Logicalis is igniting a spark within the secure access service edge (SASE) market in Asia, helping customers overcome initial adoption challenges through a managed security approach to protection.
Central to such efforts is a services offering designed to address ongoing security strategy and skills roadblocks, as cyber hackers ramp up efforts to destabilise the region on a daily basis.
“In the increasingly hostile world that we live in, security attacks are more frequent, more sophisticated and more creative,” outlined Lim Tsu Pheng, CTO at Logicalis Asia. “But the fact is, smaller companies are subjected to the same threats as larger enterprise.
“However, these companies lack the resources to explore, assess, design, monitor and manage all necessary security technologies and control. SASE and especially managed SASE requires that all necessary security controls are within a single platform, managed through a single pane.”
Another key trend impacting the security and SASE market in Asia is the scarcity of security talent, as noted by Tsu Pheng.
To put this into context, the number of unfilled cyber security jobs increased 350 per cent between 2013 and 2021, from one million to 3.5 million across the world. In 2022 and beyond, that gap is expected to widen further.
“This talent gap is a tremendous threat to organisations, individuals and governments across the globe,” Tsu Pheng said.
In response, customers are turning to managed security service providers (MSSP) to alleviate such a skills gap, ramping up outsourcing agendas to bolster protection levels.
“Companies can tap into a ready pool of security professionals and expertise to mitigate this resources gap," Tsu Pheng added. “I do believe that these trends will certainly drive the managed SASE market up over the next six months.”
Assessing market maturity levels
First coined by Gartner in 2019, the concept of SASE is now entering the lexicon of IT executives and follows a similar adoption process to previous “new thing” technologies within the networking space.
“Most networking folks know about SD-WAN,” commented Andrew Lerner, vice president of Research at Gartner, when referencing SASE almost three years ago.
“And of course, just when everyone is aware and comfortable with a technology, and it is (relatively) stable with over 25,000 paying customers, and we can start to absorb it… then boom. Things change. And we are absolutely seeing the market evolve. And the new ‘thing’ is SASE.”
Fast forward three years -- plus a global pandemic, a debilitating supply chain crisis, ongoing geopolitical turmoil and strong economic headwinds -- and SASE remains firmly in the “emerging” camp.
“On ground adoption in Asia is still in its infancy,” Tsu Pheng observed. “While the pandemic’s fall out stimulating remote work and cloud dependency has accelerated awareness about SASE’s benefits to companies’ digital transformation initiatives, maturity levels are still fledgling in the region.”
As noted by Tsu Pheng, such a low rate of SASE adoption could be attributed to two underlying factors.
“First, the SASE framework requires various networking and security functions to be within a single platform,” he noted. “Companies are therefore in a dilemma as to whether they should opt for a single vendor solution or consider best-of-breed solutions from multiple vendors.
“The second impediment is that, often, bigger companies have already made crucial investments in both hardware and software. With contracts still in force and staff trained in networking and security, it’s challenging for these companies to pivot towards a newer solution like SASE.”
But despite the need for heightened market awareness, Tsu Pheng emphasised the importance of organisations embracing SASE in both the short- and long-term -- in response to the increased “severity and complexity” of security attacks across the region.
“With looming threats and challenges, new offerings like SASE allow enterprises to consolidate both network and security tools into one single management platform -- one that is cost efficient and location independent,” he outlined.
Triggered by COVID-19 and sustained by the “new normal”, the mass shift to hybrid work has resulted in an explosion of applications, increased use of mobile devices and accelerated adoption of cloud services.
As a result, the attack surface area continues to expand at pace as organisations embrace new digital technologies, while heightening exposure levels in the process.
“SASE is a compelling response to the challenges of this new perimeter-less frontier,” Tsu Pheng said. “With the SASE framework, regardless of where the data goes, and who the user is, the security policy enforcement remains consistent.
"This is a far cry from the traditional way of security protection where data was routed back to the data centre from remote locations through VPN connectivity for security verification. IT teams in organisations need to deploy SASE frameworks and rethink centralisation of network and security access in any multi cloud environment, with consistent access management of apps throughout the lifecycle.”
Customers pursue security consolidation
According to Gartner research, 75 per cent of customers are pursuing security vendor consolidation in 2022, up from 29 per cent in 2020.
Notably, 57 per cent of businesses are currently working with fewer than 10 vendors within the security space, seeking to optimise fewer partners in the key areas of SASE and extended detection and response (XDR).
“Security and risk management leaders are increasingly dissatisfied with the operational inefficiencies and the lack of integration of a heterogenous security stack,” noted John Watts, vice president at Gartner. “As a result, they are consolidating the number of security vendors they use.”
Companies primarily want to consolidate security vendors to “reduce complexity and improve risk posture”, as opposed to budget savings or procurement improvements. Specifically, 65 per cent of businesses expect to improve overall risk posture internally, while only 29 per cent expect reduced spending on licensing.
“Cost optimisation should not be the primary driver for vendor consolidation,” Watts advised. “Organisations that look to optimise costs must reduce products, licences and features, or ultimately renegotiate contracts.”
Within the context of vendor consolidation, 41.5 per cent of customers plan to have adopted SASE by the end of 2022.
“Adopting a SASE framework can be challenging for most companies,” Tsu Pheng stated. “The biggest hurdle for companies is moving their existing model of security protection to a different architecture.
“Currently, most companies deploy network centric security, where once the network is secured, it’s assumed that everyone on that particular network is secure. Hence all traffic needs to be channelled back to this aggregation point before going to the internet and clouds.”
As outlined by Tsu Pheng, SASE enforces security where the traffic is however -- at user and application endpoints.
“So wherever the users may be, wherever the applications may reside and whatever devices are used, the same consistent policy enforcement and access control will apply throughout,” he explained. “It can be daunting for companies to opt to shift from one model to another, this is where ‘managed’ play comes into the picture.”
Maximising managed SASE
To help accelerate adoption of SASE -- while also acknowledging customer demand for consolidated vendors and offerings -- Logicalis is assuming the role of MSSP to help customers proactively address ongoing security challenges.
Under the guidance of Tsu Pheng, the specialist provider is helping manage complexity throughout the solution lifecycle, in addition to guiding customers through the “assess, design, deploy, monitor and manage” stages of SASE deployment.
“Companies can plug skill gaps by leveraging our existing security and networking prowess for their own needs,” he added.
“Organisations leveraging managed SASE offerings will benefit from a proven adoption plan with a structured change management process to on-board SASE zero-trust and in addition, will gain access to proven best practices. Companies can then re-focus their existing teams toward more strategic IT and security practices.”
Alongside managing the SASE lifecycle, Tsu Pheng also referenced the global scale of Logicalis’ MSSP security team who deliver around-the-clock support to customers in Asia.
“By having eyes on the network security environment via the SASE platform, our MSSP team members can help reduce the alert fatigue that security and IT teams face by sifting through incidents and elevating only the most critical alerts that deserve attention,” he noted.
One such example is a fintech customer in Singapore who required a solution housing end-to-end security controls, which would enable compliance with the Monetary Authority of Singapore’s Technology Risk Management (TRM) regulations.
“We aligned their requirements and risk priorities with a zero-trust framework approach that resulted in us deploying a SASE solution and managing the threat detection and response for them,” Tsu Pheng outlined. "This shortened their time to market by six months, which they would not have achieved had they taken a DIY approach instead.
“Ultimately a partnership approach with an established MSSP is essential to ensure that organisations can gain the advantage of industry best practices.”