Inside the zero-trust networking and SASE land grab — Raynovich

Scott Raynovich

You may be overwhelmed with cybersecurity acronyms and buzzwords — I know that as an analyst it's hard to follow FWaaS, SWG, DLP, DDoS, APT, ATP, and ASVs. Now some new ones have arrived — Secure Access Service Edge (SASE) and Zero Trust Network Access (ZTNA), so it's important to define what they are and what they mean.

ZTNA and SASE are interesting because they represent a specific approach to cybersecurity, rather than a specific function (such as the acronyms above). The broader trend in cybersecurity right now is integration of functions: Cybersecurity practitioners actually have too many tools at their disposal, and what they would like to do is use a variety of cybersecurity functions as an integrated portfolio that can leverage data and connections and provide automation.

This is changing as the world becomes more cloud-oriented. End users and cloud applications are creating and terminating network connections at a rapid rate, and these networks no longer live in an easily defined perimeter such as the home or the enterprise office.

ZTNA and SASE will play a key role in this automate-and-integrate approach, which may be why they are so hot. For many years, the network has been an island in the security jungle. For example, functions such as malware defense, anti-virus, and Advanced Threat Protection (ATP) are often focused on security endpoints and specific devices, rather than inside the network itself. Cloud security products are often focused on the data center — so-called "East-West" traffic — rather than worrying about connections to the outside world or other cloud apps. And firewall approaches depend on discrete functions or devices that need to be bolted on to the network. These days, security needs to be everywhere.

Where does ZTNA go?

ZTNA is part of the new paradigm — build defense into the network, like an antibody. Let's take a look at what zero trust means. First of all, zero trust doesn't mean that you should have zero trust in the network. It means that the network should have zero trust in you. At its core, zero trust means the network needs to use many techniques to verify that applications and users have confirmed their identity and deserve access in order to build a defendable and impermeable perimeter between an enterprise network and the rest of the world.

RELATED: Industry Voices—Raynovich: Will 2021 get more SASE?

U.S. National Institute of Standards and Technology (NIST) describes zero trust generally as: “A collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.“ NIST states that a zero-trust strategy is “primarily focused on data and service protection but can and should be expanded to include all enterprise assets (devices, infrastructure, components, applications, virtual and cloud components) and subjects (end users, applications and other non-human entities that request information from resources.”

The cybersecurity community is moving toward ZTNA and software-defined perimeter (SDP) architectures as part of a need to automate identity-based access as we move to a cloud world were applications and users are connecting to networks at unprecedented scale.

ZTNA products and services come in many different flavors, but the basic approach will become a key feature of many broad cybersecurity portfolios. They can also be segmented based on the underlying technologies deployed, or they can be based on the use cases they generally support. ZTNA products are not designed to solve every access problem, but they will become a tool in a broader market of integrated network security known as Secure Access Service Edge (SASE).

The demand is there. Cybersecurity Ventures recently predicted that global cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. The same firm said that cybersecurity spending is expected to reach $1 trillion cumulatively for the 5-year period from 2017 to 2021 (Source: Cybersecurity Magazine).

Of course, the excitement has generated investment. Nearly $8 billion in investment went into cybersecurity companies in 2020, according to Crunchbase. Much of this money has gone into a lot of ZTNA and SASE startups. This has created a veritable land grab as dozens of cybersecurity companies both old and new position their wares toward this architecture.

My research firm recently delved into the market and analyzed the biggest players. This resulted in a list of nearly 30 companies focused on ZTNA and identity-based security alone. This follows on our work with SASE — at least another 30 companies — and many of these technologies and companies overlap in the market.

If you want the quick cheat sheet, some of the companies focused on ZTNA and identity security include: Absolute Software, Akamai, Appgate, Axis Security, Banyan Security, Barracuda, Cato Networks, Cisco, Citrix Systems, Cloudflare, Cognitas Technology, Elisity, Google (BeyondCorp), Juniper Networks, NeXoundry, Netskope, Okta, OPAQ Networks (For-net), Palo Alto Networks, Perimeter 81, Proofpoint, Versa Networks, VMware, Wandera, Waverly Labs, Witesand, Zentera Systems, Zscaler. (This is NOT an exhaustive list, but it is a list of the companies that came up most often in our research.)

The market has spoken and this interesting cluster of companies is pursuing at large opportunity — anywhere between $10 billion and $50 billion, according to various calculations. I look forward to seeing how it evolves as cybersecurity practitioners figure out better ways to integrate the rapidly expanding landscape of cybersecurity tools.

R. Scott Raynovich is the founder and chief analyst of Futuriom. For two decades, he has been covering a wide range of technology as an editor, analyst, and publisher. Most recently, he was VP of research at SDxCentral.com, which acquired his previous technology website, Rayno Report, in 2015. Prior to that, he was the editor in chief of Light Reading, where he worked for nine years. Raynovich has also served as investment editor at Red Herring, where he started the New York bureau and helped build the original Redherring.com website. He has won several industry awards, including an Editor & Publisher award for Best Business Blog, and his analysis has been featured by prominent media outlets including NPR, CNBC, The Wall Street Journal, and the San Jose Mercury News. He can be reached at [email protected]; follow him @rayno.

Industry Voices are opinion columns written by outside contributors—often industry experts or analysts—who are invited to the conversation by FierceTelecom staff. They do not represent the opinions of FierceTelecom.