SASE: a holistic solution for cyber security in an era of zero trust?

The global pandemic ushered in an era of rapid digital transformation as a result of new ways of working, opening up organisations to ever-more complex and sophisticated cyber threats.

While most businesses found a way to muddle through the worst of it, the resulting hotpotch and complexity of today’s environment, because of the proliferation of connected devices and popularity of IoT, cloud and edge computing – all of which can function as entry points into a company’s network – has become increasingly difficult to secure.

In today’s cloud‑centric digital business, users and devices are everywhere, and so are the resources they need to access. With identity as the new security perimeter, one thing’s for sure – 2022 will be another unpredictable year with secure hybrid working remaining a challenge to solve for many organisations.

Integrated security controls will be a greater focus

A growing segment of organisations are realising the need for better integration between networking, security and compute, with a joined-up, holistic deployment strategy to manage security in a digital-first cloud world.

As a result, we are seeing the concept of Secure Access Service Edge (SASE) gaining momentum – a networking and security model, located in the cloud, offering a holistic solution to provide a secure environment in an era of zero trust.

The principle of SASE provides policy-based ‘software-defined’ secure access on a case-by-case basis that supports boundary-less working, giving users the permissions they need to accomplish specific tasks vs. letting them into the entire network. This is enabled by integrating identity, business context and real-time risk assessment into every connection, delivered through the cloud, with the promise to bring reduced cost, less complexity and fewer integration challenges across an organisation, with better visibility.

This represents a fundamental mindset shift in how organisations think about cyber security. Rather than it being an arrangement of siloed applications positioned at certain junctures of the connectivity journey, it becomes a set of integrated services that are applied based on context and policy across every route from the network edge to the core service.

It’s not a one-size fits all

The SASE concept is fast gaining momentum, with Gartner predicting that by 2025, at least 60% of enterprises will have explicit strategies and timelines for SASE adoption, encompassing user, branch and edge access, up from 10% in 2020[1].

For businesses, SASE promises to bring a simpler, more flexible approach to security that keeps them in control of their operations – even as the network they operate on evolves at speed.

But, as with most things, it’s the ongoing integration and alignment into an organisation’s practices that will deliver the real value. SASE should not be a checkbox exercise: each business will have a different starting point and take a different journey – and we’re seeing this with our customers.

Key considerations in your SASE journey

Are you thinking of taking the plunge? Consider the following:

  1. Assessment comes first: The first step in any SASE journey should start with an assessment of where you are on your cyber security journey, across the trifecta of people, technology and governance. Like any migration project, simply taking a ‘lift-and-shift’ or a ‘rip-up-and-replace’ approach – is flawed. By doing a deeper assessment at the start, it will save a lot of time and pain down the road.
  2. Increase visibility into assets across your environment: Not all assets are created equal, therefore, cyber security strategies must be viewed with a combined business and technical lens that identifies and (very importantly) prioritises the protection of critical assets and data that are essential to overall business operations. Without understanding and prioritising assets and data, an organisation will struggle to deploy resources effectively to reduce cyber security risk.
  3. Embrace zero trust at the core: Because SASE is all about contextualising user and device identity while setting individual rules for access, adopting a zero trust mindset reduces your risk across all environments by establishing strong identity verification, where trust is defined by authentication and authorisation and coexists with network perimeter. 
  1. Partner with an MSSP that has an integrated approach to cyber security:

The extent of which SASE components are successfully combined into a single, manageable interface varies significantly if there isn’t a joined-up, holistic deployment strategy. That’s why it will be critical to find the right partner who can provide the right balance of people, technology and governance, and access to a comprehensive suite of managed security solutions to help you navigate and manage the level of complexity, orchestration, management and vigilance required for end-to-end coverage from endpoints and networks, as well as servers and cloud-based workloads – no matter where you are on your journey.

Are you prepared for the new normal?

2021 was the year where resilience was necessary for businesses to survive. While the requirement for resilience will certainly continue for all the years to come, 2022 is the year where organisations need to go beyond surviving to thriving.

In order to thrive, businesses will need to evaluate their cyber security strategies in the context of this new world and invest in the right balance of people, systems and governance to drive innovation to better prepare for the new normal. This will require a different approach to cyber security and risk management – one that is more proactive and anticipatory in order to stay ahead of potential threats.

Through our own observations and our industry peers, our partners, and our customers, we are seeing ten cyber security trends emerging – read the blog here

1. Gartner 2021 Strategic Roadmap for SASE Convergence