As cyber attacks continue to rise, traditional cyber security for increasingly digital enterprises just won’t cut it anymore. Instead, you need an improved security architecture that secures your network’s edge and cloud environments. Enter SASE.
6 Mins
6th September 2022
Article
Cyber security, CUBΣ
There’s no rest to be had from cyber attacks in the Asia Pacific region (APAC). The number of breaches continues to rise year on year; in 2021, the region experienced a 168% increase in its number of cyber attacks.1 In fact, Asia was the most targeted region for cyber attacks in 2021, representing 26% of the cyber attacks reported worldwide that year.2
Ransomware remains threat number one, with the Asia Pacific being the third most targeted region for this type of attack.3 In 2021, 80% of organisations in APAC reported being victimised by ransomware, with 51% ultimately paying the ransom to recover valuable company data and assets.4
The rapid increase in internet use and digital connectivity in APAC leaves its users increasingly exposed, making the region a prime battleground for cyber attacks. But despite this degree of exposure, 57% of businesses in APAC are still uncertain if their cyber security defences are enough to combat the growing sophistication of threat actors and organised cyber crime.5
In this highly risky regional IT and hybrid work environment, traditional cyber security for increasingly digital enterprises just won’t cut it anymore. There’s more need to secure cloud sources and devices outside enterprises’ network perimeters.
To address these challenges, we need a new and improved security architecture. Enter SASE, a model for securing complex cloud platforms.
Pronounced “sassy,” SASE (Secure Access Service Edge) is a term coined by research company Gartner back in 2019.6 In simple terms, SASE is a cloud-based enterprise security framework. As more businesses transform digitally, security is now also moving to the cloud to reduce complexity, improve agility, and empower multi-cloud networking.
In more technical terms, SASE is a network architecture made up of multiple technologies working together to secure your network’s edge and your cloud environments. It combines the capabilities of a virtual private network (VPN) and SD-WAN with secure web gateways, cloud access security brokers, firewalls, and zero-trust network access.
As such, SASE improves on SD-WAN and brings all its benefits to the cloud: simplified security, reduced costs, faster user experience, scalability, cloud intelligence, secure mobile data, and integrated real-time visibility. All of these capabilities are delivered from the cloud and provided as a service by a SASE vendor.
● It secures your network’s edge and your cloud environments.
The edge is defined simply as any device that connects to your corporate network.7 Whether it’s a laptop, a smartphone, or even a vehicle, as long as it connects to your corporate network to access company data and resources, it is part of your network’s edge.
With the advent of remote-first and hybrid work, your network’s edge could be anywhere in the world—on the beach, in the cloud, on your own device, and even in another company’s network or somewhere beyond the reach of your IT security team. With SASE, private and wide access networks integrate cloud-native security functions to secure your network’s edge as well as your cloud environments.
● It employs the principle of least privilege.
Least privilege means limited access: every system user must operate using the least amount of privileges necessary to complete a task.8 This is similar to the military security rule of restricting access to sensitive information on a “need-to-know” basis.
With SASE, every user that requests access to company data or resources is granted the minimum rights necessary to complete a task in the shortest amount of time necessary. Emphasis on the word “necessary”. While there are industry benchmarks, with SASE, the amount of access and time necessary to accomplish a task can still be set and managed by the company’s IT security team.
● It employs a zero-trust approach.
SASE is at the core of the zero-trust framework, which operates on the dictum of “trust nothing, verify everything”.9 It is a system that authenticates a user or a device every time they try to access the company's network or resources.
Ideally, regardless of where you land on the corporate ladder, there must be no exceptions under the zero-trust framework—every user, every device, and every application must be validated. Even if you have a registered username and password, if your device has not been validated, you will be denied access to the system. This provides another layer of protection to safeguard your workforce and your company assets from organised cyber crime.
Beyond being a new and improved security architecture, SASE is also a framework, an approach to assess the current state of your network and cyber security. Much like migrating to the cloud, moving to a SASE model will require you to rethink how to connect your remote workforce to vital company resources more securely.
SASE, as the convergence of cloud-managed SD-WAN and cloud-delivered security, offers companies more flexibility, especially with the rise of SASE as a managed service. Working with a trusted security advisor eases the shift to SASE and helps you maintain security hygiene, adopt a prevention approach, and keep threat intelligence up to date.
At Singtel, we uphold a security-first approach in everything we do. We help transform your approach to cyber security and strengthen your security at the edge and on the cloud. Our SASE capabilities are part of the Singtel CUBΣ portfolio, a unified suite of connectivity solutions designed to make enterprise networking easier to connect, manage, monitor, and expand globally.
Cyber security is a round-the-clock responsibility. As your trusted business partner, let us do the heavy lifting to defend your most valuable assets at the edge and on the cloud. Talk to one of our security advisors today to learn more about how SASE can protect your network’s edge and your cloud environments.
References
Cyber security
Cyber security, Quantum-safe network
Cyber security, Mobile security, Network slicing
Cyber security, Mobile security, SingVerify
Cyber security, Managed services
Cyber security
Get the latest digest on business and technology trends straight to your inbox.