思科+網(wǎng)絡(luò)安全就緒指數(shù)

CiscoCybersecurity

ReadinessIndex

ResilienceinaHybridWorld

March2023

Contents

ExecutiveSummary

BenchmarkingReadiness

ProtectingIdentity

ProtectingDevices

ProtectingNetworks

ProtectingApplicationWorkloads

ProtectingData

IndustryandSizeMatters

Conclusion

AbouttheResearch

3

6

8

10

12

14

16

18

20

21

2

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

ExecutiveSummary

InapostCOVIDworld,therequirementsofcybersecurityhavechangedasthelandscapeforbusinesseshas

beenspunonitshead.Organizationshavemovedfromanoperatingmodelthatwaslargelystatic–wherepeopleoperatedfromsingledevicesfromonelocation,connectingtoastaticnetwork–toahybridworldinwhichweincreasinglyoperatefrommultipledevicesinmultiplelocations,connectingtomultiplenetworks.

Amere15%oforganizationsgloballyaredeemedtohaveamaturelevelofpreparedness

tohandlethesecurityrisksof

ourhybridworld.

Whilethereisbroadconsensusthatthemovetohybridisheretostay,itslong-termsuccesshingesgreatlyonorganizations’abilitytosafeguardthemselvesagainstnewandrapidlyevolvingthreats.

Setagainstthis,wewantedtounderstandhowreadyorganizationsaroundtheworldaretomeetthesemodernsecuritychallenges.Todothis,wedevelopedtheCiscoCybersecurityReadinessIndex.Itcategorizescompaniesintofourstagesofreadiness:fromBeginner,toFormative,Progressive,andfinallyMature,basedontheirpreparednessacrossfivekeypillarsandthestateofdeploymentof19securitysolutionswithinthose.Moredetailsonthescoringmethodologycanbefoundinthefollowingsection.

TheGlobalCybersecurityReadinessGap

Theresultsarestark:accordingtotheindex,amere15%oforganizationsgloballyaredeemedtohaveamature

3

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

Indonesia

ThePhilippines

Thailand

levelofpreparednesstohandlethesecurityrisksofourhybridworld.

Thisisdespitemostcompaniesbeingawarethatthethreatisreal.Fouroutoffive(82%)securityleaderswespoketogloballybelievecybersecurityincidentsarelikelytodisrupttheirbusinessesoverthenext12to24months.

Andtheconsequencesofnotbeingpreparedhaveneverbeengreater.Almost60%ofrespondentssaidtheyhadexperiencedsomekindofcybersecurityincidentinthelast12months.Theincidentscost71%oforganizationsaffectedatleastUS$100,000,with41%sayingtheoverallcostwasUS$500,000ormore.

Wehaveanalarmingcybersecurityreadinessgap,andit’sonlygoingtowidenifglobalbusinessandsecurityleadersdon’tpivotquickly.

Almost60%ofrespondentssaidtheyhadexperiencedsomekindof

cybersecurityincidentinthelast12months.

4

MappingReadinessAroundtheWorld

Asyoumightexpect,therearevariationsinprivatecompanycybersecurityreadinessacrossmarkets,butnotinthewaywemightordinarilyexpect.Inourindex,privatesectorcompaniesinlessdevelopednationsoutperformtheirpeersinwealthiercountriesbyaconsiderablemargin,especiallyinAsia-PacificandtheAmericas.

IntheAmericas,Brazilstandsoutasthecountrywherecompaniesaremostreadytotackletoday’ssecuritychallenges,with26%ofcompaniesconsideredinamaturestageofpreparedness.Meanwhile,companiesinCanada(9%inMaturestage),theUSA(13%inMaturestage)andMexico(12%inMaturestage)demonstratelowlevelsofreadinesscomparedtotheglobalaverage.

InAsia-Pacific,organizationsinIndonesia(39%inMaturestage),thePhilippines,andThailand(27%eachinMaturestage)topthechartbothregionallyandglobally.Ontheotherhand,companiesinrichercountrieslikeJapan(5%inMaturestage)andSouthKorea(7%inMaturestage)arelanguishingatthebottom.

