The Resilience Factor Podcast
Cyber resilience is fast emerging as the driving force behind critical business continuity in our digital era. Faced with brownouts, blackouts, and the ‘when not if’ nature of cyberattacks, how do businesses harness this resilience for stronger cybersecurity and networking?
Listen in to The Resilience Factor as our hosts — renowned social engineer Jenny Radcliffe and Zscaler’s own Kate Baker — explore how organizations and employees can fail forward to adapt with confidence.
Through trend-based discussions with cybersecurity experts and pioneers, real-life case studies, and practical advice, The Resilience Factor offers audiences insights on the tools and strategies needed to build business and personal resilience.
The Resilience Factor Podcast
S1 E8 Adapting to a Changing Threat Landscape with Emily Laufer
In this episode, host Jenny Radcliffe is joined by Emily Laufer, Director of Product Marketing at Zscaler ThreatLabz. Emily shares insights from Zscaler’s latest Ransomware Report, and explains why adaptability, creativity, and hard work are critical to thriving in a fast-moving digital world.
Cyber resilience is fast emerging as the driving force behind survival and success in a world of unprecedented digital transformation. Through trend-based discussions with cybersecurity experts and pioneers, real-life case studies and practical advice, the Resilience Factor offers the tools and strategies needed to build business and personal resilience in all areas of cybersecurity and networking. Not only that, but you'll get to hear from a range of industry-leading professionals and experts at the very top of their game. Join us as we build a vital resource to drive organisational resilience within a fast-moving security landscape. I'm Jenny Ragcliffe the People Hacker, and this week we are joined by Emily Laufer, Director of Product Marketing at Zscaler Threat Labs. As the leader of product marketing for Zscaler's World Renowned Threat Labs unit, Emily works in lockstep with a global team of around 100 threat researchers to transform raw threat research into valuable insights for the cybersecurity community. Having kicked off her career in project management, Emily's journey into cyber might not have followed the most traditional route, but it provides a shining example of being intentional and determined in chasing a goal. Emily joins us today to share her experiences and insights into resilience and the importance of remaining creative in the cybersecurity industry. Welcome listeners. We hope you enjoy the conversation. Hi Emily, lovely to have you on the show. How are you today?
SPEAKER_00:Fantastic. Thank you for having me, Jenny. I'm excited to be here.
SPEAKER_02:Well, it's great to have you on. Please, can you explain how it is you got into the cybersecurity industry and what exactly is your role at C Scalar?
SPEAKER_00:So I actually pivoted into cybersecurity from an unrelated industry where I was doing project management. And I wanted to do work that felt um more meaningful to me and more stimulating. Now I lead product marketing for uh our Threat Lab Start Research Group. And uh I also dabble in platform services at Zscaler, uh, which means basically that I translate a bunch of technical findings and research into stories that resonate with our audiences, our customers, our partners, and the industry at large.
SPEAKER_02:So this is the resilience factor. And I was wondering how you define resilience in your own life and how it kind of translates into how you think about cyber resilience for your work at C scaler.
SPEAKER_00:I think about resilience so much as about like adapting to change and doing so in a strong way. Cybersecurity is a fast-moving field. There's so many acronyms, there's so many things to learn. It's a lot to keep pace with that and to keep your head above water, I think. And you have to sort of dig in somewhere. At the same time, you have to be always, always adaptable to that change. And I think there's a strength, it's about getting that courage, tapping into that courage to keep changing, to keep um showing up, even when you feel like you're not the most knowledgeable person in the room. You are not the most technical person in the room, but you're trying to learn, you're trying to grow, and you're trying to do a good job at whatever it is that your focus is. So I would say it's just keeping up with the changes and emerging stronger and having a growth mindset as well.
SPEAKER_02:I can absolutely see what you're saying there. I know that you and the team at Threat Labs just released the ransomware report, the 2025 ransomware report. So, was there a finding that surprised you? What should people take away from that?
