Governance & Risk Management , SASE , Video

Moving Zero Trust Conversations Beyond the CISO to the Board

Zscaler's Jay Chaudhry on How CISOs, CIOs Can Join Forces on Architectural Changes
Jay Chaudhry, founder and CEO, Zscaler

CISOs have gone from complaining that they don't get enough time and attention from the board of directors to presenting to the board every quarter, said Zscaler CEO Jay Chaudhry.

Conversations with CIOs or boards tend to focus on what architectural changes can be made to reduce business risk and avoid the brand, reputational or sales damage tied to a successful cyber incident, he said. The CIO, CISO and infrastructure leaders must work together to make architectural changes that eschew a hub-and-spoke approach in favor of connecting users directly to applications, Chaudhry said (see: How to Distinguish True Zero Trust From Imposters).

"There's a culture and mindset change, which is harder sometimes," Chaudhry said. "People like to keep on doing what they have been doing for years. But now, they're seeing that they have spent so much money on firewalls and VPNs, and it isn't helping. The breaches are still happening. So they are embracing zero trust architecture."

In this video interview with Information Security Media Group at RSA Conference 2023, Chaudhry also discusses:

  • How U.S. government directives have spurred private investments in zero trust;
  • Why many businesses prefer a multiyear, phased journey to implement zero trust;
  • Why generative AI is a double-edged sword for the cybersecurity community.

Chaudhry founded a series of successful companies, including AirDefense, CipherTrust, CoreHarbor and SecureIT. He has more than 25 years of IT industry expertise spanning engineering, sales, marketing and management at leading organizations, including IBM, NCR and Unisys.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.