The SASE framework is growing in popularity since last year and Gartner’s 2022 Strategic Roadmap report suggests that nearly 80% of the companies would have adopted SASE by the year 2025. The panel opened with a discussion on how the convergence of SD-WAN (Software-defined wide area network) and ZTNA (Zero-Trust Network Access) solutions serviced through cloud-delivery models is allowing companies to adopt and manage secure practices in a centrally-unified manner. SASE helps companies implement ZTNA via the CASB (Cloud access security broker) and CSWB (Cloud Secure web gateway).

Given the freedom that stat-up companies have in adopting newer secure practices, it is essential that they begin their journey with SASE. This will help them be better prepared for security and privacy regulatory compliances. The challenges in the SASE/SSE migration journey revolve more around companies running on legacy systems. The question to ponder is to prioritize and think about upgrading the existing network to SD-WAN or proceed with Firewall-as-a-service (FWaaS) and Zero-trust security adoption as the first step. Each organization needs to spend time defining their SASE goals and requirements.

During the pandemic journey, regulators did not worry about how established organizations prioritized and migrated to adopt the SASE framework but start-ups do have more bandwidth for prioritizing and implementing all the solutions in the SASE model. There was always a resistance towards security-as-a-service model and SASE was introduced. But the pandemic was never a part of the BCP policy of companies and they had to learn to adapt and grow from there. For instance, especially in the banking sector, accessing data remotely was strictly prohibited according to the company’s security policy but the clause had to be relaxed and modified to allow remote access additionally ensuring that the data remains protected.

The boundaries for implementing the required security controls changed tremendously where the existing IT infrastructure had to be upgraded for employees to work remotely. The banking industry received immense support from the regulatory bodies. Overall, technology adoption is quick and all of the solutions can never be implemented together, so companies need to define their scope carefully.

The panel was faced by some interesting questions on the cultural challenges faced when implementing these solutions as different teams across departments would be required to work collaboratively to embrace the SASE/SSE solutions. Some important takeaways: including SASE/SSE in the security and technology roadmap; fostering collaboration of teams to identify interoperable solutions; and discussing security and privacy issues cohesively while defining the SASE scope.

Watch the Panel Talk