The Illusion of Upgrade: Why Broken Tech Can’t Be Patched into Security

Legacy security tech isn’t just outdated — it’s dangerous. From firewalls and VPNs to unsupported operating systems still powering critical services, organizations are clinging to tech that was never built to withstand today’s threat landscape. And yet, every year, more money is spent trying to patch, update, and extend the life of inherently insecure systems. In this provocative session, Zscaler's CISO in Residence Sam Curry, a 30-year veteran and cybersecurity pioneer, explores the real cost of trying to modernize broken architecture — and how Zero Trust principles can help eliminate risk at the root. Attendees will leave with a better understanding of: Why some technologies are beyond saving — no matter how many upgrades or patches are applied The psychological and operational reasons why businesses can’t let go of outdated infrastructure How Zero Trust Network Architecture (ZTNA) eliminates threat vectors like lateral movement and exposed surfaces What to do when business-critical systems can’t be replaced — but must still be protected How to reduce dependency on insecure tech while preserving business continuity Whether you’re a security architect, CISO, or practitioner, this session will challenge your assumptions and equip you with a strategy to stop patching the past - and start securing the future.