Organizations no longer treat “hybrid” as a transitional phase. It is the new operating reality in which users, applications, and partners require secure access from everywhere, continuously. This shift has fundamentally changed how secure access must be delivered and sustained. Zero Trust principles – grounding access decisions in identity and continuous verification rather than network location – are now widely accepted. SASE architectures have emerged to deliver these capabilities through unified cloud services. Yet many organizations are still struggling to operate these models consistently at scale.
To understand how leaders are navigating the gap between SASE strategy and day-to-day execution, we surveyed over 500 senior security and IT leaders across the United States and the United Kingdom who are directly responsible for connectivity, security and performance across hybrid environments.
Three key findings illustrate the execution gap:
• Visibility has not kept pace with hybrid complexity. More than 90% of organizations secure users, applications, data centers, and third parties simultaneously. Yet roughly two-thirds cite lack of end-to-end visibility as their top operational challenge, revealing a growing gap between environmental scope and operational control.
• Zero Trust is advancing, but most organizations remain in a middle state. While the market has moved beyond legacy VPN-only access, fewer than one in ten organizations have achieved a fully integrated Zero Trust architecture. Most operate with partial deployment and inconsistent enforcement across environments.
• Execution capacity is the primary constraint. Nearly half of organizations report the parallel operation of VPN and ZTNA as a major operational burden, fragmenting policy and increasing support overhead. In response, roughly four in five now prefer co-managed or fully managed SASE models, reflecting a shift toward operating models designed to absorb integration complexity rather than passing it to internal teams
The market is aligned on the strategic direction of SASE and Zero Trust. What holds back progress is execution capacity. As a result, organizations are reassessing not whether to adopt SASE, but how secure access must be delivered to achieve consistent execution and long-term operational resilience.
Learn more by downloading the report at right.
