Enterprises individually face the third largest economy of the world after those of the US and China—the cybercrime economy that is growing 15% each year. It was a $3 trillion industry in 2015 and will grow to a $10.5 trillion industry by 2025. The cybercrime economy already costs the real and productive global economy a trillion dollars in damages annually.
Enterprises also face a bewildering range of cybersecurity solutions that tackle different layers and areas of the cyberthreat landscape, as well as increasing demands for compliance from regulators, shareholders, and insurance companies.
In response to these major challenges for enterprises worldwide, MEF has developed and published industry standards and delivered a new, modular MEF 3.0 SASE Certification program underpinned by those standards. Together, these standards and certification program help service providers deliver cybersecurity services that protect their enterprise customers in the constantly evolving worlds of cybercrime and cybersecurity.
MEF is publishing and continuously developing standards in the three core areas of cybersecurity—SASE, Zero Trust, and SD-WAN—including:
These MEF standards enable all stakeholders to use the same terminology and core concepts on which to build solutions that shrink the attack surface of enterprises by minimizing vulnerabilities introduced by bespoke, proprietary approaches to cybersecurity.
SASE Certification = SD-WAN Certification + SSE Certification + Zero Trust Certification
MEF’s SASE certification is an aggregate of the certification of the underlying components of one or more of the following:
MEF’s approach to certification of cybersecurity service providers is modular.
Under the unifying umbrella of SASE (Secure Access Service Edge), service providers can certify their service’s effectiveness in the following scorecard categories:
Based on the score achieved, the certifying company achieves a badge displayed on the MEF website.
The current SASE certification program enables technology vendors to test and confirm they have the necessary, validated SD-WAN, Zero Trust, and SSE components to enable high-performance SASE services. Meanwhile, service providers can show they are using the certified SD-WAN, Zero Trust, and SSE components for their SASE services through inheriting the certifications of their vendors.
CyberRatings.org is a nonprofit organization formed by former executives from NSS Labs to provide transparency through testing.
NSS Labs was an independent analysis and testing company recognized around the world for its fact-based cybersecurity guidance. Vikram Phatak, founder of CyberRatings.org, was CEO of NSS Labs from 2007–2018.
Launched in December 2020, CyberRatings acquired the assets of NSS Labs to jump start its testing program. Initial testing began in a dedicated data center followed by a physical lab now running in Austin, Texas.
CyberRatings’ proprietary ratings system (similar to Moody’s) provides guidance on the capabilities of products and services in a language understood by all.
MEF 3.0 SASE certifications for services enables service providers to establish a standards-compliant presence within a federation of automated networks.