ChatGPT SASE Catalyst For Netskope

ChatGPT SASE Catalyst For Netskope

Summary

  • Netskope is SASE leader that has raised $1.4bn and will probably proceed with an IPO when economic uncertainty subsides and the markets recover somewhat.
  • In this short note, we discuss how ChatGPT will be a strong catalyst for Netskope outperforming the current SASE leader, Zscaler.
  • We discuss Netskope's two competitive advantages - its data-centric security and its global network - and the likely resurgence of importance of CASB within the SASE industry.

Hypothetically, if Netskope was publicly traded and trading at a similar multiple to Zscaler, we would advise investors to enter a long/short trade on the pair. And this would be largely on the thesis that ChatGPT will be a significant catalyst for Netskope in the SASE market.

For institutional investors interested in a chat about Netskope and Zscaler, or any other SASE player, book a 30 minute call.

Alternatively, wait for upcoming reports on the SASE and broader network security markets.

ChatGPT’s impact on data security

When we think about the Consumerization of IT, it is inevitable that ChatGPT will eventually be used extensively in the workplace. Just think of all the devices and applications - such as laptops, iPhones, iPads, social media, cloud storage, WhatsApp, etc. – that started with consumers and then expanded to also being used in a professional capacity. ChatGPT will be no different.

And in fact, ChatGPT is already in heavy use in the workplace, providing employees with major productivity boosts. A major problem surfacing, however, is that of copying confidential corporate data and pasting it into ChatGPT. Some may do this ignorantly, negligently, or do it knowing full well that they should not, but cannot resist the productivity gains. Though, despite whatever the reason, standard DLPs (Data Loss Prevention) cannot detect this method of data sharing with a third-party application.

In the past few weeks there have been a growing number of reports concerning employees pasting confidential data into ChatGPT. Employees at a Samsung semiconductor plant leaked confidential yield data to the public as they inputted source code into ChatGPT to identify and eliminate bugs and to optimise a program. Another Samsung employee used the AI chatbot to summarise minutes from a meeting, which got leaked to the public. J.P. Morgan and Verizon have reportedly banned the use of ChatGPT altogether, while Amazon has disseminated warnings and policies to its staff for using ChatGPT.

Cyberhaven’s research indicates that sensitive data represents 11% of what employees paste into ChatGPT. This is a significant percentage and gives a strong sense that these events are just the tip of the iceberg. It is very likely we’ll soon hear about a number of significant data leaks with grave consequences. The crux of the issue is that ChatGPT does save data inputted as part of its knowledge base. OpenAI’s terms of use state that user input may be used to “develop and improve its services”, unless the user opts out from having their data used to train the model. So, it is not beyond the realm of possibilities that something confidential inputted by one user will be used as a generated response to another user at a later date.

In essence, the widespread usage of ChatGPT increases the odds of data leakages by orders of magnitude. Most DLP solutions (either those incorporated into CASBs or those that are legacy on-prem) are designed to identify and block the transfer of certain files and certain recognizable PII (e.g., SSN, credit card numbers, passports, etc.). They would not be able to detect the innumerable nuances, ambiguities, and interpretations of confidential data fed into ChatGPT. Therefore, at present the high majority of orgs are at an elevated risk and urgently need to consider the roadmap of their incumbent DLP vendor, or consider going with a BoB DLP vendor. This is why we believe Netskope has a huge opportunity as they have the best DLP solution in the market. As CASB is a major component of the SASE market (actually 1 of the 3 components of Secure Service Edge, or SSE), Netskope’s prowess in advanced data security could be a game changer in the wake of ChatGPT.

Netskope’s Edge

Netskope’s competitive advantages comes from two areas: its prowess in data-centric security and its highly performant global network. And the latter enables the former.

Data-Centric Security

Unlike many other SASE players that originated in network security, Netskope originated in SaaS application security (i.e., CASB). In fact, Netskope have the claim of being one of the category-defining vendors of CASB during the 2010s. The company was founded in 2012, the same year Gartner first defined the category, and became a Magic Quadrant leader a few years later. In our opinion (and I’m sure we’re not alone), Netskope is the standard setter in the CASB space, as they are constantly pushing the boundaries of innovation. It is without question that they have the most comprehensive data security suite that covers:

  • Visibility >>> gaining 360 degree visibility of all types of data, where they are stored, and assessing the current and appropriate level of protection.
  • Context >>> understanding the context surrounding interactions with data-at-rest and data-in-motion; that is, the who, what, where, when, why and how.
  • Prevention >>> identifying sensitive data and preventing malicious exfiltration; policy and best practice templates for governing and securing data; preventing serious repercussions of negligent handling of sensitive data; various data encryption options.
  • Detection >>> detecting data policy violations, malware attacks, malicious exfiltration, as well as malicious insider activity.
  • Compliance >>> providing clear guidance and templates for becoming and remaining compliant with respect to the various data and cybersecurity laws.
  • Coaching >>> real-time advice to users concerning the risks of interacting with certain data and applications.