Marketsmostmatureintheiroverallcybersecurityreadiness

Maturestage

39%

27%

27%

Brazil

26%

Thisvariancecouldbelargelyexplainedbythefactthatcompaniesinemergingmarketsstartedtheirdigitizationjourneysmorerecentlycomparedtotheirpeersindevelopedmarkets.Thatmeansmanyofthesecompaniesdonothavelegacysystemsholdingthemback,makingitrelativelyeasiertodeployandintegratesecuritysolutionsacrosstheirentireITinfrastructure.Whileawarenessofsecurityrisksandtheirimpactonbusinesshasneverbeenhigher,thisfindinghighlightsthat‘techdebt’continuestobeamajordriverofthereadinessgap.

ThistrendisnotseenacrossEurope,though,wherecompaniesarelaggingtheglobalaverageonreadiness.

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

Inalmostallcountrieslessthan10%ofcompaniesaredeemedmatureenoughtotackletoday’scybersecurityissues.TheUKandGermanyaretwoexceptions,with17%and11%companiesinamaturestateofreadinessrespectively.

ReadinessbySizeandIndustry

Readinessvariesacrosscompanysizesinaninterestingway.Thedatashowsthatgloballymid-sizedfirmsofbetween250and1,000employeesarebestprepared,withover19%ofsuchfirmsatamaturestageofoverallreadinesscomparedto17%oflargerbusinesses(1,000+employees).Thissuggeststhatwhilelargerorganizationsmayhavebiggerbudgets,theytypicallyrequiremorecomplexdeployments,whichcantakelongertoimplement.

Smallerorganizationsaretheleastwell-preparedwithjust10%beingmatureintheirreadiness.Whilethisisnotsurprising,itisanareaofconcern,assmallcompaniesfallingbelowthis‘securitypovertyline’bringwide-reachingexternalities–they’reincreasinglypartofsupplychainsoflargerorganizations,makingthemanattractivetargetformaliciousactors.Intoday’shyper-connectedworld,itiscriticaltoensuretherearenoweaklinksthatbadactorscanexploit.

Ofcourse,readinessisalsodependentonthetypeofindustryinwhichourrespondentsworkin.ThoseinsectorswiththemosttolosetendtohavemorecompaniesintheMaturestateofreadiness,includinghealthcare(18%)andfinancialservices(19%).However,itisretail,with21%oforganizationsintheMaturecategory,thatcomesoutontop.Thislikelyreflectsthesubstantialnumberofcyberattacksthisindustryhasfacedovertheyears,asbadactorsregularlytargetthepersonalandfinancialdataheldbytheseorganizations.

ClosingtheCybersecurityReadinessGap–

OurGlobalSecurityResilienceImperative

Whilethecybersecurityreadinessgapmaybealarminglylarge,businessesarenotstandingstill.

Securityleadersareawareoftherisksandarekeentoinvestintheircybersecurityreadiness:86%oforganizationshaveplanstoincreasetheircybersecuritybudgetbymorethan10%overthenext12months.Itiscrucialthatthesebudgetincreasesaredeliveredsooner

ratherthanlater.Giventheenvironmentthatbusinessesoperateinandthecurrentreadinessgap,a12-monthwaitisfartoolong.

Asthesecompaniesinvestintheircybersecurityreadiness,confidenceintheirabilitytostayresilientwillimprove.OfthecompaniesthatwererankedMature,53%saidtheywere‘veryconfident’intheabilitytostayresilientagainstpotentialcyberattacksinthenext12to24months.Ontheotherhand,only30%ofcompaniesintheBeginnerstageand34%intheFormativestagesaidthesame.

Butastheydeploybudgets,companiesdoneedtothinkaboutsecuritydifferently.Becausethreatsareeverywhere,stand-alonesecuritystrategiesarenolongereffective;theyfocustoomuchonthreatprevention,createsiloesthatcanbeexploited,anddon’taccountforthefullbusinessimpact.

Whatorganizationsneedissecurityresilience,wheresecurityisfoundationaltobusinessstrategyandiscollectivelyprioritizedthroughouttheorganization,allowingcompaniestobetteranticipatethreatsandbouncebackfasterwhenathreatbecomesreal.Mostorganizationsarealreadythinkingaboutresilienceintheirfinancial,operational,organizational,andsupplychainfunctions.Securityresiliencecutsacrossallofthem.Resilienceisaboutverifyingthreats,understandingconnectionsacrosstheorganization,andseeingthefullcontextofanysituationsoteamscanprioritizeandensuretheirnextactionisthebestone.

