Name: Firewalls and VPNs: A Risky Business
Start: 2025-01-09T18:00:00Z
End: 2025-01-09T18:00:46.000Z
Location: BrightTALK
Rating: 4.2

Back in the day when your users were all on the network and your applications resided in your physical data center, it made sense to establish a secure perimeter around your network. But those days are over, the perimeter is gone, and network security is all but irrelevant.

Instead, you need to put your defenses and controls where the connections occur— the internet — so that every connection is fast and secure, no matter how or where users connect or where their applications reside.

By moving applications and infrastructure to the cloud and untethering employees from their desks, you can realize tremendous advantages in productivity, agility, and cost containment. With our 100% cloud built secure platform, Zscaler can help you make the move to the cloud, securely.

Enterprises have an abundance of sensitive data to secure on endpoints, on-premises, in the cloud, and in dynamic applications supported by Generative AI. Enterprise Strategy Group (ESG) notes that about half of this data is unstructured.

As such, security teams need to accurately identify sensitive datastores, classify the data, and take steps to secure that data. This requires overcoming obstacles like parsing out stale access and undiscovered “shadow” data outside the purview of IT teams. 

Join Todd Thiemann, ESG Senior Analyst of IAM & Data Security, and Srikanth Nellore, Senior Director of Product Management at Zscaler, in this fireside chat to examine how data security posture management (DSPM) can de-risk data scattered across on-prem, cloud, and SaaS workloads. Additional agenda items include:

• What is data resilience and how does DSPM fit into the picture?
• How DSPM provides greater visibility to GenAI data
• What to look for when evaluating DSPM approaches 
• What makes Zscaler DSPM and Data Protection unique?

Discovering and Protecting Sensitive Data at Rest Across Your Diverse Data Landscape (DSPM)

Once organizations have a basic understanding of zero trust, they can begin to learn about both the deeper and the more practical realities of the architecture. For example, how does zero trust relate to other modern security paradigms, and what are the specific security and networking challenges that zero trust is often used to remedy?

This is part two of a three-part webinar series designed to help innovative thinkers navigate their zero trust journeys.

In this intermediate-level webinar, you will learn:
- How zero trust relates to security service edge (SSE) and secure access service edge (SASE)
- The initial use cases that zero trust architecture solves (be sure to vote for the use case you would like to have discussed!)
- The quantitative benefits that Zscaler customers unlocked by transforming security and networking with our Zero Trust Exchange platform

Zero Trust 201 - Next Steps on Your Zero Trust Journey

In the midst of a sea of technological change, it’s difficult to navigate through all the architecture complexities and industry jargon—particularly when it comes to diluted and misappropriated terms like zero trust.

So, let’s keep it simple! In this webinar, we will cover the basics of zero trust, including:
- What exactly does zero trust mean? Does it really mean we trust nothing?
- How is zero trust a superior architecture compared to traditional, perimeter-based security?
- What does a journey from perimeter-based security to zero trust typically look like?
This is part one of a three-part series designed to help innovative thinkers navigate their zero trust journeys.

Zero Trust 101 - Start Your Journey Here

Maintaining a strong data security posture is a top priority for security leaders. Amazon Web Services (AWS) offers a wide range of security controls and best practices, but organizations share responsibility for the security and compliance of sensitive data, addressing the significant risks posed by misconfigurations, vulnerabilities, and targeted attacks.

Together, AWS and Zscaler Data Security Posture Management (DSPM) provide the broadest set of integrated data security capabilities, ensuring data security and compliance are properly implemented and continuously maintained throughout the data life cycle. Zscaler DSPM integrates seamlessly with AWS environments, empowering organizations to establish fine-grained visibility, enforce access controls, comply with data governance policies, and meet industry regulations while maintaining complete control over their valuable data, regardless of regions, number of accounts, or size of the data footprint.

Join us for an insightful webinar where we explore the powerful synergy between AWS and Zscaler DSPM.