SPEAKER_00:I don't know if it surprised me, but one of the findings that interested me this year was how much encryptionless attacks have grown. And so we covered that. You know, typically we think about ransomware as, you know, the encryption process, the software. This year we we predicted it last year, actually, was the rise of encryptionless attacks. And this year we saw the impact of that. We started to see it last year as well, with we actually reported the largest ransom ever paid on on uh paper, basically, that we can prove is$75 million. So that's the largest ransom ever reported. And that was actually um done by a threat actor that doesn't use encryption. They use encryptionless tactics, so double, triple, quad extortion kind of tactics. So they pick their targets very, very uh specifically, and they go about exfiltrating a ton of important data and then, you know, ransoming the data and the exposure of that data back to them essentially. And that for this victim was worth 75 million bucks. It is surprising, it's not surprising at the same time. These guys tend to go where the money is. And so that was the most interesting finding to me is that we're seeing that. And so it means that there's gonna be a pivot in my mind for the industry as a whole. What are you gonna do now? How are you gonna protect your data now? Right. Because you that now becomes the new goal and the layered approach that's gonna need to take place because it's not just one thing or another thing. We can't just get good at data backups like we did before, right? Then they just started stealing the data and extorting us, saying that we'll put it on the dark web for sale. We'll leak this data on leak sites. So now what is it gonna be? Now that that is so full-blown, I'm curious and looking at the industry to say, how are we going to evolve and adapt to this? Because, you know, as our enemies evolve, their sort of tactics, techniques, procedures, we also do in kind, just like just like uh any form of warfare, I would say. You know, both sides are evolving. And so I think the pressure is on for defenders, and I want to see what happens next.
SPEAKER_02:Sure. And I mean, that was one of the questions we were going to ask you, which is, you know, how how do you keep up with all of that? I mean, I think that means more from a, or maybe you could speak more to from that point of view of, you know, you say that resilience is showing up, you say that it's that, you know, adapting to change, wanting to learn. So with that threat landscape changing all the time, like what like how do you keep up with that? I mean, obviously, you know, you're across some of the technologies, but how do you keep up with it? And can you leverage similar technologies as the attackers? What can you speak to that?
SPEAKER_00:Personally, one of the ways I keep up with it is podcasts, just like this one, Jenny. So I'm constantly listening to cybersecurity podcasts to try to keep my own skills and mind sharp and know what's going on because there's no way that I'm gonna be exposed to everything in my role, in my job. Um, and even through that, you know, you're dabbling. Like I said, it's so vast. Um, I don't think anyone's an expert at everything. I know when I go to ask people to come be speakers or join me as a speaker on stage and say, let's go talk about this topic, they'll say, Well, you know, I can go this far. I'm really, I really corner in over here. I'm a ransomware expert, but I do not go into AI threats at this point. So you have a lot of segmentation even within the industry, which I find is interesting. For myself, in terms of how we keep up internally, we, you know, we hyperfocus on what we're given and what we're, what kind of research is coming out of our threat research group. There's 150 threat researchers. Um, we do about, I think maybe six or depending on how you want to slice it, about six big threat reports this year. Uh, but we also do blogs. These threat researchers have blogs that they're bringing out with new findings every couple of weeks. And so collectively, we're publishing about one a week or more uh with like a brand new finding in it. So that's, you know, again, that hyper focus on that specific thing and understanding what that is. We also use AI. I actually just came from an AI summit, so uh good timing to ask this question. But just like the attackers, actually, uh, internally we're using more and more AI. We use AI to educate ourselves, to learn about things. Of course, I find I have to make sure I'm fact-checking it and a lot. We use it to speed up some of our workflows. You know, a lot of what I do is trying to tell stories and write. And you can use AI for uh to make those things a lot easier. Scalable spell checking, for example. AI does a great job at spelling, spell checking and grammar checking. It's your first, it's your first thing there. So those are some really practical applications. But of course, AI is going to be a tool that we're all looking for. Um, we'll looking forward to seeing what happens, I think. Both from from staying on top of things, from scaling ourselves, our own knowledge bases, how we learn, how we do our jobs, and how we defend. And Zscaler is investing heavily in AI, and it's something that is being invested in across the industry, I think, by so many vendors and defenders. It's across everything right now, right? I mean, yeah, it's everything. And so you've got to be involved, is my thought. You've got to be injecting yourself in that stream somehow if you want to stay up. And the attackers are definitely using it, and we have an eye on that for sure. We put out an annual AI report, uh, a threat report on AI threats and and how attackers are using AI. It's still, I would say, um something that's, you know, very obfuscated for us. We don't see the whole picture yet, but we're getting pieces of it, and we're trying to report back on those pieces as best we can as fast as we can. In fact, we are putting out the AI report more often than once a year. We put it out um six uh just with a six-month increment last year, and we're planning on moving up the timeline again so that we can report on it early next year uh to give people that edge, right? So that they can see what's what's evolving, what's changing, since we need to be able to defend again it against it. Uh, we need to know what's happening.
