Zscaler CISO discusses cybersecurity challenges – Business

Among the many insights emerging at this week’s RSA Conference, one thing’s been perhaps the most clear: You almost can’t move without someone talking about artificial intelligence. That’s influencing how people are viewing security.

The threat vectors are so far the same, but what’s being seen is an increase in efficiency and effectiveness, according to Sam Curry (pictured), global vice president and chief information security officer of Zscaler Inc. The undertones are that the toolkit’s getting better on offense faster than it’s on defense, he noted.

“That’s been true for a long time, but it seems to have taken a sharp turn and is accelerating,” Curry said. “People seem to be waiting for the shoe to fall, is how I’d put it.”

Sam Curry, global VP and CISO of Zscaler, discusses the latest trends in security during this week’s RSA Conference.

Curry joined theCUBE Research’s Dave Vellante, chief analyst, and Shelly Kramer, principal analyst, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio, at the RSA Conference. They discussed the current landscape of cybersecurity threats and the urgent need for strategic responses to emerging challenges. (* Disclosure below.) 

Ransomware and regulatory pressure shape cybersecurity landscape

In addition to talks about AI, this year’s RSA Conference has also brought a lot of discussion around what’s happening around the world geopolitically, according to Curry. Recently, Zscaler released a report stating that phishing is up nearly 60%.

The threat surface has clearly grown. Two big things have changed, the first of which is ransomware, according to Curry.

“We really can’t ignore that. It was on everyone’s lips for a long time and it’s not gone away — making too much money for the bad guys. I think we had a bit of a hiatus due to war,” he said. “There was a polarization of the cybercriminal community around the Ukraine and Russia for a while, but they just keep getting more effective at it. Automation seems to be the name of the game — now the application of gen AI in particular.”

The other thing is regulatory pressure, according to Curry. That’s not changing, he noted.

“Europe, we’ve seen NIS2 and DORA now coming out. We’ve seen GDPR influence other privacy regulations. We’ve seen the SEC in 2023 take some new steps, and everyone’s sort of, where’s this headed?” he said. “The Biden administration has brought out guidance for safety around AI and now guidance around and trying to use liability in order to change incentives for corporations. That happened just yesterday. We’ll see where that actually plays out.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of the RSA Conference:

(* Disclosure: TheCUBE is a paid media partner for the RSA Conference. Neither RSA Conference LLC, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE