In the rapidly evolving landscape of cybersecurity, the integration of zero-trust principles with generative artificial intelligence is heralding a new era of data security and operational efficiency.

One cloud security company is employing cutting-edge approaches to fortify security frameworks in the age of generative AI.

“Zero trust is about allowing a business access to what it needs, when it needs it,” said Deepen Desai (pictured), chief security officer of Zscaler Inc. “The key principles around zero-trust security models … No. 1 is never trust, always verify. No. 2 is assume breach. No. 3 is where you verify explicitly with least privilege access.”

Desai spoke with theCUBE Research’s Dave Vellante, co-founder and chief analyst, and John Furrier, executive analyst, at the “Supercloud 6: AI Innovators” event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the integration of zero-trust principles with generative AI to enhance cybersecurity, focusing on innovative strategies for threat detection, data classification and security model enhancements.

Elevating zero-trust with generative AI

The key principles of zero-trust security models are unchanged in the era of AI but gain new dimensions of application and enforcement, according to Desai. The introduction of generative AI into the cybersecurity landscape accelerates the adoption and implementation of zero-trust architectures by enabling more nuanced and dynamic responses to threats.

“All of these threat actors are after your data. Once they’re in, once they move around, they’re trying to steal data,” Desai said. “This is where generative AI helps with data classification and security models.”

By integrating AI-driven models for data classification and security, organizations can sift through vast amounts of data to identify and mitigate potential breaches more effectively. This AI-enhanced approach not only streamlines security protocols, but also improves the overall security posture by predicting breach scenarios and preventing lateral movement of threats within networks.

“This is one of the most important facets of zero trust: Your solution should allow you to prevent that lateral propagation from happening,” Desai said. “This is where simplifying user-to-app segmentation with advanced technologies, like Deception, allows you to reduce the impact of the security incident.”

Pioneering advanced security with AI and integration

The critical role of data in powering AI-driven security solutions is underscored by its fundamental contribution to enhancing threat detection, analysis and response mechanisms. Zscaler leverages endpoint visibility, north-south and east-west traffic analysis, and data loss prevention to build comprehensive breach prediction models, according to Desai. These models, powered by gen AI, aim to forecast potential security breaches, thereby enabling preemptive measures to safeguard sensitive information and infrastructure.

“This is exactly the direction we’re going in. The goal over here is to combine the visibility across the chain and enrich that with the intelligence,” Desai said. “The volume of data that we see is getting close to 400 billion transactions a day. This results in 500 trillion daily signals, and all of this — combined with the intelligence that the team is generating — is what we’re leveraging to further tune those models to predict breach-like scenarios.”

There is now an urgent need for ecosystem collaboration and API integration among security platforms to combat the complexity and rapid evolution of cyber threats. No single platform can address all security needs comprehensively, Desai explained. Rather, the strength lies in the ability to integrate seamlessly with other solutions to provide a unified security posture. This approach not only reduces the attack surface, but also enhances the effectiveness of security measures across different vectors and domains.

“If you’re not integrating well with other platforms, then you are not essentially a platform,” Desai said. “You need to know the space you’re playing in, and you need to do it well, rather than trying to claim to do it all.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of the “Supercloud 6: AI Innovators” event:

Photo: SiliconANGLE