Forbusinessleaderstobuildsecureandresilientorganizations,theymustestablishabaselineofhow‘ready’theyareacrossthefivemajorsecuritypillars.Thematurityofsecurityinfrastructure,particularlyinrelationtolocalandglobalpeers,willhelporganizationsidentifywhatareastheyarestronginandwheretheycanbestprioritizeresourcestoimprovetheirabilitytoberesilient.OurhopeisthatthisCybersecurityReadinessIndexwillactasawake-upcallforseniorbusinessleaders.Closingthecybersecurityreadinessgapmustbecomeaglobalimperative.Wecannotaffordtofallfurtherbehindastheshifttohybridcontinuestoaccelerate.Theimpactonbusinesses,customersandsocietywillonlyincreaseamidanexplosionofhybridthreatvectorsandanincreasinglycomplexthreatlandscape.Whilesomeprogresshasbeenmade,notenoughfirmsarecybersecurity-readytotakeonthechallengesthatourhybridworldhascreated.

5

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

Devices

Therearetwoaspectstothis.Firstarethedevicesthatemployeesusetologontoacompanynetwork.Thesecanbebothofficialandpersonal.Secondareotherdeviceswithintheinfrastructure–rangingfromsecuritycamerastosmartprinters,whichareallconnectedtothenetwork.Companiesneedcapabilitiestoverifythesedevicesandprotectthemfrombeingaccessedbybadactors.

Identity

Network

Data

Intoday’swayofworking,thenetworkliesattheheartofacomprehensiveapproachtosecuritygiventhatpeople,devices,data,andapplicationsallmoveacrossit.Safeguardingthenetworkfrommaliciousactors,insiderthreats,andthird-partyrisksiscriticaltotheviabilityofthecompany.

Oftendescribedas‘newcurrency,’datahasemergedasoneofthemostvaluableassetsforbusinesses.Itiscriticalfororganizationstoprotectdatafromunauthorizedaccess,use,disclosure,disruption,modification,ordestruction.Withtheincreasingamountofsensitiveinformationbeingstoredandsharedelectronically,robustsecuritycapabilitiesandmeasuresarefoundationaltoachievingthisprotection.

Inthehybridworkenvironment,itiscriticalforcompaniestobeabletoverifytheidentityofeveryonewhotriestoaccessnetworkresourcesandinformation.Onecanarguethatthisisthefirstlineofdefencefromasecurityperspective.

BenchmarkingReadiness

Whilemostofusarebroadlyawareoftheincreasedsecurityrisksbroughtaboutbythemovetohybridworking,whatisn’twidelyunderstoodishowreadyorganizationsaretofacethoserisks.

Cisco’sCybersecurityReadinessIndexisanewwayofassessinghowreadybusinessesare.

Itissourcedfromadouble-blindsurveyof6,700privatesectorcybersecurityleadersin27globalmarkets.Theindexisbasedonfivepillars:Identity,Devices,Network,ApplicationWorkloads,andData.Fromwithinthosepillars,weexamined19differentsolutionsrequiredtoaddressthem.

Weaskedrespondentswhethertheircompanieshadsolutionsinplacetomeetthechallengesofeachpillar,andhowfaralongtheyweretowardsfulldeployment.

Thedatawasthenorganizedandcategorizedintoastateofreadiness,whererespondentswererankedfromBeginner,toFormative,Progressive,andfinallyMaturebasedontheweightedscoresofeachpillarreflectingtheirimportance:network(25%);identity(20%);devices(20%);data(20%);andapplicationworkloads(15%).

Afullerexplanationofthemethodologycanbefoundattheendofthisreport.

Application

Workloads

Ascompaniesmovesomeoralloftheiroperationstothecloud,theyarealsoexperiencingashiftinthewaytheymanageanddeployapplications.Fromcontainerizationtoserverlessarchitectures,andmicroservices,protectingapplicationworkloadsiscrucialintoday’sdigitallandscape.Attacksagainsttheseplatformsandservicescanleadtosensitivedatabreaches,lossofproductivity,andirreparabledamagetoanorganization’sreputation.

