start building something. To be honest, I wasn’t overly convinced that it would work, but Jay was always very clear in his vision of using a cloud-native architecture and that we were not going to build an on-prem solution. The team had conviction, which always kept me motivated.” - Srikanth Devarajan, early Zscaler employee “I think I was at the right place at the right time and I feel fortunate to be a part of this amazing journey. The passion of the founders was inspiring and the early team was very close. We were doing agile development before it became an industry-wide practice, so it was exciting to pioneer new methods while developing new capabilities at a lightning pace. We had the best time!” - Siva Udupa, early Zscaler employee “The time has gone by really fast. I still remember the early morning voice calls with Jay and the software teams, discussing a new feature to implement. By the end of the day, the feature was ready and the process started again the next day. We created our own agile methodology, but it was very exciting!” - Pratibha Nayak, early Zscaler employee The past 15 years has been quite a remarkable journey - what started out as an idea has grown into a company that’s generating in excess of $1B in revenue and is a recognized industry leader in cloud security. As a company, Zscaler has driven growth and innovation that’s constantly adapting to the changing security landscape and our customers’ evolving needs. I couldn’t be prouder of all of our accomplishments to date and I’m looking forward to another 15 years. To see a timeline of notable technology triumphs and significant company milestones, please click here. Thu, 03 11月 2022 18:12:51 -0700 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/celebrating-15-years-innovation https://www.zscaler.jp/blogs/company-news/come-visit-us-aws-re-invent-2022 Zscaler will be at AWS’ premier conference from November 28 through December 2. The conference, located in Las Vegas, is one of the leading technology conferences focused on cloud computing. At the conference, you can visit and chat with Zscaler experts in the Expo at booth #118. There you can learn how you can Secure Your Workloads from build-time to runtime using Workload Communications and Posture Control. In addition, at AWS re:Invent you can View live demos that showcase the benefits and capabilities Zscaler for Workloads can deliver to your organization Have one-on-one meetings with Zscaler product leaders Listen to our talk, Zero Trust CNAPP and cloud workload protection with Zscaler, at the Lightning Theater 1 on November 28th at 6:25PM PST Grab some amazing swag to take home To learn more, please visit our registration page. We hope to see you there! Wed, 02 11月 2022 20:37:01 -0700 Franklin Nguyen https://www.zscaler.jp/blogs/company-news/come-visit-us-aws-re-invent-2022 https://www.zscaler.jp/blogs/company-news/zscaler-celebrating-15-years-innovation クラウド セキュリティを不可能と思われていた方法で変革する — 2007年、Zscalerはこうした理念をもとに企業としての活動を開始しました。それから15年経った現在、数々の業界においてこれまでになかった成果を達成し、注目すべき技術的革新を成し遂げ、会社の歴史を通じて重要なマイルストーンに到達したZscalerは、デジタル トランスフォーメーション ジャーニーを続けるお客様をサポートするうえで確固たる地位を確立しました。Zscalerは次なる成長を展望すると同時に、15年にわたるイノベーションの歴史をみなさまとお祝いできることをうれしく思います。 Zscalerの詳細はこちら 採用情報 Wed, 26 10月 2022 20:07:00 -0700 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/zscaler-celebrating-15-years-innovation https://www.zscaler.jp/blogs/company-news/thank-you-and-best-wishes-my-dear-friend-amit I am both saddened and pleased to announce that Amit Sinha has decided to pursue a CEO role at a private company. I would like to thank Amit for his contributions to Zscaler in various roles over the past 12 years, most recently as President of Zscaler. I met Amit in early 2005 when I was running AirDefense and CipherTrust in Atlanta. From my first meeting, it was clear to me that this young engineer with a doctorate from MIT and a bachelor’s degree in electrical engineering from IIT was not only a brilliant engineer but had great business acumen. Amit joined me at AirDefense as its CTO and our friendship and partnership continued to grow. He joined me at Zscaler in 2010 at its very early stage to incubate security for mobile devices. I’ve enjoyed watching him grow as a leader and lead multiple functions to help Zscaler grow into the market leader in cloud security. I am pleased that Amit will remain on Zscaler’s Board of Directors as a trusted advisor and strong supporter of Zscaler. Over the next few weeks, Amit will work with us to transition his roles and responsibilities. Amit has been a dear friend and collaborator of mine for over 17 years. While I am sad to see him move on; it is a fact that great companies produce the next generation of CEOs who go on to change the world. We will miss Amit and wish him well. Mon, 10 10月 2022 13:29:25 -0700 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/thank-you-and-best-wishes-my-dear-friend-amit https://www.zscaler.jp/blogs/company-news/zscaler-acquires-shiftright このたびZscalerは、クローズド ループ型のセキュリティ ワークフロー自動化のリーディング カンパニー「ShiftRight」を買収し、セキュリティ ワークフロー自動化の分野に参入したことをお知らせいたします。今回の買収により、Zscaler Zero Trust Exchangeのクラウド セキュリティ プラットフォームにShiftRightのテクノロジーが統合されることとなり、セキュリティ管理を自動化し、インシデント解決時間を大幅に短縮するシンプルなソリューションの提供が可能になります。 私はさまざまな組織のCIOやCISOの方々とお話ししてきました。そうした組織のIT部門やセキュリティ部門で差し迫った問題の1つとなっていたのは、すべてのセキュリティ インシデントに対応し、重大性を判断するのに十分な時間やリソースがないことでした。このような問題を抱えていると、SLAを満たすことができず、セキュリティ部門と経営陣の関係にあつれきが生じ、何より、セキュリティ上の深刻な問題が見落とされた際ビジネスに大きなリスクをもたらすことになります。 組織に一般的に実装されているセキュリティは複雑で統合されていないため、この問題はさらに厄介なものになっています。セキュリティ チームはセキュリティ関連のタスクの大部分に責任を負っているものの、直接対応できない場合も多く、混乱や意思疎通の齟齬、対応の遅れや機能不全を招くことになります。ShiftRightのテクノロジーは、アナリティクス、テレメトリー データ、インテリジェンスを活用してセキュリティ インシデントの追跡を自動化し、責任範囲の明確化、リアルタイムの状況の可視化、チーム間のコラボレーションの円滑化を実現します。具体的には以下のことが可能になります。 ハイ レベルでの問題の可視化、きめ細かいレポートを可能にする詳細なデータの確認 セキュリティ上の問題が発生した際の担当チームの特定と割り当て、チケットの自動作成による業務効率の向上 さまざまな関係者との効率的なコミュニケーションを通じた説明責任の担保 進捗状況の丁寧な追跡による漏れのない問題解決 以前も申し上げた通り、新しいセキュリティ ツールを実装するより難しいのは、組織の行動を変えることです。しかし、ZscalerのポートフォリオにShiftRightのテクノロジーを統合することで、お客様のセキュリティ態勢を強化するだけでなく、組織としての変革にも良い影響を与えられると確信しています。  今回、ShiftRightをZscalerファミリーにお迎えできることを大変嬉しく思います。セキュリティ ワークフロー自動化の領域における継続的なイノベーションの推進に向けて力を合わせていけることが楽しみでなりません。 今回の買収に関する詳細はこちらのニュース リリースでご確認いただけます。 このメッセージには、将来の見通しに関する記述が含まれています。重要な情報はこちらでご確認ください。 Thu, 29 9月 2022 12:54:21 -0700 Jay Chaudhry https://www.zscaler.jp/blogs/company-news/zscaler-acquires-shiftright