Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn’t that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.
Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there’s an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we’re told is SASE without SD-WAN. In any event, what happens is that there’s pressure to add this new thing on, and that creates another layer of protection…maybe. Complication and cost? Surely.
Chasing acronyms is bad, but there may be a lesson in the latest security equation: SSE equals SASE minus SD-WAN, right? Well, maybe the minus-SD-WAN piece is where we’re going wrong, because a lot of our security cost and complexity problems could be solved by letting the network play a role in its own protection, and we actually know how to do that. In fact, it leverages networking’s fundamental property: addressing.
You can’t have connections if you can’t address the things being connected. The power to address is the power to hack.