{"id":5859,"date":"2023-12-20T16:36:42","date_gmt":"2023-12-20T21:36:42","guid":{"rendered":"https:\/\/solutionsreview.com\/network-monitoring\/?p=5859"},"modified":"2023-12-20T16:37:06","modified_gmt":"2023-12-20T21:37:06","slug":"casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/","title":{"rendered":"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-5860\" src=\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg\" alt=\"SaaS\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg 800w, https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8-300x150.jpg 300w, https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8-768x384.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p><strong><em>Solutions Review\u2019s\u00a0<a class=\"fui-Link ___1idfs5o f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1hu3pq6 f11qmguv f19f4twv f1tyq0we f1g0x7ka fhxju0i f1qch9an f1cnd47f fqv5qza f1vmzxwi f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh ftqa4ok f2hkw1w fhgqx19 f1olyrje f1p93eir f1h8hb77 f1x7u7e9 f10aw75t fsle3fq f17ae5zn\" title=\"https:\/\/solutionsreview.com\/solutions-review-contributor-guidelines\/\" href=\"https:\/\/solutionsreview.com\/solutions-review-contributor-guidelines\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Link Contributed Content Series\"><u>Contributed Content Series<\/u><\/a> is a collection of contributed articles written by thought leaders in enterprise software categories. Guy Guzner of <a href=\"https:\/\/www.savvy.security\/\" target=\"_blank\" rel=\"noopener\">Savvy<\/a> casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity.<\/em><\/strong><\/p>\n<p>The recent SEC bulletin that specified new cybersecurity requirements and annual disclosures for public companies is causing quite a stir in boardrooms, IT departments, and cybersecurity circles. This ruling is a game-changer in corporate governance, placing a significant burden on companies&#8217; incident response.<\/p>\n<p>It also highlights the pressing need for organizations to address the growing prevalence of Software as a Service (SaaS). The unchecked expansion of SaaS exposes organizations to new vulnerabilities that are both complex and hard to control. We refer to this phenomenon as the &#8216;secret life of SaaS,&#8217; underlining the challenges of managing these digital ecosystems.<\/p>\n<h2><strong>Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity<\/strong><\/h2>\n<hr \/>\n<h3><strong>Revealing the Challenge<\/strong><\/h3>\n<p>The rise of SaaS platforms like Slack, Microsoft Teams, and Asana has revolutionized how businesses operate by offering specialized solutions for a wide range of functions, from project management to HR and finance. While these tools provide unparalleled convenience, their widespread adoption has led to what we call &#8216;SaaS sprawl.&#8217;<\/p>\n<p>This phenomenon represents the rapid and extensive integration of SaaS within organizations. Unlike traditional applications that require constant maintenance, SaaS tools may seem simpler on the surface. However, their decentralized nature presents new visibility and control challenges, making it difficult to enforce security policies on identity hygiene and sensitive data transmission and storage.<\/p>\n<p>Imagine a puzzle where the pieces, represented by various SaaS tools, operate independently and don&#8217;t quite fit together seamlessly. This decentralized approach allows departments to select the best tools for their needs but often comes at the expense of proper security measures. Issues such as mismatched identity standards, data privacy, and the extensive work required to gain oversight become daunting obstacles for security operations teams.<\/p>\n<p>To make matters worse, employees often use unsanctioned SaaS to increase productivity, sometimes intentionally disregarding security protocols. According to a recent Gartner survey, 69 percent of employees have ignored their organization&#8217;s cybersecurity guidance in the past 12 months, and 74 percent said they would bypass cybersecurity to achieve a business objective. At the heart of these challenges lies the critical issue of data security because unsanctioned SaaS operates in the shadows without much oversight.<\/p>\n<h3><strong>The Renewed Significance of Shadow SaaS<\/strong><\/h3>\n<p>Unfederated SaaS, also known as Shadow SaaS, occurs when employees don&#8217;t use Single Sign-On (SSO) and operate without IT or security team oversight. This presents challenges in maintaining visibility and control, thereby risking data security. While shadow SaaS has always been an issue, the rise of generative AI applications has exacerbated the worst-case scenarios.<\/p>\n<p>Consider a situation where a team member utilizes a generative AI tool, such as ChatGPT, to draft or rework a highly confidential document or optimize proprietary code. Currently, there are no laws to determine whether the generative AI platform or the company owns the output of those queries. These gray areas make controlling SaaS environments even more important because there may be retroactive consequences years down the line.<\/p>\n<p>The specter of shadow SaaS also lurks within sanctioned SaaS environments. If employees choose to log in through methods other than SSO, companies can lose visibility, even when the company has accepted the application into its environment.<\/p>\n<h3><strong>Empowering Smart Decision-Making<\/strong><\/h3>\n<p>To address the multidimensional challenges posed by SaaS sprawl, organizations are actively seeking innovative solutions. Federated SaaS security appears to be an attractive proposition, offering the promise of a unified security framework across diverse SaaS applications. However, as mentioned earlier, getting all employees to use SSO can be challenging. Implementing federated SaaS can lead to scalability and integration challenges.<\/p>\n<p>Achieving full buy-in for federated SaaS requires companies to take a proactive stance and gain true visibility and control over their environment. They need to invest in technologies that provide real-time guidance and support for employees and encourage them to practice good identity hygiene by signing up and signing in the right way. This approach aims to strike a delicate balance between security imperatives and the need for user productivity.<\/p>\n<p>It seeks to harmonize with human judgment, fostering a symbiotic relationship between users and security protocols. It&#8217;s not just about safeguarding data but also cultivating a culture of informed decision-making. By empowering users to make smart choices, these innovations pave the way for tackling the complexity of SaaS security.<\/p>\n<h3><strong>Compliance and Navigating the Maze<\/strong><\/h3>\n<p>As the SEC ruling reshapes cybersecurity disclosures and SaaS continues to expand, organizations must embrace innovative solutions that employ user-centric cybersecurity strategies. Comprehensive visibility and control of SaaS ecosystems, coupled with security measures, are imperative to successfully navigate these challenges and adapt to regulatory shifts in the digital age. Furthermore, organizations striving to comply with new cybersecurity disclosure requirements must also grapple with the complexities of their SaaS landscapes, both sanctioned and shadow, to protect their data and maintain compliance in an ever-evolving digital world.