Secure Access Service Edge (SASE) has become one of the most discussed and often misunderstood frameworks in modern enterprise security and networking. But as organisations look to modernise their infrastructure and secure their digital ecosystems, one question looms large: is SASE a tangible goal, or an ever-shifting ideal?
SASE (pronounced “sassy”) is a convergence of network and security functions delivered from the cloud. It unifies technologies like SD-WAN, Secure Web Gateways (SWG), Cloud Access Security Broker (CASB), firewall-as-a-service (FWaaS), and Zero Trust Network Access (ZTNA) under a single service model.
But this isn’t a technology stack you simply buy and bolt on. SASE is an architectural shift, a rethinking of how secure connectivity should look in a cloud-first, remote-first world.
In a future article, we’ll go deeper into SASE’s components, but here the focus is on the journey: Why are organisations investing in it, and why does getting there feel like navigating a maze?
At its core, SASE addresses a growing tension: the need for fast, flexible access to cloud services without sacrificing security or control.
Legacy architectures, with their reliance on centralised security appliances and static perimeters, simply weren’t designed for a world of hybrid work, distributed applications, and ubiquitous endpoints.
SASE promises to solve this by bringing security closer to the user, the device, and the data, wherever they are.
It’s about:
For CISOs and IT leaders, this makes SASE not just a security improvement, but a business enabler.
Despite its transformative appeal, the journey to adopting a Secure Access Service Edge (SASE) framework is rarely straightforward. Organizations often find themselves grappling with the intricate balance between established legacy infrastructure and their strategic future aspirations. This inherent tension makes the SASE journey a complex, multifaceted undertaking.
Here’s why the path isn't a simple, linear progression:
SASE isn't a singular product you purchase; it's a strategic architectural shift. Consequently, the optimal strategy differs significantly based on an organization's unique context, including:
What works for one enterprise may be wrong for another. That’s why SASE journeys tend to be unique and iterative, tailored to both technical requirements and business goals.
One of the most significant dilemmas for IT leaders embarking on SASE is determining the initial entry point.
Some organizations opt to begin with SD-WAN (Software-Defined Wide Area Network), primarily driven by a desire to optimize WAN performance, enhance network agility, and reduce reliance on expensive MPLS. Others prioritize the Secure Service Edge (SSE) components – deploying Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), and Cloud Access Security Broker (CASB) – particularly when cloud adoption, remote work enablement, or improved data protection are the dominant drivers.
However, the reality for most organizations is not a clean slate. They are contending with:
This challenging starting point typically steers organizations towards two principal adoption trajectories:
Both paths present distinct advantages and disadvantages:
There is no universally "correct" answer; the optimal choice is solely determined by what best aligns with your organization's specific environment, budget constraints, and strategic goals
Perhaps the most underestimated challenge in the SASE journey is overcoming deeply ingrained cultural and organizational silos. SASE fundamentally requires collaboration among teams that have traditionally operated in relative isolation – network engineers, security operations, and cloud architects. This necessary shift in mindset, processes, and organizational structure often proves to be a more formidable hurdle than the technological implementation itself. Breaking down these barriers is essential for successful SASE adoption and realizing its full strategic potential.
SASE adoption doesn’t look the same for every organisation. The journey often varies based on size, complexity, and maturity.
Small Organisations
Often cloud-native with minimal legacy baggage, small companies can move quickly.
Medium-Sized Enterprises
These companies tend to have hybrid environments and more internal stakeholders.
Large Enterprises
Complex infrastructure, strict compliance needs, and global scale create a demanding environment.
Not quite. But it is a journey, not a destination.
For some, SASE will come together piece by piece over several years. For others, especially 'born-in-the-cloud organisations', it may be attainable in a much shorter time.
The key isn’t how fast you get there; it’s about building a roadmap that’s sustainable, flexible, and aligned with your business goals.
As you consider your own path to modernizing security, where do your challenges align with these common hurdles?