December 09, 2021 | Mike Frane

How to Defend Your Network Against Holiday Cyberattacks with SASE

Other WE Blogs
Mike Frane, VP of Product Management

Mike Frane

Mike is responsible for the company’s overall SD-WAN strategy, as well as the network and security service portfolios. Since joining WE in 2008, he’s overseen the launch of MPLS IPsec access elements, Secure WiFi & Analytics, Unified Communications and more.
Summary: This holiday season, hope for the best but prepare for the worst. These are the security measures retailers and other businesses should be considering to fend off holiday cyberattacks.

For retailers and other e-commerce-dependent businesses, the approach of the holiday season brings sugar-plum visions of unbroken supply chains, seamless customer journeys and sales numbers that far surpass projections. However, at the risk of sounding like grumpy old Ebenezer at the Scrooge & Marley holiday party, it also should bring those businesses a heightened sense of urgency in how they protect themselves from cyberattacks.

With the holidays upon us, there’s too much at stake for businesses not to take the necessary steps to shore up security around their network infrastructure, data, applications and users. The risk of attack by ransomware, malware and DDoS (distributed denial of service) is all too real. Close to half—44%—of the mid-sized retail enterprises surveyed by Sophos were victimized by some type of ransomware attack in 2020. Meanwhile, DDoS attacks increased 55% between January 2020 and March 2021.

The gift of security

What security measures should businesses be considering to protect their holiday sales season from a potentially ruinous attack? For starters, many of our retail customers are migrating to a Software-Defined Wide-Area Network, or SD-WAN. This cloud-based architecture not only brings resiliency, reliability, cost-efficiency and scalability, but also offers multiple layers of security.

With cybersecurity threats growing in complexity, variety and frequency, businesses and their IT departments would be wise to consider an integrated approach to protecting their network infrastructure. Using SD-WAN in tandem with an emerging construct called Secure Access Service Edge, or SASE, brings robust, multi-layered, cloud-based cybersecurity right out to the network edge to meet those threats.

SASE is the real deal for retailers and any business that has online channels, users, data and assets worth protecting. It collapses the networking and security stack into an easily managed, unified offering that makes life much harder for attackers and much more secure for businesses. My suggestion: Put a SASE framework discussion on your tech roadmap. It could prove to be one of the best cybersecurity investments your business makes.

Deck the halls with these security services

Businesses need proper protection to defend their network and critical data, which is why enterprises are adding the following SASE solutions to their wish lists:

  • A Firewall-as-a-Service (FWaaS) is another security layer to consider. It offers protection at cloud scale, ensuring scalability, elasticity and simplified policy management.
  • Secure Web Gateways (SWG) provide an additional protective layer against ransomware and other threats. Utilizing capabilities like SSL inspection, URL filtering and sandboxing, SWGs protect online devices from infection and enforce company policies to filter malware from user-initiated Internet traffic.
  • A Cloud Access Security Broker (CASB) also protects against attacks—data breaches as well as malware—preventing attackers from accessing and compromising cloud resources and applications by employing adaptive access control, identity verification and other data loss prevention capabilities.
  • Zero Trust Network Access (ZTNA) is another powerful weapon against cyberthreats like ransomware. Based on a “trust-nothing” premise when authenticating users seeking access to specific services or applications on a network, ZTNA is a critical tool for vetting users, devices, locations, etc., especially in situations where remote users are connecting directly to apps.

Don’t let the Cyber Grinch ruin your holidays

When it comes to securing a network and the assets and users attached to it, doing something is better than doing nothing at all. CBS News reported that 89% of surveyed global businesses indicated they were concerned about cyberattacks ahead of the holiday season—however, 36% had no “specific contingency plan in place to mount a response.”

Don’t be a part of that 36%. Whether implemented piecemeal or as part of an integrated security approach such as SASE, these capabilities function like the security cameras in a brick-and-mortar store, providing the extra eyes and ears that protect a business from the humbug of a holiday hack.


Key takeaway: Cybercriminals don’t take a holiday. Unsupervised IT networks and systems provide a great opportunity for cybercriminals to attack. Businesses should consider upgrading their security strategy to an integrated security approach, such as SASE, to combat cyberattacks now and any time of year.
VP of Product Management

Mike Frane

Mike is responsible for the company’s overall SD-WAN strategy, as well as the network and security service portfolios. Since joining WE in 2008, he’s overseen the launch of MPLS IPsec access elements, Secure WiFi & Analytics, Unified Communications and more.