The technology supporting the breadth of their DLP offering include the 3000+ data identifiers, the understanding of 1500+ file types, file/binary fingerprinting, metadata analysis, Exact Data Matching (or EDM), and Optical Character Recognition (or OCR). In addition, Netskope utilizes advanced ML to classify data across varied document and image types, such as patents, tax forms, screenshots, passports, and even whiteboard images, which greatly reduces the false positives compared to traditional regex and pattern matching techniques. All of this culminates in them being substantially more effective at managing ChatGPT data security risk than all other CASB/DLP/SASE vendors.

The reason Netskope has such a wide margin of advantage over other CASB and SASE rivals is simply because there are no shortcuts when it comes to building expertise in handling data. There are countless types of data, countless ways data can be accessed maliciously, and countless ways to protect and govern data. Many SASE players originating from network security, made a beeline for CASB when Gartner included it in their SASE definition in 2019. Netskope already had several years of experience in building a data-centric cloud-native cybersecurity platform, whereby they built a market-leading CASB with a pioneering DLP incorporated. Ultimately, this is why they have such a technological lead over other CASB names – both the pure-play CASBs and those CASBs incorporated into broader SASE offerings.

Netskope has taken a first principles approach to building more effective cybersecurity. They began life as a vendor primarily focusing on securing data itself and then building other layers of security (i.e., to stop the bad actors from getting to the data) on top. Perhaps this could be described as an inside-out approach. Conversely, many competitors, especially including the SASE rivals with the network security background, began life primarily focused on stopping the bad guys from getting to the data, and subsequently built up capabilities closer to the data itself. This could be interpreted as an outside-in approach.

Both approaches to cybersecurity are valid and have proven effective. However, the unit of currency for cybercriminals is the data. So, when one contemplates the growing IT sprawl, dispersed workforces, and the exponential growth of data – in volume, velocity, and variety – it makes more sense to have a data-centric security approach. This is because it is becoming increasingly impossible to stop the bad guys getting to the data, but orgs can make it impossible for them to use, move, corrupt, or destroy the data when they get to it.

Global Network

Conducting Netskope’s level of data inspection and compute inescapably adds costs and latency to network operations. So, Netskope was acutely aware that if they wanted to become the number one data-centric security vendor, they also needed to build their own globally dense network, and fine-tune it in order to offset the costs and latency of their data-centric operations. This is where the NewEdge comes in, which is Netskope’s highly performant global network architected by Joe DePalo, a former Global Head at AWS with tons of Internet backbone engineering experience. NewEdge leverages SD-WAN, edge compute, and peering with the likes of Google, AWS, Microsoft, and Meta, and major ISPs, to bring extremely low latency and a highly impressive five 9s of uptime and availability to their SLA.

What is important for readers to note, is that ChatGPT has been designed primarily for consumers. OpenAI and Microsoft released an enterprise version of ChatGPT in March 2023, but this will likely be limited in regards to API functionality for the foreseeable future. This means that an out-of-band CASB for an enterprise ChatGPT will not be available for quite a while. Therefore, the only way to apply a CASB to ChatGPT is with an inline method, whereby the CASB sits alongside other solutions such as SWG and ZTNA (altogether forming the SSE part of SASE) and intercepts and inspects traffic as it travels from source to destination.

When we consider the compute requirements to sort through the intricacies of data movements to and from ChatGPT, any org using an inline CASB for ChatGPT is going to experience a network performance hit. This is why we strongly surmise that Netskope's NewEdge will be another strong differentiator in the SASE market. Many competitors won't have the data security capabilities to safeguard data when using ChatGPT in the first place, but for those vendors that do, then they will be adding significant network costs and latency to their customers. (Another note is that most inline CASB vendors have their CASB located in the cloud, whereas Netskope has it located at their edge PoPs - another latency advantage.)

To summarise, Netskope brings a significant user experience advantage thanks to their NewEdge. And this advantage will become even bigger and clearer when increasingly more people use ChatGPT in the workplace, and more and more enterprises begin using their inline CASB on ChatGPT.

The Rising Importance of CASB within SSE

In the SASE, or recently rebranded SSE market, Zscaler followed closely by Palo Alto Networks have been the major winners. SSE contains SWG, ZTNA, and (inline) CASB, and because of the booming popularity of SWG and Zero Trust, vendors with more experience in these have outperformed others in the SASE/SSE market. Additionally, perhaps inline CASB caught less attention because of the alternative out-of-band CASB very much in use by orgs using SaaS applications. As Netskope started out as an out-of-band CASB player, and then subsequently expanded to inline CASB, SWG, and ZTNA, they have had a disadvantage versus Zscaler and Palo Alto Networks.

However, if ChatGPT turns the tables, and makes inline CASB (it is inline CASB that is used for ChatGPT) the SSE solution that gains the most attention, then the SASE market dynamics could reverse in favour of Netskope quite dramatically.

For more information on Netskope, book a 30 minute call with us to discuss. Alternatively, you can wait for our SASE report scheduled to be published at convequity.com in a couple of weeks.