Zscaler CSO Deepen Desai at the Zenith Live 2024 event
When asked about the top cybersecurity concern that companies of all sizes and sectors face today, Zscaler Chief Security Officer Deepen Desai named phishing as one of them. We can even expect the number and level of threat to escalate as cybercriminals use Artificial Intelligence (AI) in their attacks, starting from the use of deep fakes to the use of “cleverly crafted” phishing kits that can evade multi-factor authentication (MFA) steps.
Speaking to e27 at the sidelines of Zenith Live 2024 on June 13 in Las Vegas, he also warned against using phishing-as-a-service frameworks that make crimes easier.
“Two notable ones have been mentioned in the last few years. The first one was the Scattered Spider group … they make phone calls to your IT helpdesk, pretending to be the employee and convincing the IT helpdesk to reset the password, reset MFA, and get inside the environment,” he explained.
“The other variation that we have seen in the last six months is … they pretend to be the security team of that same company, telling the IT helpdesk that we have found some security issue with your computer, and we are calling to help fix it.”
To deal with this issue, as a principle, Desai recommended companies focus on two things: Training employees and performing inline TLS inspection.
“In the case of Scattered Spider, as soon as we started seeing that happening mid to late last year, we sent out an advisory to all our customers to follow this process in order to safeguard against these types of TTP. So, the basic process changes. If some employee called your IT helpdesk to reset MFA or credentials because they lost their phone, contact their manager and get approval from them … With the basic process changing, training the employees become very, very important,” he said.
Also Read: The ever-present threat: Why businesses need robust cybersecurity
“The technology piece is where you need to do inline TLS inspection. Because a lot of these phishing pages are hosted on Azure or AWS GCP. They are using these cloud storage service providers’ wildcard certificates.”
Focusing more on how AI is taking cyber attacks to the next level, Desai highlighted that cybercriminals today aim at a company’s enterprise AI application.
“Every organisation is adopting generative AI LLM; they are all trying to take advantage of the efficiency, the efficacy gains that the LLM is providing. But this [enterprise AI is now] a crown jewel for your organisation. Because you have all your data there that you are using to train these algorithms, you can now poison the application, steal the data, and do lots of different attacks against that LLM infrastructure.”
So, how can companies use AI to fight against AI? Desai first highlighted that AI will not work as a panacea; users have to “tactically” integrate the technology in places where it will excel.
“What we have done is that we implement AI-powered segmentation, where we are using these AI modules to look at your last three months of data. Then, it is able to tell you that ‘This group of users are accessing this group of applications; you should apply this segmentation policy’,” he began.
Another example is the use of AI co-pilots. “How can you make it easier for a relatively new guy on the customer side, who may not be very familiar with your platform, to use it to defend against attacks? So, again, AI is being used across different layers in the product to fight attacks that will be more sophisticated, automated, and dynamic in nature.”
Also Read: Demystify cybersecurity: EPP vs EDR vs MDR vs XDR
As a cybersecurity firm, Zscaler provides businesses with an in-line cloud security platform. Its Zscaler Zero Trust Exchange
platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications anywhere.
At the same event, e27 spoke to Kavitha Mariappan, EVP of Customer Experience & Transformation, on how the company works with businesses to help them grow, especially in their cybersecurity aspect.
“We help customers grow is by reducing IT and security overhead,” she said.
When asked about recent changes in the global market, Mariappan said that COVID-19 was an inflexion point for businesses as it created a new kind of workforce—one that had never been in a physical office before.
“I was with a customer yesterday who said, ‘I have 300,000 offices. Why? Because I have 300,000 employees, many of whom work from home for a percentage of the week.’ So, how do I build a workforce? How do I ensure the crown jewels of the organisation are protected?”
“The other thing that has happened is how AI has taken off … We are seeing the bad actors use AI to do very sophisticated nefarious acts. So, I think we have seen many things shift since the pandemic.”
—
Image Credit: Zscaler
The post Phishing remains top cybersecurity concern, but AI will drive it to next level: Zscaler CSO Deepen Desai appeared first on e27.