You'll learn:

How AWS and Zscaler DSPM provide comprehensive data protection in complex environments
The latest Zscaler DSPM innovations redefining data security on AWS
Real-world use cases demonstrating the combined strength of AWS and Zscaler in securing sensitive data

Secure AWS Cloud Data with Zscaler DSPM

"Microsoft 365 Copilot has the potential to revolutionize the way we work, but with great power comes the need for robust data security. As organizations rush to deploy this innovative tool, the risk of misconfigurations or unauthorized users accessing sensitive internal data becomes a critical concern. Overprivileged data can easily be discovered by Copilot and inadvertently shared in response to prompts, posing significant security risks.

Join us for this essential webinar to learn how to:

Secure your Microsoft 365 environment against unauthorized access or misconfigurations
Enhance Copilot data hygiene practices to protect sensitive information
Ensure Copilot operates within its intended boundaries, maintaining compliance and confidentiality
Learn best practices, tips, and tricks for implementing Copilot data protection
Don’t miss this opportunity to stay ahead of the curve and safeguard your organization’s data."

Microsoft Copilot Readiness: How to secure configurations and data access

Data breaches are occurring in all verticals through corporate exchanges, putting users, apps, and devices, especially BYOD, at risk. With a focus on compliance, the Zscaler AI unified data protection platform centralizes all policies and puts organizations back in control.

In partnership with CIO.com DEMO, join Moinul Khan, SVP/GM for Data Protection at Zscaler, as he demonstrates:

How Zscaler protects structured and unstructured data, data in motion, data at rest, and data in-use
How to access the Zscaler Gen AI Security Report to unlock data loss prevention (DLP) policies to protect against threats targeting Gen AI
How the Zscaler Data Security Posture Management (DSPM) dashboard identifies root causes of risks and vulnerabilities
Learn the uncapped capabilities that the Zscaler DLP and DSPM solutions can provide.

The Zscaler AI Unified Data Protection Platform

Zscaler Private Access (ZPA) has been at the forefront of securing remote and in-office users for the last few years, with several of our customers benefiting from fast deployment as well as quick, secure transitions to remote work. ZPA now boasts of several new features to add to our market-leading ZTNA to cover many more use cases and deliver robust, comprehensive security to private apps.

Join ZPA product leaders in this webinar as they unveil new features expanding the use cases covered by ZPA and see firsthand how they can support your zero trust journey.

Introducing secure access to legacy network-connected resources such as VoIP and server-to-client applications
Gain visual insights for a detailed understanding of app segment allocation and policy utilization
Ensure business continuity with uninterrupted zero trust access to private applications, even when the Zscaler cloud is unreachable
Extend the same reliable zero trust access to a partner organization’s network

5 game-changing ZTNA capabilities with ZPA

VPNs, whether on-premises or cloud-delivered, create unnecessary risk by exposing the attack surface and failing to prevent lateral threat movement if breached. Despite these vulnerabilities, organizations continue to use VPNs to connect remote users to applications. Recently, the Cybersecurity and Infrastructure Security Agency (CISA) released an emergency directive that mandated US federal agencies to immediately disconnect the VPN instances of a VPN vendor. In the face of the serious risks posed by VPNs, it is time for organizations across industries to transition from outdated VPNs to a zero trust architecture.

Join Deepen Desai, Chief Security Officer at Zscaler, and Joby Menon, VP, ZPA Product Management at Zscaler, as they discuss this topic. In this on demand webinar, you will learn about:

Recent VPN vulnerabilities and their impact on organizations, including insights from Zscaler Threatlabz
Risks associated with using VPNs to access your organization’s resources
How Zscaler’s zero trust private access solution enables secure application access for all users, from any location, without the attack surface and lateral threat movement vulnerabilities of VPNs

From Risk to Resilience: Transitioning from VPNs to Zero Trust Architecture

"It's no secret that organizations now store their crown jewels in the cloud. That's why we've seen a significant rise in cloud data breaches. However, cloud data breaches follow distinct patterns that can be analyzed.