6

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

Formative47%

Nearlyhalfofour

respondents(47%)andtheirorganizationsfallintotheFormativecategory,wheretheyhavetakensomeofthemuch-neededstepstoprotectthemselvesbutcannotbeclassifiedasreadytomeetthechallengesofournew

hybridworld.

Basedontheoverallscore,organizationsarecategorizedintooneoffourstagesofreadiness:

?Beginner(Lessthan10):Organizationsattheinitialstagesofdeploymentofsolutions.

?Formative(11–44):Organizationsthathavesomelevelofdeploymentbutperformingbelowaverageoncybersecurityreadiness.

?Progressive(45–75):Organizationswithconsiderablelevelofdeploymentandperformingaboveaverageoncybersecurityreadiness.

?Mature(76andhigher):Organizationsthathaveachievedadvancedstagesofdeploymentandaremostreadytoaddresssecurityrisks.

Lookingattheoverallpicture,nearlyhalfofourrespondents(47%)andtheirorganizationsfallintotheFormativecategory,wheretheyhavetakensomeofthemuch-neededstepstoprotectthemselvesbutcannotbeclassifiedasreadytomeetthechallengesofournewhybridworld.Progressivesformthenextlargestcohortat30%.

Only15%fallintotheMaturecategory,withahighlevelofreadiness.Lessthanoneinten(8%)areintheBeginnercategory,representingthefirststeponthereadinessladder.

Thisreportrepresentsthefirststudyofitskindand

providesacomprehensivecybersecurityreadiness

assessmentforcompaniesacross27marketsglobally.

Overallcybersecurityreadinessoforganizationsglobally

Mature15%

Progressive30%

Beginner8%

7

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

ProtectingIdentity

Traditionally,cybersecurityoperationsfocusoncreatingastrongperimetertokeepoutthreats.Theassumptionbeingthatanyonewhowas‘insidethewire’wasauthorizedtobethere.However,inthehybridworkingmodel,datacanbespreadacrosslimitlessservices,devices,applications,andusers,makingtraditionalperimeterapproachesinadequate.

Thiscallsforanewsecuritystrategywhereno-oneandnothingistrusteduntiltheiridentityhasbeenproactivelyverified.Ourresearchunderlinesthechallenge:aquarter(24%)ofallrespondentsrankedIdentityManagementasthenumberoneriskforcyberattacks.

Foryears,companieshavereliedonidentitymanagementsolutionslikeDataStores,whichareastorageofthingslikeidentityofaperson,theirusername,andtheirpassword.Apersonusesthesetologin,andiftheymatch,theyaregrantedentry.However,ascompanieshave

movedtoremoteandhybridworkarrangements,manyhavestartedtoaddasecondlayerofverification.TheseareIntegratedIdentityandAccessManagement(IAM)solutions,suchasMultifactorAuthentication,whereevenwhenauserenterstherightusernameandpasswordcombination,theyarethengivenasecondprompttoprovethattheyarewhotheysaytheyare.

Giventhatidentitymanagementisrankedbyourrespondentsasthenumberonerisk,itisnosurprisethat95%haveimplementedsomekindofidentitymanagementsolution,withIAMprovingmostpopular,withtwo-thirdssayingtheyhavedeployedthesesolutions.

Somecompaniesareaddingyetanotherlayerofsecuritytoidentitymanagement–PrivilegedAccessManagement.Thisiswhere,evenafterthefirsttwolayersofidentityverification,accessisgrantedbasedonpre-assignedprivileges,suchastheuser’srolewithinthecompany,the

8

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

Giventhatidentitymanagementisrankedbyourrespondentsasthenumberonerisk,itisnosurprisethat

95%haveimplementedsomekindofidentitymanagementsolution,withIntegratedIdentityandAccessManagementprovingmostpopular.

9

devicetheyareusingtologin,andthelocationtheyarelogginginfrom.Thegoodnewsisthatforalltheidentitymanagementsolutions–TraditionalDataStores,IAMandPrivilegedAccessManagement–ourrespondentsarewellprogressedwithmosthavingfullydeployedwhicheversolutiontheyhavedecidedtouse.

However,itisofconcernthatforthosethathavenotyetrolledoutidentitysolutions,morethantwothirds(69%)saidtheyhavenointentiontodoso.Forthosethatdointendtorolloutidentitysolutions,mostwilltakefromonetoasmanyasfiveyearstocompletetheirimplementation.