SPEAKER_02:I'd be interested to know. I mean, in your opinion, I think there'll come a time when the AI report won't won't be separate because it'll just be part of everything. I mean, I wonder if there's a if there's a point when it won't even be a category, a separate category.
SPEAKER_00:You're right. And and I think that'll be sooner than you think. I think that we may put out one more AI report and then it's gonna be within every report we put out, every piece that we put out. I think you're right.
SPEAKER_02:Very important question. You sort of touched on it on your last answer. How do you think cyber defenders can be more prepared to handle the this range of attacks that we're seeing, sort of proactively strengthening security posture? How do you think the defenders um can be more prepared to do that?
SPEAKER_00:First of all, I have to say, due to my role and my exposure, I'm partial to saying you need a layered approach and you need a zero trust approach. I think I've definitely drank a bit of the Kool-Aid on this side. And there's a reason that I came to this company and that I love working for this company, and that's that I think that taking this foundational zero trust approach in a layered fashion is a really important way forward that all defenders actually need to adopt. And I still think that even though it's been around so long, it's been a concept for so long. The way that we're applying it and using it is still like almost early adopter status in a way. It's not as pervasive as it should be. There's still a lot of folks out there doing the old traditional um methods of security, I would say.
SPEAKER_02:Why do you think it isn't as pervasive as it should be? What do you think is in the what's the block? I mean, is it investment? Is it understanding? What stops people from from doing what you recommend?
SPEAKER_00:I mean, on the one hand, it is investment, right? If you're gonna go ahead and do that, it's investment in time and resources, especially money, of course, if you're gonna be ripping and replacing infrastructure and things like that. But it's difficult. I mean, have you ever seen a, I'm sure, I'm I don't know why I'm asking you this, but those network maps, right? Of people's environments, of how many applications and connections. People don't like to give things up once they've got it. No, we still see, I mean, what was it? Okay, there was a big incident, I'm not gonna say exactly what in the news, where but uh a certain airlines went down last year and had to cease services in the US. And there was one airline that emerged victorious for how old their systems are, right? They did not suffer at the hands of this. And it was a joke, a running joke in the industry, like on memes in the internet and everything of uh that guy in the that one dude in the server room, you know, holding on to his old boxes from way back in the day.
SPEAKER_01:But sometimes that legacy stuff, yeah. It's like that that reminds me of like say, you know, you you know, use the fax machine because no one exactly. And and then people saying to me, youngsters are like the hell's a fax machine, yeah.
