I recently took part in the VMWare Explore 2022 panel discussion ‘A Light in the Darknet: Stopping Cyber threats with SASE’.
As part of this event, I discussed how digital transformation is changing the threat landscape and why secure access service edge (SASE) is a frontrunner in the search for effective security strategies.
Combining networking and security, organisations are no longer forced to compromise between connectivity and protecting their assets. But despite its promise, it needs to be understood as part of a complex security picture so that it can fully defend against the threats emerging from the darkest parts of the internet.
Key insights from the event
In discussions with Chief Information Officers (CIOs), their key considerations are delivering business outcomes, protecting against cyber threats, and ensuring optimal network and application performance. It’s therefore important to look at digital transformation from three lenses: What’s happening with applications? What’s happening with devices? What’s happening with infrastructure?
Organisations are typically wrestling with two or three cloud providers for Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS) apps – private cloud, and on-prem. Some of these applications are integrating with modern API calls, but others are moving data between different functions of the application.
So how do you guarantee data sovereignty, secure data in transit as well as at rest, and meet regulatory requirements? Getting visibility and security is top of mind, and data sovereignty is key.
Examples of digital transformation
Digital transformation isn’t just an IT function comprising apps, data, and users. Arguably the biggest transformation happening today is in operational technology. Across our Digital Industries practice, we’re working with sectors like Digital Manufacturing, Digital Banking, and Digital Energy, to build ecosystems within their value chains to support their transition to become more secure and more agile.
Take manufacturing: raw materials have to be produced, procured, and stored, machinery and robots are manufacturing products that have to be maintained and optimised, warehouses need managing, and complex liaisons are constantly taking place between manufacturers, retailers, and wholesalers. Digital transformation facilitates all of this, but it means factories must be exposed digitally, and interactions between everyone in the value chain must be secured and optimised.
BT Radianz is another great example – offering a vertically integrated marketplace with cloud connectivity, security, and networking for banking and finance. It speeds up consumption, boosts agility between member firms in the marketplace, and promises effective security for the firms using it. Services like these are the future for many industries.
Operational challenges and solutions
We need to bring networking and security closer together to deliver better service. Part of that is about triaging and diagnosing faults, as well as managing change. For example, some organisations want a single change order which executes end-to-end across both the network and security estate, but their network and security functions are siloed and don’t agree on basics like site or infrastructure naming conventions.
Without a common language or set of tooling, security and network teams won’t have a complete understanding of end-to-end data paths across the network and the security controls intervening with these pathways.
It’s something that’s improving, and nowadays, if we have a conversation with a customer about something like SD-WAN, there’s typically a security component or requirement within that. It’s not perfect, but we’re seeing a less siloed approach.
Zero Trust: a holistic approach
Zero Trust extends across everything. It’s not only about getting users into the network - it also covers user devices, applications, and IoT flows. Malicious actors trying to breach your network care about all interfaces and their potential to gain access to your data, so you’ve got to secure everything.
It’s about more than network access or firewalls, it’s about how an organisation works or wants to work in the future which is why long-term relationships with customers are so important. These relationships help us to develop a level of understanding that drives proper conversations about a Zero Trust strategy covering various apps, IT devices, Internet of Things (IoT) devices, and the myriad ways these connect.
By breaking down customer priorities and the specific outcomes they’re looking for - and combining this information with the threats they’re likely to face and the data they’re dealing with – we can match their specific use case to solutions in our portfolio. For many customers, this is about taking small bites out of Zero Trust and incorporating these into a strong security framework.
Ultimately, a complete Zero Trust approach – where every app, traffic flow, and user access point is covered by a Zero Trust strategy – isn’t deliverable as a one-off project for a working enterprise with thousands of applications in all hosting environments. It’s about being realistic and working towards Zero Trust with deliverable projects like SASE and Zero Trust Network Architecture (ZTNA).
SASE in action
The organisations I work with are mature customers with a security practice and SecOps in place. When talking to them about SASE, their existing framework and controls are important considerations. Customers aren’t typically locked into their WAN vendor, so they’re willing to change, but in the security space, lots of effort is put into long-term vendor relationships. If an organisation suffers a ransomware attack or breach, and a vendor responds effectively, it’s unlikely the organisation will remove that vendor unless the relationship breaks down. So, integrating SASE with existing controls is key.
Is SASE the answer to all organisation security concerns?
Although SD-WAN and SASE are not the complete answer to an organisation’s security needs and there are always likely to be other forms of control and enforcement, they address more use cases than first meet the eye. For example, SASE is ideal for protecting outbound user flows and remote working, where context is key and different levels of trust should be applied based on the individual user, the device they’re using, and their location.
SASE isn’t only about SD-WAN and SSE. As vendors extend their services to address different use cases the SASE ecosystem is evolving to include endpoint controls, mobile device management, operating system management and application delivery, and virtual desktops.
You can listen to the full VMWare Explore 2022 panel discussing SASE’s potential to stop cyber threats.