Overall,companiesneedtostepupfurthertomeetthechallengeofidentityverification.Despitetheclearthreatpresentedbyidentitymanagement,mostofourrespondentsareattheFormative(38%)orBeginner(20%)stage.Only20%fallintotheMaturecategory,withafurther22%intheProgressivesegment.SurprisinglyitismarketsthatarebiggerandmorematurethatlagwiththeNetherlands(31%),France(35%)andJapan(50%)showingthehighestpercentageofBeginners.

Readinesstoprotectidentity

20%

Mature

22%

Progressive

38%

Formative

20%

Beginner

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

ProtectingDevices

LonggonearethedayswhenemployeesaccessedacorporatenetworkfromasingledesktopPC.Theneedtoaccessdataonthemoveandinavarietyofformshascreatedanexplosioninthenumberofdevicesemployeesuse.Thepandemichasalsoaddedtothelistofdeviceswealluseregularlywithcamerasandmicrophones,forexample,helpingmakevideoconferencingabetterexperience.

However,employeedevicesarenottheonlythingsaccessingnetworksanddata.Everythingfromsoilmoisturedetectorstoplantmachinery,andevendoorsecuritysystemsareconnectedtocorporatenetworks,providingimportantandinsightfuldata.

Whateverthedevice,itneedstobeprotected.Wehaveseensignificantdatabreachesinthepastoriginatingfromunprotecteddevices.

Forourrespondents,protectingdevicesranksthirdoutoffiveintheirlistofriskpotential,behindidentitymanagementandthenetworkitself.Italsoseemstobelesschallengingformostwithitrankingthirdontheirlistfordifficulty.

Threequarters(73%)ofourrespondentshavechosentouseenhancedanti-virussolutionsastheirkeysolutiontoprotectdevices.Buildingprotectionsintotheoperatingsystem,suchashostcontrols,isanotherwayorganizationsareprotectingtheirdevices,with65%sayingtheyhavedeployedthistypeofsolution.Endpointprotectionplatforms–firewalls,malware,andprocessvisibilityetc.–rankthirdinthesolutionscompanieshavedeployed.

However,therearetwokeytrendstotakenoteof.Firstly,thescaleofdeploymentispartial.Thisiswhy,despiteahighnumberofrespondentssayingtheyhavethese

10

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

Mature

28%

28%

Despiteahighnumberofrespondentssayingtheyhavethesesolutionsintheirposture,

morethanhalf(56%)ofthecompaniesareeitherattheverystartoftheirjourney,oronlyashortwaydownthepath.

solutionsintheirposture,morethanhalf(56%)ofthecompaniesareeitherattheverystartoftheirjourney,oronlyashortwaydownthepath.

Thesecondisthatamongthosewhodonothavethesesolutionsintheirposture,devicemanagementdoesnotseemtorankhighinthelistofcybersecuritypriorities.Twothirdsoftheserespondentssaidtheirorganizationhasnoplansatalltodeployasolution.

Thisshowsthatthereisconsiderableworkformanytodotoensurethatdevicesdonotbecomethevulnerablepointintheircybersecuritystrategy.

Japanislanguishingatthebottomofthereadinessleaguetablewith56%ofitscompaniesfallingintotheBeginnercategory.NewZealand(45%)andSouthKorea(48%)donotfaremuchbetterandcompaniesinallthreecountriesshouldtakenoteofthepotentialriskstheyruniftheydonotacceleratetheirdevicesecuritystrategy.TherisksareparticularlyacuteinJapanwith80%ofcompaniesstillnotplanningtodosoforatleast12monthsandmany(60%)arestilltosecurethebudgetfortheseprograms.

Bycontrast,Indonesiaisalongwayinfrontofthereadinessstakeswiththreeoutoffivecompanies(59%)fallingintotheMaturecategory.Brazil(45%)andSouthAfrica(44%)areothernotableperformers.

Readinesstoprotectdevices

31%

Progressive13%

Formative

Beginner

11

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

ProtectingNetworks

Globally,cyberattacksareontherise.Fromtelecomstotechnologyorganizationsandretailers,attackshaveleftnetworksvulnerabletoexploitation.Theresult:billionsofdatasetshavebeenexposedacrosstheworld.