Watch on demand session led by Zscaler security experts Srikanth Nellore, Sr. Director of Product Management and Arnab Roy, Principal Product Manager, where they dissect recent massive cloud data breaches and analyze how it happened, best practices to mitigate these risks, and lessons that can be learned. They use real-world examples and experiences from customers across different industries to explain:

The top three public cloud data security challenges
Modern techniques attackers are using to thwart or bypass traditional data security tools
The stages of a data breach — and modern solutions to combat each one
How DSPM can reduce the risk of data breaches"

Data Protection 101 Your First Five Steps

"Building a data program and strategy can be a daunting task. Cloud and mobility has distributed data far and wide, and most organizations are struggling to just FIND their data, let alone secure it from the multitude of risks

Join this webinar to learn how to deliver great data protection and where to begin your journey. You'll explore key concepts to secure distributed data everywhere and discover why a unified platform approach should top your list of data protection strategies.

This session will help you:

Understand top risks that impact your data
Learn the key channels you should be focusing on securing
See the value building a strategy around a unified platform
Get clarity on how to move forward with delivering data protection"

Dissecting Cloud Data Breaches with DSPM

"Le SD-WAN tradizionali non sono veramente Zero Trust - Quando si affidano ad architetture di rete e di sicurezza legacy per connettere una filiale a Internet o ad altre applicazioni in un ambiente cloud pubblico o nei data center, le organizzazioni si trovano davanti a non poche sfide, tra cui: una maggiore complessità, mancanza di visibilità, scarse prestazioni e scalabilità, costi elevati.

Scoprite in un breve video come ridurre al minimo l'aumento del rischio di movimenti laterali e quali sono i casi d'uso della Zero Trust SD-WAN."

Zero Trust SD-WAN in breve

"In an era where a vast majority of cyberattacks utilize encryption to evade detection, protecting your organization's data while maintaining visibility into website traffic is more challenging than ever. Encryption is essential for ensuring privacy and integrity, but it also introduces new risks by obscuring malicious activities. How can you effectively address this critical cybersecurity issue?

In this podcast-style conversation, Derek Brink, CISSP, VP and Research Fellow, at Aberdeen Strategy & Research joins Yaroslav Rosomakho, CTO at Zscaler to look deeper into the impact of encryption on website security.

Join them as they discuss:

1. The dual nature of encryption in making websites both more and less secure
2. Aberdeen Research Report on Impact of Encryption in 2024
3. Techniques to detect and mitigate threats in encrypted website traffic while adhering to complex regulatory compliance requirements.
4. Innovations from Zscaler and where the market is headed"

Understanding the Impact of Encryption on Website Security: A conversation with Aberdeen Strategy & Research

"Les entreprises accélèrent leur transformation numérique avec l’adoption de services dans le Cloud (SaaS, IaaS), le travail hybride avec la mobilité et l’adoption de nouvelles technologies comme l’IA Générative. Ces transformations nécessitent aussi une transformation de la sécurité des Entreprises et plus particulièrement de la sécurité de leurs données.

Cette donnée n’étant plus cantonnée au traditionnel périmètre du DataCenter, il devient nécessaire d’avoir une visibilité et un contrôle de données qui soit multi-canal : quelque-soit la localisation du collaborateur (sur site, en dehors du site ou partenaire), son terminal (Entreprise ou BYOD), ou la destination de cette donnée (Internet, SaaS, Privée), la donnée doit-être protégée de la même façon. Une stratégie de protection de donnée efficace doit être facile à mettre en œuvre et réduire les couts de mise en œuvre en consolidant plusieurs cas d’usages et outils disparates. Regardez ce webinaire à la demande pour comprendre comment faire passer votre protection des données au niveau supérieur !"

Protection des données : Il est temps de repenser votre stratégie. Voici pourquoi

"Generative KI-Lösungen wie ChatGPT, Midjourney oder Microsoft Copilot sind wertvolle Werkzeuge für Unternehmen. Sie erzeugen in Sekundenschnelle neue Texte und Bilder, entlasten Mitarbeiter von Routineaufgaben und tragen so zu mehr Effizienz und Produktivität bei.

