Secure access service edge (SASE), a relatively new concept in the security space, is witnessing a significant increase in adoption by enterprises globally. Existing business network topologies have several points of access for data stored across various apps, servers and cloud platforms. Managing and safeguarding these networks, as well as ensuring access to such disparate data, can be a difficult and time-consuming task. The use of new technologies and increased acceptance of the bring-your-own-device (BYOD) trend across organisations further aggravates network access and security issues. SASE represents a transformative approach to these concerns, with its identity-driven, cloud-native and globally distributed architecture. The technology delivers converged network and security services from a single, globally distributed and cloud-native platform, resulting in reliable connectivity and improved security. This makes it a natural choice for organisations looking to upgrade their systems. SASE provides numerous benefits, including enhanced agility, scalability and security, making it an attractive solution for modern organisations.
A look at the key adoption trends, growth across geographies, roadblocks and the way forward…
Adoption trends
Since its introduction in 2019, SASE has emerged as the future of connecting businesses with locations and employees worldwide. The technology experienced significant growth in adoption during 2020 and 2021, as organisations sought solutions to enable fast and secure remote user connections to enterprise networks due to office closures during the Covid-19 pandemic. As per a joint study by the Axis Security and Enterprise Strategy Group, nearly 48 per cent of enterprises surveyed view SASE as a security-first initiative, while 31 per cent see it as a network-first strategy. The study, which focuses on organisations in North America, the UK, France and Germany, indicates that 58 per cent of enterprises in the early stage of SASE adoption consider zero trust network access (ZTNA) as a starting point, likely because supporting hybrid work and remote employees are among the top use cases of SASE. In fact, 71 per cent of companies plan to replace their virtual private networks with ZTNA.
The need for secure connections in remote and hybrid work models continues to drive the adoption of the technology across the world. Further, the shift to cloud computing and digital transformation initiatives are driving organisations to invest more in software as a service and other public cloud services. This has also increased the momentum for SASE adoption, which delivers protection closer to users, eliminating the need for traffic to be backhauled to the headquarters in order to access the cloud. According to industry forecasts, the total worldwide end-user spending on SASE will reach $9.2 billion in 2023, a 39 per cent increase from 2022.
North America leads growth
North America has the largest market share in the SASE market. The region consists of developed countries that are technologically advanced, with well-developed infrastructure. The US and Canada, being robust economies, are the top contributors to the SASE market in terms of investment, enabling a healthy ecosystem for vendors and customers. The leading SASE players are also headquartered in this region. The top three SASE vendors in terms of revenue — Cisco, Zscaler and Broadcom/ Symantec — are all based in the US, representing over 40 per cent of the market, as of the last quarter of 2022.
Apart from their geographic presence, strategic investments, collaborations, and extensive research and development (R&D) operations are driving the large-scale deployments of SASE systems. For instance, in April 2022, North America-based S-NET Communications, a national provider of cloud-based business communications and networking solutions, expanded its partnership with Versa Networks, a major North America-SASE player, to cater to its expanding list of multi-location enterprise clients that require secure communications and networking. Versa SASE is now a part of S-NET Communications’ portfolio of managed networking services. Furthermore, the governments of several countries are taking initiatives to strengthen the cybersecurity and resilience of critical infrastructure and technologies. For instance, the UK government has launched cybersecurity initiatives for small and medium enterprises (SMEs) to protect their businesses from cyberattacks. Such policy measures are expected to support the growth of SASE among SMEs.
APAC makes headway
According to an IBM study, the Asia-Pacific (APAC) region maintained its position as the most attacked region in 2022, accounting for 31 per cent of all incidents remediated worldwide. Business in the region are expected to face an increasing number of highly sophisticated cyberthreats as bad actors exploit economic and geopolitical disruptions. This creates significant room for SASE solutions in the market. The adoption of the technology is steadily picking up pace in the region, led by companies in China, Japan, Malaysia, Singapore and India, which are making huge investments in building strong security systems for their IT infrastructure. A regional analysis shows that China held a 31.1 per cent SASE market share in 2022, with an assessed value of $1.2 billion during the year. It is expected to reach around $2.36 billion by 2028, at a compound annual growth rate of 11.8 per cent.
The expanding digital workforce and the increasing acceptance of the BYOD trend by businesses in APAC are supporting the growth of SASE. The increase in demand for better network management, network visibility and control, and wireless communication is driving the deployment of SASE in the region. In addition, governments in APAC countries including Japan, Malaysia, Singapore and India are implementing robust cybersecurity framework policies, creating new opportunities for SASE vendors and enterprise customers. The region is also witnessing vendor partnerships leading to a more developed and diverse SASE ecosystem. For instance, Axiata partnered with Versa Networks to deliver SASE technology to rapidly digitalising Asian enterprises. More recently, CBC Tech collaborated with Zenlayer to extend the reach of eNet SASE connect from the current 25 points of presence (PoPs) to 50 PoPs worldwide over its global fabric. The companies will offer secure, high-speed and global connectivity solutions to its customers in remote locations across ASEAN and India, among other countries.
Implementation lags
Despite the expanding vendor ecosystem and rising global popularity of SASE among organisations, the transition to a complete SASE model will take time. Enterprises are hesitant to deploy the emerging technology due to a number of reasons. One challenge to adoption is the maturity of the SASE market. The vendors building SASE solutions come from different backgrounds or specialise in one area of security. Some are security vendors that are now building their software-defined wide area network (SD-WAN) and cloud capabilities, while others are networking or content delivery network (CDN) vendors that are building their security capabilities. Not every vendor claiming to offer a SASE product currently delivers all of the required and recommended SASE capabilities. This is something that will likely improve and accelerate with partnerships, acquisitions and market consolidation. Further, SASE solutions are cloud-delivered, but vendors may differ in the extent to which their cloud architecture is native. One difference among SASE providers that may impact adoption for some regions is the use of public cloud infrastructure as a service for PoPs or in owning their PoPs.
Meanwhile, enterprises have existing investments in hardware that are not fully amortised as well as ongoing software contracts, making it unviable for them to invest in SASE solutions. From a technical perspective, the SASE adoption challenges include ensuring reliable network connectivity, integrating with existing IT infrastructure, understanding the maturity level of a vendor’s solution, and ensuring compliance with data privacy regulations.
Future outlook
Security approaches such as SASE, which provide a single point of control, play a crucial role in strengthening network security for organisations and embeding protections into every element of network architecture. According to Gartner, by 2024, 30 per cent of enterprises will adopt a cloud-delivered secure web gateway, a cloud access security broker, ZTNA and branch office firewall as a service capabilities from the same vendor. By 2025, over 60 per cent of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch and edge access. It is critical for organisations to perform due diligence on available solutions prior to implementation to achieve the highest returns on investment. Successful SASE implementation requires a coordinated and cohesive approach across the network security and networking teams.
While challenges exist in SASE implementation, such as vendor selection and ensuring interoperability, the potential benefits of a comprehensive SASE solution continue to attract investments from companies globally. As the digital landscape continues to evolve, SASE is poised to become an increasingly critical tool for organisations seeking to secure their digital environments.
