In an interview, Andrew Winney, Global Head of Product Management – SD-WAN, SASE, SSE at Tata Communications, speaks with TimesTech on how enterprises are evolving from cloud-first to AI-native operations. He explains why SASE has become the foundation for embedding AI into network and security architectures, enabling real-time policy enforcement, resilience, cost optimisation, and scalable governance across distributed global environments.
Read the full interview here:
TimesTech: As enterprises move from cloud-first to AI-native operations, where does SASE fit in? How is Tata Communications helping organizations embed AI into the network and security fabric rather than treating it as an add-on?
Andrew: As enterprises transition into AI-native organizations by embedding AI into their business models, AI becomes an important attack vector for technology leaders to protect from bad actors. This involves achieving the right level of visibility and control over the role of generative AI and AI agents within the enterprises. Technology leaders need to adopt right strategies to discover holistically the usage of AI across the enterprise, control usage by providing the right level of access and detect potential AI enabled threats
Today most of the leading enterprises have already progressed in adoption of SASE as a single platform to secure access to enterprise resources. It’s the place where identity, policy and live telemetry come together, which is required for securing AI. Today, a large share of enterprise data is generated and processed outside traditional data centers – Nearly 60% of enterprise data is already created and processed outside traditional data centres. With AI, the decisions will also be done outside. With a distributed edge-based policy enforcement architecture, SASE is rightly positioned to secure AI-native organizations.
At Tata Communications, we have simplified the adoption and management of SASE for enterprises as they embarked into journeys such as Zero trust protection, we’ve made a conscious shift away from viewing AI as an add-on. Our SD-WAN 3.0 platform is built to be SASE-first, it brings secure connectivity and cloud-delivered security together and then layers observability, digital twins and AI on top of that unified fabric. This gives AI engines the context they need to continuously fine-tune policies, routing and security postures in line with business intent. The result: operations teams spend less time firefighting and more time focusing on the outcomes that matter.
TimesTech: Many organisations struggle with governance and visibility across their hybrid and multi-cloud environments. How does a SASE-led architecture enable real-time policy enforcement, cost visibility, and operational control at scale?
Andrew: A SASE-first architecture centralises policy, identity and telemetry in a cloud-native control plane that is inherently multi-cloud aware. Because policies are expressed in terms of identity, intent and data sensitivity and because enforcement points (edge, cloud access, service edge) share the same policy store, you get consistent, real-time enforcement across on-prem, public cloud and SaaS. Visibility improves because all the flow, session, application and security data sits in one observability layer. This means teams can correlate performance, cost and risk instantly. It also unlocks capabilities like policy simulation through digital twins, cost attribution by application or business unit, and automated remediation when thresholds are crossed. In practice, organisations see fewer stray or shadow policies, predictable cloud egress costs, and real-time compliance without waiting for periodic audits.
TimesTech: AI-driven decision-making introduces both opportunities and new risks. What are the key security considerations enterprises should keep in mind when integrating AI intelligence across the network, edge, and cloud?
Andrew: AI dramatically increases the speed and precision of IT operations, but only if it is built on Zero Trust principles. As more decisions move to AI systems at the network, edge and cloud layers, enterprises must treat models, training pipelines and data sources with the same seriousness they would apply to a core banking platform.
Threat patterns are also evolving. Weak or stolen credentials remain the most common way attackers get in, and human factors still drive the majority of incidents. At the same time, AI is now influencing a growing share of breaches, powering more convincing phishing campaigns and deepfake-led social engineering. That makes identity, posture assessment, continuous monitoring, data classification, DLP (Data Loss Prevention), and strong audit trails around AI usage absolutely essential when integrating AI into the SASE fabric.
TimesTech: From a practical standpoint, what steps should CIOs and CISOs take to operationalise AI within their cloud and security architectures? What does ‘AI by design’ look like in real-world deployments?
Andrew: “AI by design” starts with architecture and outcomes, not technology choices. The first step is establishing a unified, SASE-first fabric where SD-WAN, Zero Trust and cloud-delivered security operate as one. From there, CIOs and CISOs should define outcome metrics that matter: MTTR, user experience scores and policy drift.
From there, the pragmatic steps are:
- Pick high-impact use cases first areas like fault diagnosis, capacity forecasting, policy recommendations or automated change validation via a digital twin.
- Bring AI into Day-2 operations through closed-loop workflows so insights can trigger governed, approved actions rather than sitting idle on dashboards.
- Put guardrails in place early. Clear governance on who can use which models, what data they can access and under what policies is critical and SASE becomes the layer that enforces this at every edge.
TimesTech: Can you share customer examples where SASE deployment delivered measurable outcomes—such as improved resilience, cost optimisation, or accelerated time-to-value? What were the key drivers behind their success?
Andrew: The strongest SASE outcomes come when organisations move from reacting to issues to predicting and preventing them.
A global bank we work with is a good example. We built a digital twin of its WAN to test SASE and SD-WAN policies before rollout. This dramatically improved first-time-right deployments, increased uptime and allowed the bank to make changes far more quickly and safely.
A large Indian hospitality chain saw similar benefits. By embedding AI into its SASE-enabled SD-WAN fabric, we could predict capacity requirements and optimize routing based on application behaviour. The result: better utilisation of existing bandwidth, a noticeably improved experience for guests and employees, and faster realisation of value from their transformation programme.
These experiences reflect a broader industry trend more enterprises are consolidating around unified, outcome-led architectures, leading to steady growth in single-vendor SASE adoption.These are consistent with broader market evidence: single-vendor SASE revenues grew around 17% year-on-year in early 2025, as enterprises double down on unified, outcome-led architectures instead of point products.
TimesTech: With global enterprises operating in distributed and high-pressure environments, scalability becomes critical. How does Tata Communications’ global SASE platform ensure consistent performance, security, and governance across geographies and complex network environments?
Andrew: Global enterprises need a SASE platform that behaves like one intelligent fabric everywhere, not a mix of regional patches. Our global, cloud-native network is built with tightly integrated points of presence so that security inspection, policy enforcement and optimisation happen as close to the user or workload as possible, while still being centrally orchestrated.
SD-WAN 3.0 and our SASE stack combine end-to-end observability from first mile to last mile with AI-driven and agentic automation. This allows us to diagnose and resolve issues quickly across geographies, whether it’s a dense metro location or a remote site, including new use cases emerging around space-based connectivity. Because the platform is delivered as a service, customers get continuous improvements in Zero Trust, AI and analytics without added operational complexity ensuring performance, security and governance stay consistent as their footprint grows.