Der Einsatz generativer KI will jedoch gut überlegt und geplant sein, wie Ihnen Andrea Polesel von Zscaler in diesem Webcast zeigt.

Er beantwortet darin unter anderem folgende Fragen:

1. Was kann passieren, wenn ich generative KI zu sorglos einsetze?
2. Welche Strategien gibt es, um das Risiko zu begrenzen?
3. Wie setze ich diese Strategien in die Praxis um?
4. Welche Rolle spielt Zero Trust beimsicheren Einsatz generativer KI-Lösungen?"

"Wie Zero Trust generative KI sicherer macht: Risiken erkennen, bewerten, minimieren"

"En una economía en red, donde las personas trabajan desde cualquier ubicación y en el que la nube tiene cada vez más peso en funciones de misión crítica, los actores de seguridad en cloud tienen cada vez más relevancia para las organizaciones.

En un nuevo webinar, expertos de Foundry y la compañía de soluciones de ciberseguridad Zscaler debaten en torno a cómo garantizar la seguridad y la continuidad del negocio en la nube con una respuesta ágil ante cualquier tipo de amenaza o riesgo."

"Resiliencia en las soluciones de seguridad en cloud: cómo asegurar el rendimiento y la continuidad del negocio"

Cybercriminals capitalized on generative AI breakthroughs in 2023, driving a 58% spike in phishing compared to 2022. From AI-driven deepfakes and vishing to QR CAPTCHA scams, attackers are innovating rapidly. Is your organization ready to defend against the next wave of sophisticated phishing attacks?

Watch our on-demand webinar to learn about the latest phishing attack discoveries, trends, and predictions from the Zscaler ThreatLabz 2024 Phishing Report, derived from the analysis of 2 billion phishing transactions captured in the world’s largest security cloud. ThreatLabz experts will unpack key findings and offer guidance on how to safeguard against phishing threats.

Watch now to learn about:

Trending phishing scams and emerging attack vectors
Top phishing targets by country, industry, and more
Phishing predictions for 2024–2025
Best practices and zero trust strategies for phishing defense

ThreatLabz 2024 Phishing Report: Trends and Tactics in the Age of AI

Watch this on-demand webinar for a deep dive into the recently released Zscaler ThreatLabz 2024 AI Security Report. Zscaler CISO Deepen Desai and ThreatLabz security researcher Deepak Shanker explore the dynamic AI landscape, shedding light on its evolving security challenges.

Key takeaways:

Comprehensive understanding of the AI security landscape, featuring real-world examples of AI-related incidents.
Practical insights and recommendations for organizations navigating the challenges of AI integration.
Guidelines for leaders developing AI use policies and security measures to protect against the evolving AI landscape.

Navigating the AI Security Horizon: Insights from the Zscaler ThreatLabz 2024 AI Security Report

Firewalls and VPNs, whether on-premises or cloud-delivered, put organizations at risk by exposing their attack surface and failing to prevent lateral threat movement if breached. In a year in which we have already witnessed back-to-back disclosures of zero-day vulnerabilities from several leading vendors of Firewalls and VPNs, the latest one - CVE-2024-3400, with a CVSS score of 10, is a stark reminder that if you are reachable, you are breachable. The time is now to move away from these legacy architectures to Zero Trust.

Watch this webinar as we will discuss this critical topic, including:

Recent zero-day vulnerabilities and their impact on organizations, including insights from Zscaler Threatlabz
Risks associated with using legacy Firewalls and VPNs to access your organization’s resources
How Zscaler’s zero trust architecture enables secure application access for all users, from any location, without the attack surface and lateral threat movement vulnerabilities of VPNs and Firewalls

Firewalls and VPNs: A Risky Business

Firewalls

Cloud

Zero Trust

ThreatLabz

Cloud Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Firewalls and VPNs: A Risky Business

Presented by

About this talk

More from this channel