In the years since the cloud access security broker (CASB) was first introduced, enterprise SaaS usage has risen dramatically. Most organizations now rely on the cloud for core business applications housing sensitive corporate data. This usage, coupled with the massive scale of smaller, potentially unsanctioned cloud applications, has made the CASB a critical component of enterprise security strategies.
The results of this fragmentation are typically increased complexity, reduced operational efficiency, and poor security effectiveness. To alleviate these issues, software-based, virtual, and containerized next-generation firewalls that can be deployed across a variety of cloud platforms and application architectures in order to provide consistent, effective protection against a myriad of advanced threats, as well as centralized management across the entire firewall infrastructure, are critical to secure the modern hybrid, multi-cloud enterprise.
Security teams must begin considering how CASBs can better integrate with other network security control points to streamline deployment, provide more consistent management, and improve security effectiveness.
The Role of SaaS Security in the Modern Enterprise
Of all the business applications used by your organization, approximately what percentage is currently public cloud-resident? How do you expect this to change – if at all – over the next 36 months? (Percent of respondents, N=664)
Source: Enterprise Strategy Group
The fact that CASB is architected and managed independently from other security tools has a downstream effect on the security analysts and practitioners who must synchronize their risks, policies, and goals across a separate layer of the stack.
Which of the following do you believe were the biggest contributors to your organization’s public cloud-related data loss? (Percent of respondents, N=166, five responses accepted)
Source: Enterprise Strategy Group
Top Requirements for a Modern CASB
Deep visibility and intelligence across the thousands of cloud services available.
End-to-end DLP coverage to ensure consistent security across the cloud, network, and endpoints.
Tight integrations with other network security tools to position CASB as the security anchor point for the transition to (SASE).
CASB as an Anchor Point of SASE
In your opinion, which of the following issues resulting from using disparate tools have had the most negative impact on your business? (Percent of respondents, N=337, multiple responses accepted)
Source: Enterprise Strategy Group
Palo Alto Network SaaS Security seeks to deliver deep application visibility, simpler and more efficient management, and granular content and threat inspection.
1 Source: ESG Research Report, 2021 Technology Spending Intentions Survey, Jan 2021.
2 Ibid.
3 Source: ESG Master Survey Results, The State of Zero Trust Security Strategies, May 2021.
4 Source: ESG Master Survey Results, Network Security Trends, Mar 2020.
5 Source: ESG Master Survey Results, Transitioning Network Security Controls to the Cloud, Jul 2020.
6 Source: ESG Master Survey Results, The State of Zero Trust Security Strategies, May 2021.
7 Source: ESG Master Survey Results, Trends in IAM: Cloud-driven Identities, Dec 2020.
8 Source: ESG Master Survey Results, Trends in Cloud Data Security, Jan 2019.
9 Source: ESG Master Survey Results, Transitioning Network Security Controls to the Cloud, Jul 2020.
10 Source: ESG Master Survey Results, Transitioning Network Security Controls to the Cloud, Jul 2020.
This ESG White Paper was commissioned by Palo Alto Networks and is distributed under license from ESG.
All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of The Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at 508.482.0188.
Enterprise Strategy Group | Getting to the Bigger Truth™
Enterprise Strategy Group is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.