Why are enterprises still getting breached despite massive cybersecurity investments?

According to Chaudhry, the problem isn't budget or access to technology—it's inertia. Companies continue relying on 30-year-old network security architectures built around firewalls and VPNs that were designed for a different era when users worked in offices on trusted networks. These perimeter defenses are fundamentally mismatched to today's distributed workforce and cloud-based applications.

How should organizations prioritize their cybersecurity efforts?

Chaudhry recommends a pragmatic approach focused on protecting what matters most rather than attempting to secure everything equally. He cites GE's CISO who distinguished between protecting jet engine intellectual property versus washer and dryer designs. Start with basic protections quickly rather than spending years designing perfect solutions—a four-foot fence built in one month beats a fifteen-foot fence that takes two years to design.

Jay Chaudhry on Zero Trust and the 2025 Cyber Threat Landscape

Name: Jay Chaudhry on Zero Trust and the 2025 Cyber Threat Landscape
Uploaded: 2026-05-12T20:28:39-04:00
Duration: 11 min 45 s
Description: New technologies bring new risks and threats. Jay Chaudhry examines three key trends that will shape the global cyber landscape in 2025 and beyond, and shares his perspective on how business leaders need to respond. --------- About Zscaler Zscaler (NAS...

Zscaler

05/12/2026

0 (0%)

Report Like Favorite

TL;DR

Major 2024 breaches like United Health Group and Salt Typhoon demonstrate that even well-resourced enterprises remain vulnerable due to reliance on outdated perimeter security models.
AI is a double-edged sword in cybersecurity—it empowers both defenders and attackers who can now easily enumerate vulnerabilities and plan attacks using publicly available tools.
Zero trust architecture that connects users directly to applications rather than networks is the necessary replacement for 30-year-old firewall and VPN paradigms.
Security transformation must be driven by executive leadership since organizational inertia and resistance to change increase at lower levels of the enterprise.

Why Traditional Security Architectures Are Failing

Zscaler founder and CEO Jay Chaudhry opens with a sobering assessment of the current threat landscape, citing the United Health Group breach that cost billions in business damage and the Salt Typhoon attack that compromised major US telecommunications carriers. He argues that the fundamental problem isn't a lack of spending or technology access—even the most well-resourced enterprises continue to suffer breaches. The root cause, according to Chaudhry, is organizational inertia: companies remain anchored to 30-year-old network security paradigms built around firewalls and VPNs. He draws an analogy to medieval castle moats, which became obsolete once cannons and aircraft emerged. Similarly, perimeter-based defenses designed for a world where users sat in offices connected to trusted corporate networks cannot protect today's distributed workforce accessing cloud applications from anywhere.

The Zero Trust Imperative for Business Leaders

Chaudhry makes the case that zero trust architecture represents the necessary evolution in security thinking. Rather than building moats around networks, organizations should adopt an exchange model that validates user identity, destination, and authorization before connecting users directly to specific applications—never to the underlying network. He emphasizes that this transformation must be driven from the top, noting that resistance to change increases at lower organizational levels. Drawing on his experience with GE's global CISO, Chaudhry advocates for pragmatic prioritization: protect what matters most rather than attempting to secure everything equally. He warns against vendors who claim cloud credentials simply by virtualizing legacy appliances, comparing it to spinning up DVD players in the cloud and expecting to become Netflix. The message to executives is clear: complexity is the enemy of both security and resilience, and incremental progress with a four-foot fence beats two years of designing the perfect fifteen-foot barrier.

Chapters

0:00 - Introduction and 2024 Threat Landscape
1:45 - AI as a Double-Edged Sword
4:14 - Why Security Spending Isn't Working
5:27 - The Castle and Moat Problem
6:28 - Zero Trust Architecture Explained
8:01 - Geopolitics and Cyber Warfare
9:33 - Pragmatic Security Prioritization

Key Quotes

3:55 "I have no doubt in my mind that we can build better protection. The worry I have is hackers have no inertia. Large corporations have inertia."
5:45 "When there were basic foot soldiers fighting with swords and arrows, moats are very good. When cannons got invented and Air Force got invented, those moats are useless."
7:33 "Firewalls will move out. They become like mainframe. You need to get to zero trust architecture."
10:35 "If you try to secure everything, you secure nothing."

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

05/12/2026

11:30 PM

05/12/2026

Implementing Effective Strategies for Active Directory Security and Data Protection

https://www.truthinit.com/index.php/channel/1888/implementing-effective-strategies-for-active-directory-security-and-data-protection/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Reveal Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-reveal-hidden-threats-and-ai-risks-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/19/2026

01:00 PM

05/19/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Deployment Phases

https://www.truthinit.com/index.php/channel/1936/establishing-a-robust-ai-governance-framework-for-genai-throughout-deployment-phases/
05/20/2026

08:00 AM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1937/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/20/2026

10:00 PM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1953/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/27/2026

10:00 AM

05/27/2026

Adopting AI: From Illusion to Intentional Control

https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transitioning-from-illusion-to-purposeful-mastery/
05/28/2026

01:00 PM

05/28/2026

Harnessing AI for Smaller Teams: Strategies for Secure Implementation

https://www.truthinit.com/index.php/channel/1951/harnessing-ai-for-smaller-teams-strategies-for-secure-implementation/
06/02/2026

01:00 PM

06/02/2026

Spring of Satori: Delving into Recent Findings and the 2026 Threat Landscape

https://www.truthinit.com/index.php/channel/1930/spring-of-satori-delving-into-recent-findings-and-the-2026-threat-landscape/
06/04/2026

02:00 AM

06/04/2026

Mastering the Unseen: Managing Shadow AI and Agentic MCP Traffic

https://www.truthinit.com/index.php/channel/1948/mastering-the-unseen-managing-shadow-ai-and-agentic-mcp-traffic/
06/16/2026

07:00 AM

06/16/2026

Transforming Data Risk into Actionable Priorities: Essential Fixes First

https://www.truthinit.com/index.php/channel/1952/transforming-data-risk-into-actionable-priorities-essential-fixes-first/