Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Vendor Survey vs Reality on SASE Implementation

Gartner believes it will be four years before the market achieves two-thirds of the position a WSJ Intelligence and Forcepoint survey says is already achieved

Gartner believes it will be four years before the market achieves two-thirds of the position a WSJ Intelligence and Forcepoint survey says is already achieved

An unusually styled survey report from WSJ Intelligence and Forcepoint – titled The C-Suite Report: Business and Security Strategies for the Unbound Enterprise – makes numerous assertions with little quantitative detail. It is unusual in that it does not provide the more normal statistical replies to specified questions, but seems to provide percentage agreements to specified statements. 

From this it draws numerous conclusions with no discussion on how its conclusions are reached. In general, there will be little disagreement with these conclusions since they align with what security practitioners have been claiming for years. 

For example, the report claims that security is a business enabler and competitive differentiator. It bases this statement on survey results saying, “55% report security accelerating digital transformation; 52 % note it has created competitive advantage and enabled higher productivity across the organizations.” The rate of acceleration of digital transformation is not specified, the competitive advantage is not defined, and higher productivity is not measured. Note also that 55% and 52% are not massive majorities, being little over half of the responses in each case.

Despite this, the report draws the conclusion, “Enterprises that embrace this opportunity will see their business thrive versus just survive in the next 5-10 years.” This is what everybody in the security industry would like to believe – but there is no specific evidence in the survey to suggest it is true.

Similar concerns could be levelled against much of the survey: unquantified returns support what is already well-known or clearly desirable. Few people will learn much from this – except perhaps, for one particular return: “90% of CEOs and 84% of CISOs indicated they have already adopted or were on a path to adopt SASE.” Implementing SASE, or secure access service edge, is not like installing an anti-malware app – it cannot be done overnight and requires a major overhaul of existing security controls.

Despite this, SASE is an attractive security approach for any enterprise increasing its cloud and remote working estates; and as the cloud and remote working paradigm increases, so will the attraction of SASE. SecurityWeek spoke to David Greenfield, director of technology evangelism at Cato Networks, a specialist SASE firm. 

“Those numbers are significantly higher than what we saw in our annual survey back in January,” he told us. “In that sampling base, we were looking closer to 46% adoption, which is very much in line with Gartner.” But, he added, “SASE interest is through the roof.”

Advertisement. Scroll to continue reading.

It was Gartner who effectively defined the SASE model, so it is worth examining the take-up it expects. As recently as March 25, 2021 it published its Strategic Roadmap for SASE Convergence. “By 2025,” suggests Gartner, “at least 60% of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch and edge access, up from 10% in 2020.”

In other words, Gartner believes it will be four years before the market achieves two-thirds of the position the WSJ Intelligence and Forcepoint survey says is already achieved.

Related: Getting SASE, Without the Hyperbole

Related: Fortinet Acquires SASE Cloud Provider OPAQ Networks

Related: Palo Alto Networks to Acquire CloudGenix for $420 Million

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...