The pressure on CIOs and CFOs to make future-proof IT decisions continues to rise. These decisions go beyond which applications to invest in for staff and customers and which cloud to house them in – they need bullet proof network security for people working in the office and at home. To add to these challenges, there are multiple vendor voices shouting in acronyms and jargon, trying to control the security and network narrative. Now, there’s another acronym for us all to absorb: SASE (Secure Access Service Edge).

So what on earth is SASE all about?

Put simply, SASE bundles a range of security and network services you’d buy separately today, and makes them a single service. That means it’s easier to manage, has a user-based costing design, and reduces security risks for businesses.

In the last few years, we’ve seen a global shift from legacy data networks to modern SD-WAN driven networks. This has introduced a material shift to the security landscape, with increased regulatory obligations for businesses and increased risk awareness, at the board level, creating pressure to achieve compliance requirements.

Among the many differences between SASE providers and their value propositions, there’s one which will divide the market unequivocally over the next year, with a clear winner: will security be delivered at a device level at the branch, or will it be delivered in the cloud?

Vendors are aligning clearly with one team or the other, and we can expect an interesting fight to control the narrative as the year progresses. It’s unsurprising that vendors who have been device makers historically are throwing their hat into the “security on the box” ring, pushing companies to buy bigger, more expensive boxes. Vendors specialising in the cloud are naturally arguing that security management belongs there, and hence we should be investing in more monthly recurring user services.

A choice to be made, today.

Today, as a CIO, I suspect you may find yourself sitting on the fence, with ten or more tools at your disposal to deliver security: a mix of “on the box” and “in the cloud”. If there’s one strategy decision you can make now to prepare for navigating your next security and networking decisions over the coming year, it’s which side of the fence should you choose. Your security strategy and your investment decisions will both sit fairly and squarely on that decision. As you step onto the path towards a SASE architecture, it’s worth noting you’ll also end up with vendor consolidation by default. While you may be able to integrate multiple solutions, the real benefit of SASE is single policy management and cost certainty at a per-user level. The path you head down now will dictate many other decisions you make concerning your network and its security design.

For what it’s worth, my money is on the cloud team in this battle. They have the high ground, scalability, and they’re not carrying the legacy economic model of “box” revenues to sustain.