The Zero Trust Shift
While it’s undoubtedly the security architecture of the future, zero trust is in direct conflict with many of the most widely used cybersecurity technologies today, according to Zscaler Founder and CEO Jay Chaudhry. Namely, network security products such as firewalls and VPNs, which continue to see major demand despite the fact that the tools are the “opposite” of zero trust, Chaudhry said during his keynote at Zscaler’s Zenith Live 2023 conference. While spending on cybersecurity is massive and growing fast, “unfortunately, a lot of that money gets spent on legacy technology,” he said Wednesday during the conference in Las Vegas.
[Related: Zscaler Unveils Five Big Security Updates: Here’s What To Know]
As a security architecture, zero trust refers to the idea that organizations should implement a variety of measures — beyond just a username and password — to verify users really are who they claim to be. Zscaler is among the foremost security vendors in the space with its offerings in key areas including zero trust network access (ZTNA). But while the publicly traded company has continued to see strong growth even in a challenging economic environment, Chaudhry said that too many organizations are still defaulting to older security architectures based around VPNs and firewalls. Often, when a breach strikes an organization, it will “buy more firewalls” in response, he said during the keynote.
To truly address the security challenges facing us, “that network-centric mindset has to change to a user-centric mindset,” Chaudhry said. “Inertia is the biggest thing that holds us back from changing. Because we have been doing things a certain way for a long, long time.”
‘Legacy Technology … Isn’t Helping’
“Cybersecurity is on the front of every IT leader’s mind, CEO’s mind and even the board of directors’ minds. About $290 billion get spent globally on security solutions, products and services. And that’s lots and lots of money. Unfortunately, a lot of that money gets spent on legacy technology. The biggest segment of the spend is firewalls. And breaches happen all the time. Tell me a single breach where they didn’t have a firewall or VPN solution in place. [A] breach happens, you buy more firewalls … It isn’t helping.”
Zero Trust ‘Has Been Hijacked’
“How do we really stop [cyberattacks]? This is where the zero trust architecture comes in … Unfortunately, the term has been hijacked — because it is the opposite of firewall and VPN network security technologies. The legacy vendors are worried they’ll get disrupted, so they all kind of say, ‘I’m zero trust as well.’”
‘Integrated And Comprehensive’ Platform
“The goal is to help you eliminate point products [and] standardize on a standard platform. And all of this stuff was built in an integrated fashion. We did not go out and buy 10 companies and try to slap them together and say, ‘Here it is.’ … Our goal is to be really integrated and comprehensive.”