Atthelastcount,therehadbeenmorethan4,000publiclydiscloseddatabreaches1inthefirstthreequartersof2022alone–asignificantincreaseonthepreviousyear.Andthelikelihoodisthatthisisjustthetipoftheiceberg–withthousandsmoredatabreachestakingplaceinlesswell-knownorganizations.

Today’shybridworkingenvironmentcallsforflexibilitynotonlyinthenumberandtypeofdevicesthatemployeesuse,butalsoinwheretheyloginfrom,andwherethedatatheyneedtoaccessisstoredandprocessed.Thegrowthofcloudstrategies–abedrockofhybridworking–meansthatemployeesneedtobeabletoroamacrossmultiplenetworksthroughouttheirday,renderingthenetworkmorevulnerabletocyberattacks.

Fortunately,ourrespondentsrecognizetherisk;networkprotectionrankssecondinthelistoftheirtopfivepriorities.

Mosthaveoptedtousefirewallswithbuilt-inIntrusionPreventionSystems(IPS).Morethantwo-thirds(69%)offirmsinoursurveysaidtheyhaddeployedthiscapability,withnetworksegmentationpoliciesbasedonidentityrankingnumbertwo(61%saidtheyhavedeployedthis),andNetworkBehaviorAnomalydetectiontoolsclosebehindat60%.PacketCaptureandSensorTools,though,comeadistantfourthat31%.

However,theissueisthatthescaleofdeploymentisnotkeepingpace.Ofthosecompaniesthathavefirewallswithbuilt-inIPS,only56%havefullydeployed,andonly64%ofcompanieshavefullydeployednetworksegmentationpolicies.

1.

/attacks/articles/the-biggest-data-breaches-and-leaks-

of-2022

12

CiscoCybersecurityReadinessIndex

ResilienceinaHybridWorld

Progressive25%

Formative

Regardlessofwherecompaniessitintheirdeployment,andwhichtechnologytheyuse,therearesomeveryrealissueshighlightedbyourindexwhichshowsthatdespitecompaniesratingnetworkprotectionastheirnumbertwopriority,most(56%)areeitherintheFormativeorBeginnercategoryandjust19%sitintheMaturecategory–themostadvancedstateofreadiness.

ThisshouldbeaclearsignaltoCISOs,CTOsandevenCEOsthatmoreworkneedstobedonetoensureorganizationsarebetterpreparedtoprotecttheirnetworks.

Despitecompaniesrating

networkprotectionastheirnumbertwopriority,most(56%)areeitherintheFormativeorBeginnercategoryandjust19%sitintheMaturecategory.

TheproblemismostacuteinJapanwhere82%ofbusinessesfallintotheleastpreparedcategories.HongKongandItalyarenottoofarbehindwith72%intheFormativeorBeginnerclassification.

Bycontrast,someofthelessdevelopednationsinourresearcharemostreadytoprotecttheirnetwork.Perhapsthisstemsfromtherecognitionthatfailingtoprotecttheirnetworkspresentsanexistentialthreat.Whateverthetrigger,though,Indonesiatopsthereadinessrankingswithseveninten(69%)fallingintothetoptwocategories.Thailandissecondbestpreparedwithsixinten(60%)readytomeetthethreat.

Oneofthethingsthatcompaniesneedtoconsideristhatasbusinessmodelsmovefromstatictodynamic,andhybridworkbecomesthenorm,networksecuritymustkeepup.TheyneedtolookatnovelapproachessuchasSecureAccessServiceEdge(SASE)tobeadequatelypreparedtotackletheriskstheseshiftspresent.

SASEcombinestraditionalnetworksecurityfunctionswithsoftware-definedwide-areanetworking(SD-WAN)capabilities.Itallowsorganizationstoprovidesecureandreliableaccesstocloud-basedapplicationsandservicesforremoteworkers,regardlessoftheirlocation.SASEalsoallowsorganizationstoimplementsecuritypoliciesthatarespecifictotheuser,device,andapplication,ratherthanjustthenetwork.Thesurveydidshowpositivesignsthatcompaniesarelikelytocontinuetoimproveonthisfront.Amongthecompaniesthatarestilldeployingnetworksecuritysolutions,half(50%)saidt