Secure Access Service Edge (SASE) promises a streamlined, cloud-native approach to networking and security — one that aligns with how modern organisations work and where their applications now live. But for many businesses, the journey to SASE runs straight into a familiar obstacle: legacy infrastructure and past investments.

Whether it’s on-premises firewalls, MPLS networks, or remote access VPNs, most organisations have spent years — even decades — building robust architectures based on technologies that pre-date cloud-first and hybrid work models. These systems still “work” — but they weren’t designed for today’s digital reality.

Secure Access Service Edge (SASE) is more than a technical upgrade — it’s a rethinking of how organisations connect and protect their digital assets in a cloud-first, hybrid-working world. As such, while the technologies behind SASE often get the most attention, one of the most significant — and frequently underestimated — hurdles to adoption is cultural and organisational change.

For CIOs, CISOs, and Heads of IT or Security, the move to SASE can bring undeniable business benefits: agility, simplified operations, and stronger security. But achieving those outcomes requires more than just a well-crafted RFP or a smooth technical deployment. It requires new ways of working, collaborating, and thinking.

In today’s rapidly evolving digital environment, many organisations are under pressure to transform how they secure and connect their users, devices, and applications. As workforces become more distributed, cloud adoption accelerates, and cyber threats grow in scale and sophistication, traditional network and security architectures are showing their age.

This is where Secure Access Service Edge (SASE) comes into the picture. First defined in 2019, SASE is not just another technology acronym — it’s a strategic architectural shift that combines networking and security functions into a single, cloud-delivered service model. But for leaders, particularly those in CIO, CISO, or “Head of IT” roles, SASE can seem like a sprawling concept with plenty of hype and a complex web of features and vendor claims.

The retail sector is under siege. In recent weeks, several UK high street retailers have been hit by cyberattacks that disrupted operations, disabled payments, and took online ordering systems offline. The impact has ranged from temporary in-store downtime to significant reputational damage.

For retailers who operate at high volume with narrow margins, even a short disruption can be costly — not just in terms of revenue, but in customer trust and brand perception. These incidents serve as a wake-up call that the traditional patchwork of legacy systems and perimeter-based defences is no longer enough.

Introduction

As operational technology (OT) environments become increasingly interconnected, the traditional flat network architectures that have long served industry are now a liability. With cyber threats targeting critical infrastructure and regulatory frameworks tightening, microsegmentation has emerged as a key strategy to reduce risk. But applying microsegmentation in OT isn’t as straightforward as in enterprise IT. While IT environments rely on layered, routed networks and endpoint agents, OT networks are often flat, agentless, and contain legacy systems that cannot be easily adapted.

WARNING!

Underestimating the physical and psychological preparation and the proper clothing and equipment required can have serious and potentially life-threatening consequences!

Ok then, better get training for this then!