SASE in the Spotlight as Enterprises Prioritize Edge Network Security

Edge is the concept that moves IT from a centralized to a decentralized model, away from consolidating the cloud data center and infrastructure, applications and workloads and closer to where where the data is generated or consumed. According to a new report from AT&T Business, the definitions and usage of edge networks are changing across industries, as enterprises seek effective security strategies that address the risks of the edge and allow them to explore its opportunities. The Secure Access Service Edge (SASE) is on the radar of some enterprises looking to strengthen traditional security controls, bring network and security closer together, and enable broader, more centralized visibility across an enterprise surface. perimeter network attack.

Edge use cases differ by industry, cyber risks are felt by all

The report showed that while edge network usage patterns differ significantly for companies in healthcare, finance, public sector, manufacturing, retail, and energy, edge cyber risks are felt by all. Networks chosen for edge use cases included public and private cellular 5G, non-5G cellular such as 4G and LTE, remote/branch offices, cloud, and industrial and consumer IoT networks.

Private 5G and cloud were cited as the preferred edge network overall, with the former expected to be the edge network environment used to support use cases over the next three years. Almost three-quarters (74%) of businesses surveyed said the likelihood of compromise is a 4 or 5 (with 5 being very likely), with retail and energy/utilities presenting the highest perceived risk in the six sectors.

Ransomware was the top cyber threat concern across all industries, while attacks on associated cloud workloads, sniffing attacks on user endpoints and components, and server/data attacks were cited as the most likely attack vectors for healthcare, finance and public sector. respectively. For manufacturing, retail, and energy/utility businesses, attacks against user devices and terminals and sniffing attacks against the radio access network (RAN) have been designated as the most likely attack vectors, respectively.

Edge cybersecurity controls are a priority for businesses

AT&T’s report illustrated a clear willingness of organizations to invest in better cybersecurity controls for their maturing edge environments. However, “decisions about which controls to use vary and depend on several factors, including whether the edge is an extension of the cloud or on-premises, the edge network environment, whether the controls are on or in the edge network, familiarity, regulations, and cost benefits,” it reads.

SASE was cited as the most notable growth engine due to the growing number of organizations moving to cloud-based solutions and its ability to bring network and security closer together. “But some industries may not want to route all of their data through the cloud, so on-premises security solutions will continue to exist in areas such as OT,” the report said.

Cost-benefit is key in edge security investments

While state-of-the-art security decisions depend on different factors, the cost-benefits of controls are an integral part of investment decision-making, according to the report. “Decision makers at all levels and departments of organizations regularly compare benefits with costs.” Overall, network edge firewall (43.8%), intrusion/threat detection (30.5%), and device-to-device network access restrictions (25.9%) were cited as providing the greatest cost-benefit for edge security. On the other hand, network access control, patching and DDoS attack mitigation were considered the least interesting. As for individual sectors, the data discovered:

  • Intrusion and threat detection, multi-factor authentication (MFA), data-at-rest encryption, and endpoint and device monitoring are the most effective security controls for healthcare.
  • Encryption of external traffic at a gateway or proxy, encryption of data at rest, network edge firewall, and application proxy monitoring are the most effective security controls for finance.
  • Zero-Trust network access control, data-at-rest encryption, traffic encryption (internal to the network and external to a gateway/proxy), MFA authentication and device authentication are the security controls most effective for the public sector.
  • Intrusion and threat detection, device authentication, and data leak monitoring are the most effective security controls for manufacturing.
  • Network access restrictions (device-to-device), intrusion and threat detection, and traffic encryption (both internal to the network and external to a gateway or proxy) are the most effective security controls for the retail trade.
  • Intrusion and threat detection, network access restrictions (device-to-device), encrypted traffic (internal to the network), and firewall at the edge are the most energy efficient security controls. public services.

“Policy makers will need to consider whether costs lead to benefits or whether benefits lead to costs,” the report says.

Proactive and preventative approach essential to edge security

Edge network security ultimately requires a proactive and preventative approach that considers a hybrid network model that is likely to persist for an extended period of time, AT&T’s report concluded. “5G adoption is increasing, but organizations can leverage legacy networks where it makes sense for specific use cases and as dictated by the realities of existing communications infrastructure, regulations, and location,” he said.

This is where combining SASE with existing on-premises solutions can be particularly beneficial, he added. “When SASE and legacy on-premises solutions are combined, they have capabilities beyond security.” The security focus of both sets revolves around traditional firewall, VPN, and IDS functionality for general cybersecurity needs; special-purpose functionality such as data loss prevention for privacy-focused data; and application firewalls for more distributed ephemeral application architectures.

Other Edge security recommendations presented by AT&T include:

  • Communicate with stakeholders and educate them on a journey that will be both exciting and challenging.
  • Emphasize the importance of security by design throughout all stages of edge network discussions and use case implementations.
  • Talk to service providers and network operators before making decisions about edge networking.
  • Learn about the shared security responsibility model with public cloud service providers and operators to clarify roles and responsibilities at each stage of use case implementation.
  • Classify data and maintain processes and procedures related to confidentiality and data sovereignty.
  • Evaluate the cost-benefit of security controls before implementing them, keeping in mind the need for visibility across the entire attack surface.
  • Perform frequent reviews of security controls based on data movement routes and storage locations, beyond what is required for regulatory compliance.
  • Use rich, multi-source threat intelligence to track attackers’ tactics, techniques, and procedures.

“With the adoption of the Edge network comes a shift in data accessibility, agility, scale, and user/client access – a shift that can enable innovative use cases and differentiation. business,” the report said. “But new and different risks are also part of the transition, and policymakers need to figure out how to deal with them.”

Copyright © 2022 IDG Communications, Inc.

Kevin M. Risinger