By Marco Eggerling, Global CISO at Check Point Software Technologies Ltd.

Today’s workplace is no longer defined by office walls. IT and security teams must therefore rethink their approach to access and protection. This is where SASE (Secure Access Service Edge) comes in: an architecture that brings network and security services together in a unified, cloud-based platform. Since its introduction a few years ago, SASE has rapidly gained traction and is now essential for any organisation with remote and hybrid teams.

But what is behind the surge in interest in SASE?

1. The rise of the hybrid workforce

48 per cent of knowledge workers are hybrid or remote, and 60 per cent of companies with more than 500 employees use a hybrid working model. These employees need to connect from anywhere—their home, the airport, a customer’s site—and still be able to securely access corporate applications. Traditional security tools designed for data centres and fixed perimeters cannot keep up.

SASE addresses this challenge head-on by delivering security controls such as secure web gateways (SWG), SaaS security and zero trust network access (ZTNA) as cloud services, complemented by software-defined wide area networking (SD-WAN) to optimise traffic routing in branch offices.

2. Cloud-first and SaaS-everything

Organisations rely on SaaS applications such as Salesforce, Microsoft 365 or Workday for most of their daily activities, while public cloud spending is skyrocketing and is expected to grow by 21.5 per cent in 2025. With this acceleration comes a growing need to secure access without having to route all traffic through an enterprise data centre.

SASE platforms provide direct cloud access with built-in security features, including encrypted site-to-site tunnels and dedicated IP addresses. By integrating SD-WAN, the company benefits from dynamic path selection and optimised connectivity to cloud platforms. This ensures not only secure but also high-performance access. The result is a seamless user experience that is robust, intelligent and secure.

3. The shift beyond the traditional perimeter

With data, users and devices now scattered far beyond the corporate firewall, the idea of protecting everything with a fixed security perimeter is appealing but outdated. SASE follows a security-everywhere model, where policies are applied based on identity, device state, location and risk level, rather than static network boundaries.

This zero-trust mindset, where neither users nor devices are trusted by default, is essential for every organisation. SASE enables the implementation of zero-trust principles at scale, in both remote and local environments. SD-WAN, in turn, enables organisations to segment traffic across branches and enforce policies at the edge. This makes the network both secure and adaptable.

4. The drive for consolidation

Many IT and security professionals have to deal with dozens of unconnected point solutions, including firewalls, VPNs, SWGs, DLPs, endpoint agents and proxies. These fragmented tools are difficult to manage, expensive to maintain and create security gaps.

SASE consolidates networking and security into a single cloud-native platform, providing simplified operations, greater visibility, and consistent policy enforcement. By incorporating SD-WAN into SASE solutions, IT teams can also optimise branch connectivity and reduce reliance on expensive and complex MPLS connections.

This trend is reflected in current industry figures. According to the Dell’Oro Group, global SASE revenues totalled $2.6 billion in the first quarter of 2025, representing a 17 per cent increase over the previous year. Notably, SASE solutions from single vendors saw a 21 per cent jump, underscoring the high demand from enterprises for platform consolidation.

5. Regulatory pressure and risk management

With increasing pressure to comply with frameworks such as GDPR, HIPAA, CCPA and NIS2, enterprises must demonstrate stricter access controls, encryption, segmentation and monitoring.

SASE helps organisations achieve their compliance goals through centralised logging, data auditing, segmentation and least-privilege access. SASE enforces consistent data protection policies for all users and devices, supporting GDPR, HIPAA and CCPA requirements for protecting personal and sensitive data. At the same time, integrated monitoring, encryption and identity-based access controls meet NIS2 requirements for incident detection, access control and risk management. By centralising visibility and policy compliance, SASE reduces compliance gaps and simplifies audits across different regulatory frameworks.

What’s next for SASE?

SASE has long been more than just a concept for early adopters. A market study by Cybersecurity Insiders for the year 2025 revealed the following:

• 32 per cent of companies have already implemented SASE.
• 31 per cent are currently evaluating solutions.
• 24 per cent plan to start implementation within the next year.

The conclusion is therefore that the majority of companies now regard SASE as a strategic investment to support their distributed workforce and secure their digital operations. Instead of accumulating a proliferation of security solutions, they prefer to rely on a consolidated security architecture, where most of the components come from a single source and are therefore coordinated and centrally controlled. This simplifies handling and prevents security gaps and blind spots caused by overlaps or poor coordination.

Follow Check Point on:

LinkedIn: https://www.linkedin.com/company/check-point-software-technologies