Moving Zero Trust Conversations Beyond the CISO to the BoardZscaler's Jay Chaudhry on How CISOs, CIOs Can Join Forces on Architectural Changes
CISOs have gone from complaining that they don't get enough time and attention from the board of directors to presenting to the board every quarter, said Zscaler CEO Jay Chaudhry.
Conversations with CIOs or boards tend to focus on what architectural changes can be made to reduce business risk and avoid the brand, reputational or sales damage tied to a successful cyber incident, he said. The CIO, CISO and infrastructure leaders must work together to make architectural changes that eschew a hub-and-spoke approach in favor of connecting users directly to applications, Chaudhry said (see: How to Distinguish True Zero Trust From Imposters).
"There's a culture and mindset change, which is harder sometimes," Chaudhry said. "People like to keep on doing what they have been doing for years. But now, they're seeing that they have spent so much money on firewalls and VPNs, and it isn't helping. The breaches are still happening. So they are embracing zero trust architecture."
In this video interview with Information Security Media Group at RSA Conference 2023, Chaudhry also discusses:
- How U.S. government directives have spurred private investments in zero trust;
- Why many businesses prefer a multiyear, phased journey to implement zero trust;
- Why generative AI is a double-edged sword for the cybersecurity community.
Chaudhry founded a series of successful companies, including AirDefense, CipherTrust, CoreHarbor and SecureIT. He has more than 25 years of IT industry expertise spanning engineering, sales, marketing and management at leading organizations, including IBM, NCR and Unisys.