SPEAKER_00:It's like uh security through obscurity rather than through due process. Well, my my words are like this the threat actors are getting better all the time. This is they have a vested interest, they're making a lot of money. Um, and so they're gonna figure out a way to target those guys, those folks who are not um investing in their own system security, infrastructure, processes that are not up-leveling. And so I think that if I was gonna say anything to defenders, it's have that adaptive mindset. Always be looking at what's coming next, always be looking at how to improve. Um it's something that we can take in our own lives, it's something I take in my own life, and you can also take it in your in your business life and in your security posture, which is make the small improvements, make the 1% improvements and stack them as high as you can. They add up. Be innovative, be an envelope pusher, but in I would always caution you, in the gentlest sense possible, try to make change from within and make sure that if you're meeting resistance in one place, make the other small changes you can that lead up to it. I remember when AI, when uh these LLMs first hit the scene, you know, even even Zscaler was just blanket blocking all of them. And now it's embracing the safe use of AI. It is using AI in our products, it is encouraging the use of AI in a safe way with guardrails. And it knows, like our company knows that AI is the future for defenders as well, that they will be using AI to help scale. So just there, that mindset uh shift. It took such a short period of time, if you really think about it, right? It took about a year to fully shift from everything to accepting.
SPEAKER_02:It really, it's exponentially quick.
SPEAKER_00:Yeah. So make the little changes. Learn how to use it on your own so that when you come into work and all of a sudden AI is now available, you know what you're doing. Make little other shifts that you can, anything that's a 1% improvement. Keep banging the drum, but do so in the most polite way possible is my advice because you're more likely to get things done internally if you do it in that way.
SPEAKER_02:I think those are very wise words. I think find a double 1%, you find a few 1%, suddenly you have 5%. I remember plenty of times in my career when I've said it's still a step forward. It might be tiny, but use it. Same if we in negotiations as well. So you've got to get that momentum going. Well, Emily, it has been lovely talking to you and thank you for all your wisdom on this. I do have to ask you one more question, is one that we ask everybody on our call. So the question is this what is your resilience superpower?
SPEAKER_00:Oh, I would say it's hard work. I would say um, if I had like a mantra, it'd be like just keep swimming, like Dory from finding Nemo. It's it's it's hard work. I think you can outwork a lot of problems. I completely agree. Yeah, it's it there's an element of risk taking in hard work too, because hard work means you're always raising your hand and accepting new things, you're changing, you're growing. That's what that means. You're taking on a lot, um, and you're willing to to keep working on it. So I think it's not the uh it's not the most flashy uh superpower mantra, but it's hard work.
SPEAKER_02:Yeah, it's something that it's a long con, as we say in social engineering, pays off in the end. Well, thank you so much for joining us today, Emily, on the Resilience Factor Podcast.
SPEAKER_00:Thank you so much for having me, Jenny.
SPEAKER_02:So let's reflect on that conversation with Emily Lawfer. Emily touched on a key finding from the Zscaler 2025 Threat Labs ransomware report.
SPEAKER_00:One of the findings that interested me this year was how much encryptionless attacks have grown. We predicted it last year, actually, was the rise of encryptionless attacks, and this year we saw the impact of that.
SPEAKER_02:And with ever-evolving attacks, Emily told us how Zscaler is keeping on top of threats.
SPEAKER_00:Internally, we're using more and more AI. We use AI to educate ourselves, to learn about things. Of course, I find I have to make sure I'm fact-checking it. AI is going to be a tool that we're all looking forward to seeing what happens. She also tells cyber defenders how they can handle attacks. Taking this foundational zero trust approach in a layered fashion isn't a really important way forward that all defenders actually need to adopt. And I still think that even though it's been around so long, it's been a concept for so long. The way that we're applying it and using it is still like almost early adopter status.
SPEAKER_02:Emily also gave us some insight into how resilience shows up in her life and work at C Scalar.
SPEAKER_00:Cybersecurity is a fast-moving field. It's a lot to keep pace with that and to keep your head above water, I think. It's about getting that courage, tapping into that courage to keep changing, to keep showing up even when you feel like you're not the most knowledgeable person in the room. You are not the most technical person in the room, but you're trying to learn, you're trying to grow, and you're trying to do a good job at whatever it is that your focus is.
SPEAKER_02:The Resilience Factor Podcast is brought to you by Zscalar, a leading cloud-based cybersecurity platform, revolutionizing the way businesses protect themselves from cyber threats. By transitioning from traditional appliance-based systems to a cloud-delivered model and the implementation of zero trust principles, Zscalar provides businesses with optimal protection from cyber threats.