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Solutions Review\u2019s\u00a0Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Guy Guzner of Savvy casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity. The recent SEC bulletin that specified new cybersecurity requirements and annual disclosures for [&hellip;]<\/p>\n","protected":false},"author":1001,"featured_media":5860,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1,21],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity<\/title>\n<meta name=\"description\" content=\"Guy Guzner of Savvy casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity\" \/>\n<meta property=\"og:description\" content=\"Guy Guzner of Savvy casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Network Monitoring Vendors, Software, Tools and Performance Solutions\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-20T21:36:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-20T21:37:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Guy Guzner\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Guy Guzner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/\",\"url\":\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/\",\"name\":\"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg\",\"datePublished\":\"2023-12-20T21:36:42+00:00\",\"dateModified\":\"2023-12-20T21:37:06+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/#\/schema\/person\/4097b4c85bee7e49073ae4fcca2550a9\"},\"description\":\"Guy Guzner of Savvy casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg\",\"width\":800,\"height\":400,\"caption\":\"SaaS\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/network-monitoring\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/#website\",\"url\":\"https:\/\/solutionsreview.com\/network-monitoring\/\",\"name\":\"Best Network Monitoring Vendors, Software, Tools and Performance Solutions\",\"description\":\"Solutions Review Network Monitoring\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/network-monitoring\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/#\/schema\/person\/4097b4c85bee7e49073ae4fcca2550a9\",\"name\":\"Guy Guzner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/network-monitoring\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/Guy-Savvy-scaled.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/Guy-Savvy-scaled.jpg\",\"caption\":\"Guy Guzner\"},\"description\":\"Guy Guzner has over 25 years of experience with network security products, and began his career managing large product teams in engineering and security with Check Point Software Technologies. While working at Check Point Software Technologies, Guy built security product strategies and led the development life cycle of a successful product portfolio with over $1.5B in annual revenues. In 2014, he cofounded Fireglass, a browser-isolation startup acquired by Symantec in 2017. Guy completed the Executive Program in Leadership from Stanford University Graduate School of Business.\",\"sameAs\":[\"https:\/\/www.savvy.security\/\"],\"url\":\"https:\/\/solutionsreview.com\/network-monitoring\/author\/guzner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity","description":"Guy Guzner of Savvy casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/","og_locale":"en_US","og_type":"article","og_title":"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity","og_description":"Guy Guzner of Savvy casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity.","og_url":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/","og_site_name":"Best Network Monitoring Vendors, Software, Tools and Performance Solutions","article_published_time":"2023-12-20T21:36:42+00:00","article_modified_time":"2023-12-20T21:37:06+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg","type":"image\/jpeg"}],"author":"Guy Guzner","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Guy Guzner","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/","url":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/","name":"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity","isPartOf":{"@id":"https:\/\/solutionsreview.com\/network-monitoring\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg","datePublished":"2023-12-20T21:36:42+00:00","dateModified":"2023-12-20T21:37:06+00:00","author":{"@id":"https:\/\/solutionsreview.com\/network-monitoring\/#\/schema\/person\/4097b4c85bee7e49073ae4fcca2550a9"},"description":"Guy Guzner of Savvy casts a light to dispel the shadows and reveal the secret life of SaaS apps in the realm of cybersecurity.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#primaryimage","url":"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg","contentUrl":"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/5-8.jpg","width":800,"height":400,"caption":"SaaS"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/network-monitoring\/casting-light-on-the-shadows-the-secret-life-of-saas-in-cybersecurity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/network-monitoring\/"},{"@type":"ListItem","position":2,"name":"Casting Light on the Shadows: The Secret Life of SaaS in Cybersecurity"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/network-monitoring\/#website","url":"https:\/\/solutionsreview.com\/network-monitoring\/","name":"Best Network Monitoring Vendors, Software, Tools and Performance Solutions","description":"Solutions Review Network Monitoring","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/network-monitoring\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/network-monitoring\/#\/schema\/person\/4097b4c85bee7e49073ae4fcca2550a9","name":"Guy Guzner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/network-monitoring\/#\/schema\/person\/image\/","url":"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/Guy-Savvy-scaled.jpg","contentUrl":"https:\/\/solutionsreview.com\/network-monitoring\/files\/2023\/12\/Guy-Savvy-scaled.jpg","caption":"Guy Guzner"},"description":"Guy Guzner has over 25 years of experience with network security products, and began his career managing large product teams in engineering and security with Check Point Software Technologies. While working at Check Point Software Technologies, Guy built security product strategies and led the development life cycle of a successful product portfolio with over $1.5B in annual revenues. In 2014, he cofounded Fireglass, a browser-isolation startup acquired by Symantec in 2017. Guy completed the Executive Program in Leadership from Stanford University Graduate School of Business.","sameAs":["https:\/\/www.savvy.security\/"],"url":"https:\/\/solutionsreview.com\/network-monitoring\/author\/guzner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/posts\/5859"}],"collection":[{"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/users\/1001"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/comments?post=5859"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/posts\/5859\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/media\/5860"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/media?parent=5859"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/categories?post=5859"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/network-monitoring\/wp-json\/wp\/v2\/tags?post=5859"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}