Weaponizing the Internet
In this episode Stan Lowe, CISO at Zscaler, sits down with our host Ashwin Krishnan to discuss weaponizing the internet, zero trust, digital privacy and much more besides. They begin by talking about the evolution of zero trust and how it supports the business environment security professionals are in today.
That environment has changed and so too has the CISO role — it’s become harder. CISOs must be business and privacy experts as well as technical experts. Network boundaries have disappeared as employees can and do work from anywhere. Adversaries are weaponizing the internet by capitalizing on digital personas to sophisticate their attacks. And then, there’s the skills shortage. As Stan points out, “this is the only gig where you have to get up and apologize for being the victim of a crime.”
He believes we will see an increase in those crimes. Adversaries, both criminal and state actors, have started taking a combined arms approach. The breaches are cheap, trigger media attention, affect share prices, and place a spotlight on the attacker’s political aims.
They end the podcast by discussing digital privacy. Stan would like to see the digital representation of the consumer better protected by the companies gleaning that information, by the social media companies sharing and selling it, and by the consumers themselves. As Stan says, “we the people own that data.”
- 01:48 — What zero trust means today.
- 05:07 — The CISO role has evolved from technology expert to business expert.
- 06:32 — The adversaries are weaponizing the internet.
- 09:29 — We will see more attacks on private corporations by state actors.
- 11:48 — We brought the skills shortage on ourselves. We need to change our thinking and widen the talent pool. Not only that – experienced professionals need to reskill.
- 16:12 — If you are a CISO without a Chief Privacy Officer, guess what? You’re both.
- 17:47 — Data privacy – the onus is on the corporation to protect customer’s data and only use it in an ethical way.