Big Data Security Analytics , Next-Generation Technologies & Secure Development , Security Operations
Ex-CEO Adam Geller Returns to Product Leadership at Zscaler
Former Exabeam CEO Aims to Strengthen Data-Driven Strategy for Security OperationsZscaler snagged the former CEO of Exabeam as its new product leader to more comprehensively integrate data into security operations and provide additional CXO-level visibility.
See Also: Strengthen your DevSecOps strategy
The San Jose, California-based cloud security vendor tapped Adam Geller to help Zscaler pursue more opportunities around data protection and security operations and double down on partnerships with vendors such as CrowdStrike and Okta. Geller most recently spent a year as CEO of security operations firm Exabeam before the company merged with LogRhythm, and Chris O'Malley became CEO of the joint unit (see: CEO Chris O'Malley on Why LogRhythm, Exabeam Opted to Merge).
"The ability to enter a company at this stage of growth where it's clearly established itself in the market as the leader in a category, but really needs to figure out, 'How do you take it to that next stage?' is something that excites me," Geller told Information Security Media Group. "In terms of what the market trajectory looks like in cybersecurity. I feel like Zscaler is well poised to continue on that journey."
Geller has spent more than two decades building products in network security and cloud environments, specifically at Palo Alto Networks, where he spent more than seven years in the product organization and help build out Prisma Access. While Geller said he enjoyed his team as CEO of Exabeam, he decided to return to a product leadership role at Zscaler because of the unique opportunity the company offers (see: Exabeam Gets 3rd CEO Since 2021, Promotes CPO Adam Geller).
"I've been in the network and inline security world for a very long time, and when I spent time at Palo Alto Networks, I led virtualization and cloud for them, so I was very close to all things competitive with Zscaler," Geller said. "I eventually built out Prisma access - their first SASE product - and also had ownership of DLP and CASB, so a lot of elements that are very similar to Zscaler."
Bringing Security Operations to Zscaler
Security increasingly revolves around data rather than just traditional real-time protection measures, and Geller said data collection and analysis will play a critical role in addressing emerging threats related to security operations. Zscaler is well-positioned to use the data it collects to provide holistic security insights, and the Avalor deal will help develop a more comprehensive view of security incidents, he said.
"There always was and always will be a limitation to what you can do and see just by what's happening in real-time in the path of traffic or what's being executed on an endpoint," Geller said. "You can't get a holistic or broad enough picture about what's going on if you don't have that more centralized view or context of what what's happening in your environment. And that's what security operations tries to do."
Geller said there's growing demand from CISOs and other executive buyers for enhanced visibility into their organization's security posture. Although Zscaler's existing Risk360 product provides a broad view of risk and is differentiated from more operational security offering like incident management, these capabilities needs to be further developer to align with both CXO visibility as well as security operations, Geller said.
"What customers and your executive buyers are often looking for is, 'Am I protected? What are my what-if scenarios? If I make these adjustments, can I get better insights? Can I have better coverage, whether it's against something like the MITRE ATT&CK framework or against a compliance framework?'" Geller said. "So they're looking for that kind of view."
How Partnerships Fit Into Zscaler's Strategy
Third-party partnerships and integrations are important for Zscaler's strategy, Geller said, particularly in areas like endpoint security and identity management that the company doesn't cover today. While Zscaler doesn't have offerings in every security category, Geller said partnerships with other vendors like CrowdStrike and Okta provide critical capabilities to complement Zscaler's core services.
"The obvious question from a customer should be, 'If you don't have that particular data capability, can you leverage XYZ vendor's version of that?'" Geller said. "And I think you need to do that. Otherwise, your risk picture is going to be more limited, because the answer can't be just, 'Buy everything from one vendor.' That's not going to work."
Geller said one of the challenges at a large, public company like Zscaler is continuing to scale without creating silos that slow progress or result in an inefficient allocation of resources. While Zscaler already has a strategy for the current fiscal year, Geller wants to look for longer-term growth opportunities and track product adoption to ensure new features and functionality provide meaningful value to customers.
"How do you run and operate in a way where you're not just responding to the latest or loudest thing that came from a customer or came from a CEO, but you actually have a thoughtful methodology and can execute?" Geller said. "And so, you wind up having to put a little process in. But the trick is not putting so much in that you kill the innovation and you kill the energy of an organization."