Gartner published the first-ever Gartner Magic Quadrant for Security Service Edge. While Gartner first recognized Security Service Edge as an emerging innovation in their Hype Cycle for Cloud Security 2021, this initial research proves that this market is growing exponentially but also changing dynamically. It's this dynamic change and innovation that I wanted to highlight.
Gartner is correct in pointing out that “SASE is a pragmatic and compelling model that can be partially or fully implemented today”. It is a framework to think about the security challenges facing your organisations. All security vendors in this space have taken a unique perspective to the overall SASE market, which is now split between WAN Edge Services and Security Service Edge (SSE) based on many factors that include the technology assets, the Go-To-Market positioning, the value they provide to their customers, etc.
There is no right or wrong approach to Security Services Edge. Organisations need to think about the applicability of an approach based on their security challenges. It could be related to digital transformation, infrastructure modernisation, protecting from advanced threats, preventing data loss, or enabling the remote workforce. In some cases, vendor and technology consolidation would be the correct answer, and, in some cases, choosing a platform for a specific problem would be fine. It all goes back to the basics – the use cases.
Focus on Use Cases. Not Acronyms
Cybersecurity teams know this very well. We are all used to acronyms in the Cybersecurity space. It helps to simplify things, but it also ends up hiding the details. I know this is implicit, but it is worth a reminder - focus on good security outcomes by solving the use cases that matter most to your organisation.
End users often use industry analyst reports to narrow down their choices and save time. Who wouldn't want that? But so often, we miss the specifics. We have seen this repeatedly in our industry, given the dynamic nature of threats and vendor ability to detect and prevent them. Only a handful of vendors have been able to stay ahead of the game and deliver products that help provide value and great customer experience. Proofpoint happens to be one such vendor that has done this consistently for two decades with its people-centric cybersecurity solutions that address threat protection and data loss prevention.
I'd recommend organisations ask and learn more on SSE from peers who have addressed key use cases as part of their journey or contact one or more of the analysts you utilise to discuss your specific requirements. And lastly, ask vendors to prove the value of the tech (not proof of concept) tied to the use cases before making a strategic choice.
Proofpoint's Approach: People-Centric SSE
What do every exfiltration and advanced threat scenario have in common? It's your biggest asset – people.
Loss of sensitive IP, cloud delivered malware, and ransomware result from careless, malicious, or compromised users on workstations at home or systems in the office as part of your network accessing corporate data that is now mostly stored in cloud apps. I am sure CIOs and CISOs across all industries would agree on one universal truth – we need to know the whole security story. To answer this question, identity needs to be front and centre of the security fabric. If you are trying to build an approach to SASE and SSE, focus on what matters most - protecting people from threats and the data from leaving. Replacement of legacy networks with modern infrastructure is also critical. But not at the cost of “defining, implementing & managing the security controls” for Information & Threat Protection.
As I stated earlier, vendors, including us, have a unique approach to SSE. Many factors influence this strategy. At Proofpoint, our strategy is guided by our core mission to protect what matters most – the people by eliminating the greatest risks to the world's leading organisations.
This belief has shaped our people-centric SSE strategy, which provides a suite of integrated solutions for cross-channel DLP, CASB, Secure Web Gateway, Browser Isolation and Secure Access.
Interested in the Proofpoint Journey?
Follow these links to learn more about Proofpoint’s approach to solving People-centric SSE use cases to Combat Email and Cloud Threats, Combat Data Loss and Insider Risk, Protect Cloud Apps, Secure Microsoft 365, and Defend Your Remote Workforce.
For organisations who have made investments into Proofpoint, your investments in email protection will be augmented with this expanded platform to reduce risk in threats and data loss. Likewise, the investments you’ve already made in email security will make your next phase even more powerful as you move to the cloud.
We encourage you to schedule an Executive Briefing or a road-map discussion on where we are investing to address use cases of Threat Protection and Data Loss Prevention.