SASE adoption among organizations is on the rise, according to research independently conducted by leading security research firm Ponemon Institute, sponsored by Hewlett Packard Enterprise.
In the report, The 2023 Global Study on Closing the IT Security Gap: Addressing Cybersecurity Gaps from Edge to Cloud, 30% of organizations indicate they have adopted the Secure Access Service Edge (SASE) architecture. Nearly the same amount (29%) plan to deploy SASE.
30% of respondents in a recent Ponemon Institute security study indicated their organizations had deployed SASE. 29% of respondents plan to deploy SASE.
What is SASE?
The SASE architecture combines comprehensive WAN capabilities—including SD-WAN, routing, and WAN optimization—with cloud-delivered Zero Trust Security services such as SWG (Secure Web Gateway), CASB (Cloud Access Security Broker), and ZTNA (Zero Trust Network Access).
With the SASE architecture, organizations can bring advanced protection to the endpoints of users. Users are provided robust security features directly to their devices from the cloud, enabling them to connect securely from anywhere. This enables users to take advantage of secure connections without having to worry about the latency that results from backhauling to the data center’s firewall. Offloading users from the network can also reduce attack surface created through over-extended access privileges.
SASE is an architecture that combines WAN edge functions with cloud-delivered security services. Watch this short video to learn more.
What’s driving adoption of SASE?
SASE adoption accelerated in recent years as organizations increased remote work and hybrid cloud adoption. These new operational models created challenges for cybersecurity strategies primarily focused on securing the network perimeter. By transforming WAN and security architectures with SASE, enterprises can ensure direct, secure access to applications and services across multi-cloud environments, regardless of location or the devices used to access them.
In addition, many organizations seek to converge networking and security functions, an approach that can drive efficiencies, simplify operations, and maximize talent potential. SASE architectures can support these efforts by consolidating network and security services through policy, platform, and process unification.
Finally, cyberattacks continue to be a concern. Only 47% of respondents in the Ponemon study rated their organization as very or highly effective in reducing threats in the attack landscape.
According to the Ponemon study, 44% of respondents say implementation of a cybersecurity framework and the modernization of IT security processes should be a priority to minimize risk in a hybrid cloud environment. Researchers further stated, “A SASE-enabled IT architecture (42% of respondents) and a Zero Trust enabled architecture also should be at the top of the list.”
Implementation of a SASE architecture is a top priority for organizations seeking to minimize risk in a hybrid cloud environment, according to research from Ponemon Institute.
How are organizations deploying SASE?
SASE represents the combination of secure SD-WAN and Security Service Edge (SSE) capabilities. Because there are several different components to SASE, organizations may take different paths to SASE adoption—starting with SD-WAN, SSE, networking, or a single vendor for delivery of all capabilities.
As discussed in the Ponemon study, preferences among SASE deployment models are almost evenly split between starting with industry-leading SD-WAN, SSE, or single-vendor offerings. Respondents slightly preferred deployment paths starting with best-in-class SD-WAN (31%); SSE-led and single-vendor paths followed closely behind at 28% and 24%, respectively.
Organizations’ preferences for SASE deployment were nearly evenly mixed among SD-WAN, SSE, and single vendor deployment paths.
Mixed preferences are a result of the evolution of the definition of SASE. “The SASE vision was initially presented as a single-vendor solution, but some organizations wanted separation between SD-WAN and SSE to better align with how they think about solving the problem,” said Jon Green, Chief Security Officer for HPE Aruba Networking at Hewlett Packard Enterprise. “The definition of SASE then evolved to include multi-vendor approaches built on tight technology integration and explicit partnership between vendors, which addressed challenges related to increased cost and complexity.”
With the recent acquisition of Axis Security, HPE Aruba Networking has made it easier for organizations to adopt SASE using any preferred deployment path. The HPE Aruba Networking SSE platform, based on Axis Security technology, addresses the need for improved application performance and increased security as the number of remote users increases and enterprises continue to migrate applications to the cloud.
Jon Green described the benefits of the HPE Aruba Networking SASE approach for organizations: “We can now serve organizations that want to buy a unified solution from one vendor. And we have a long history of interoperability, open standards, and open protocols that give organizations choice. So, for organizations [preferring an integrated multi-vendor approach], we will continue to maintain and support our existing integrations with SSE providers. We can support any of the deployment methods.”
How are highly effective organizations addressing SASE?
The Ponemon study offered notable insights pertaining to respondents stating their organizations were highly effective in keeping up with a constantly changing threat landscape. These high-performing organizations had fewer security breaches in the past 12 months that resulted in data loss or downtime. The Ponemon Institute analyzed what these organizations are doing to achieve a more effective cybersecurity posture compared to the other 80% of respondents represented in their study.
The Ponemon study revealed that high-performing organizations were more likely to adopt SASE. 49% of high performers had deployed or planned to deploy the SASE architecture. In contrast only 39% of respondents in the other organizations had deployed or planned to deploy SASE.
Organizations that report fewer security breaches are more likely to adopt SASE.
Hear from SASE experts
Jon Green and Larry Ponemon, Ph.D., Chairman and Founder of the Ponemon Institute, discussed the findings from the Ponemon Institute report in the webinar, Addressing Cybersecurity Gaps from Edge to Cloud. Watch the webinar on demand to learn more about the findings in the study and discover how HPE Aruba Networking SASE solutions can address IT security gaps within your organization.
Explore SASE in depth
Curious about bringing SASE to your organization? Accelerate your journey to SASE with these resources:
