Techaisle Blog
Securing the Future: Cisco's Innovative Leap in Security and Observability
Today's cybersecurity landscape is a complex maze, with a multitude of vendors contributing to a convoluted and intricate security stack. The evolution of security from traditional perimeter defenses around private data centers to a distributed network of branch offices, remote workers, and IoT devices has necessitated a radical shift in security strategies, with a focus on enforcement points across the network. At its core, security is a data challenge, where the sheer volume of data often hinders the identification of actionable insights, leading to an imbalanced signal-to-noise ratio and the prevalent issue of alert fatigue. Effective data connection across control points is crucial to transform low-level alerts into critical insights that demand immediate action.
Under the visionary leadership of Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration, Cisco's security product portfolio has undergone a transformative evolution. This radical re-envisioning of security paradigms has significantly refined Cisco's security cloud solutions, streamlining the adoption process for an integrated security platform. In response to the complexities of distributed environments, Cisco introduced 'Hypershield,' a pioneering expansion of the hyper-distributed architecture concept tailored to meet the demands of hyper-distributed security. The strategic acquisition of Splunk has further fortified Cisco's capabilities, enabling it to manage the signal-to-noise ratio effectively. Leveraging Splunk's advanced data analytics, Cisco aims to mitigate alert fatigue by converting many low-level events into meaningful, actionable insights.
The Birth of the Cisco Security Cloud Platform
In June 2022, Cisco introduced the Cisco Security Cloud Platform at the RSA Conference, a visionary solution designed to streamline the complexity of managing disparate security tools. This platform offers a unified experience, ensuring secure connections for users and devices to applications and data, irrespective of location.
The platform's emphasis on openness provides a comprehensive suite for threat prevention, detection, response, and remediation at scale. At its core is a powerful firewall, enhanced with AI for superior analysis. Identity management is flawlessly integrated, allowing every Cisco security product to leverage AI-driven insights and user authentication.
Cisco addressed the challenge customers faced with the vast array of security products—approximately 30 products with over 1,000 variations—by significantly simplifying its portfolio. Customers now have a choice of three intuitive suites: User Protection, Cloud Protection, and Breach Protection. These suites are not merely bundled; they are fully integrated, facilitating seamless communication and improved functionality, making security management far more straightforward and efficient.
Tackling Hyper-Distributed Security with Cisco Hypershield
As an industry analyst, I am convinced that Cisco's recent strides in security innovation are nothing short of impressive. The 2023 launch of Cisco Multi-cloud Defense, Cisco XDR, Cisco Secure Access, and advanced firewall functionalities marked a year of significant progress. The introduction of Cisco AI Assistant was a testament to its commitment to continuous innovation. In 2024, Cisco took a giant leap by introducing Hypershield, a sophisticated, AI-enhanced, cloud-native security system set to redefine cybersecurity.
Hypershield is a game-changer. It seamlessly integrates security within the network's fabric, ensuring that every critical node, from access points to IoT devices, is fortified. This revolutionary approach to security, which spans software, virtual machines, and network/compute servers, is bolstered by potent hardware accelerators typically seen in high-performance computing environments. As per Tom Gillis, Senior Vice President and General Manager of the Cisco Security Business Group, Hypershield demand is currently oversubscribed.
What sets Hypershield apart is its unique architecture, built from the ground up. Cisco's dual expertise in networking and security gives it an edge over competitors, who often fall short in one of these critical areas. I am hopeful that Hypershield will establish Cisco as the leader in a market increasingly recognizing the importance of robust, integrated security solutions.
Conquering Alert Fatigue: A Multi-Pronged Approach
XDR, or Extended Detection and Response, is an advanced security solution that provides comprehensive threat detection, investigation, and response capabilities across various data sources and security layers. It integrates multiple security products into a cohesive system to enhance an organization's security posture. One of the critical challenges in XDR is managing the overwhelming number of security alerts, which can lead to alert fatigue and potentially cause critical threats to be overlooked or not addressed promptly.
Cisco's strategy to combat alert fatigue involves a synergistic use of Cisco XDR, Splunk, and its security platform. Cisco XDR serves as the frontline defense, skillfully correlating data from various sources such as email, web traffic, network activity, and endpoint devices to prioritize threat detection. This enables security teams to utilize Splunk for an expansive analysis of their security environment, thanks to the seamless integration with Cisco XDR.
Cisco XDR is adept at managing large volumes of time-sensitive data, sifting through the noise to pinpoint high-fidelity security alerts. This curated data is then channeled to Splunk, renowned for storing and analyzing long-term data from any source. Customers benefit from the flexibility to start with either real-time threat detection via Cisco XDR or a comprehensive security landscape analysis through Splunk. Cisco's method ensures that Splunk is not inundated with excessive network telemetry data. By filtering through Cisco XDR, only pivotal signals are relayed to Splunk, enhancing detection capabilities without burdening the system.
The combined strengths of Cisco XDR and Splunk facilitate swifter identification and response to security threats, leading to a notable reduction in average response times.
Cisco's Journey Towards Unified Observability
Deep observability has become a critical need in today's complex IT landscapes, where distributed architectures, multi-cloud environments, and diverse applications are the norm. Cisco, traditionally known for its robust network monitoring capabilities through tools like Cisco Prime Infrastructure and Meraki Dashboard, recognized the necessity of expanding into the broader observability market to stay ahead.
Under the leadership of CEO Chuck Robbins, Cisco embarked on a strategic journey, acquiring key companies to enhance its observability suite. In 2017, Cisco made a significant move by acquiring AppDynamics for $3.7 billion, a masterstroke that enhanced network visibility and positioned Cisco as a leader in monitoring and managing modern IT infrastructures. AppDynamics, a leader in application performance monitoring (APM), brought invaluable insights into data centers and cloud-native environments, marking a pivotal moment in Cisco's growth trajectory.
With an eye on the future, Cisco didn't stop there. The acquisition of ThousandEyes for $1 billion during the pandemic era marked another milestone, extending Cisco's visibility across the entire digital delivery chain by integrating application and network performance monitoring. This strategic move not only solidified Cisco's commitment to full-stack observability but also demonstrated its agility in adapting to market shifts.
In 2023, Cisco launched the Full-Stack Observability (FSO) Platform, a testament to its dedication to providing comprehensive solutions that empower businesses to thrive in a digital-first world. This platform is a game-changer for Cisco and its customers, offering a unified view of the IT environment, enabling faster problem resolution, and driving optimal performance across all layers of technology.
Positioning for a Cohesive Observability Experience
With its recent acquisitions, Cisco has emerged as a formidable player in the observability domain. The acquisition of Splunk in March 2024 for $28 billion was a strategic move that significantly enhanced Cisco's capabilities. Splunk, renowned for its leadership in data analytics and observability solutions, complements Cisco's existing strengths in networking and infrastructure.
By integrating Splunk's advanced log analytics with Cisco's AppDynamics, the synergy provides comprehensive visibility across all layers of technology infrastructure. This unified platform not only offers full-stack observability but also simplifies the user experience with features like single sign-on, facilitating seamless navigation and efficient troubleshooting.
Moreover, Cisco's decision to transition from its Observability Platform to the Splunk Observability Cloud underscores its commitment to delivering a superior full-stack observability solution. This move is expected to harness Splunk's vast developer and partner ecosystem, unlocking new avenues for revenue generation. The integration of Splunk's partners into Cisco's global network is poised to deliver enhanced services and innovative solutions, expanding the reach to a broader customer base and fostering a dynamic ecosystem that benefits all stakeholders.
I concur with Gary Steele, President of GTM at Cisco, who believes integrating Cisco and Splunk will offer unparalleled comprehensive visibility and insights across an organization's digital footprint. He thinks this will result in an unmatched level of resilience, thanks to the most extensive and robust security and observability product portfolio on the market.
However, a critical factor in realizing this vision is the effective coordination and activation of Cisco's partner ecosystem, its sellers, and the customer success teams. These groups must collaborate seamlessly to craft a strong narrative and messaging and deliver a unified strategy. The synergy between Cisco's extensive security and observability product portfolio and Splunk's robust analytics capabilities can create an unmatched level of resilience. However, this integration's success hinges on aligning each stakeholder's diverse objectives and capabilities, ensuring that the collective effort translates into a robust and resilient digital defense for customers. This requires not only strategic alignment but also a shared commitment to innovation and excellence that resonates throughout the entire ecosystem.
Cisco’s Mid-market Observability Opportunity
Cisco's strategic focus on the SMB and Midmarket segments, collectively known as Cisco Commercial, is a testament to the company's recognition of the vast potential within these segments. While it is true that Cisco's enterprise and service provider clientele form a significant portion of its revenue stream, this does not undermine the importance of SMBs. Cisco's robust partner program, which boasts over 62,000 partners, is a clear indication of its commitment to this market segment.
The complexity of enterprise environments necessitates comprehensive monitoring across applications and distributed infrastructure. Mid-market companies face challenges similar to those of their larger counterparts, particularly regarding data security and the pursuit of digital resilience. However, they often encounter budget constraints and resource limitations that impede their ability to implement complex and costly observability solutions. This scenario gives Cisco a golden opportunity to leverage its extensive channel expertise and combine it with Splunk's leading data analytics capabilities. By doing so, Cisco can offer tailored, cost-effective observability solutions that cater to the mid-market. Positioning observability as a fundamental aspect of digital resilience will likely resonate well with these businesses.
Cisco's unique advantage lies in the limited competitive landscape for mid-market observability solutions, coupled with Splunk's authoritative position in the domain. This strategic positioning places Cisco in an ideal spot to dominate this relatively untapped market. Integrating Splunk's advanced log analytics with Cisco's AppDynamics creates a synergy that provides comprehensive visibility across all layers of technology infrastructure. This unified platform not only delivers full-stack observability but also simplifies the user experience with features like single sign-on, enabling seamless navigation and efficient troubleshooting.
Data, Unification, Innovation: The Cisco Advantage
Cisco's competitive advantage is anchored in a robust trio: data, integration, and innovation. Data is akin to a valuable resource in AI, and Cisco boasts an extensive reserve. Its daily analysis of 400 billion security events provides unparalleled insight into worldwide network activities. The strategic acquisition of Splunk amplifies this edge, enabling the processing of four petabytes of data for cloud observability and extracting intelligence from over a billion endpoints. Leveraging AI and analytics on this immense data repository, Cisco can uncover security intelligence beyond its rivals' reach, perhaps second to Microsoft.
Cisco's unique proposition also lies in its integrated approach. Where competitors may focus on specific segments such as connectivity, security, or data analytics, Cisco offers a cohesive solution. Customers benefit from a unified platform that eliminates the need to piece together disparate solutions from various providers, streamlining their entire infrastructure management.
Moreover, Cisco prioritizes relentless innovation, recognizing it as the cornerstone of progress. They dedicate a substantial % of their R&D budget—50%—to pivotal growth domains like AI, cloud, and security. This steadfast dedication ensures that Cisco remains a technology vanguard, delivering avant-garde solutions that empower their clients to stay ahead in the market.
Final Techaisle Take
Cisco's evolution into cybersecurity was a seamless extension of its foundational networking expertise. Its dedication to ensuring secure connections and safeguarding networks and data naturally led to the creation of robust cybersecurity solutions. Despite being initially unprepared for the advent of the cloud era, Cisco has since established itself as a formidable force in the cybersecurity domain. This ascent is attributed to its relentless pursuit of innovation, a comprehensive suite of products, and prudent strategic acquisitions.
Moreover, Cisco's aspirations go beyond mere security; it is making significant headway toward a Unified Observability platform. Integrating Splunk's renowned brand, cutting-edge data integration architecture, and user-centric design philosophy aligns seamlessly with Cisco's core competencies. This strategic alliance is poised to dispel any notions of Cisco's fragmented offerings and position it as a leading entity in AIOps and observability. The extensive data and insights that Cisco provides grant unparalleled visibility and control to its customers, solidifying its status as a formidable competitor. With this competitive edge and expansive product range, Cisco is well-equipped to serve as the hub for unifying a client's entire security ecosystem.
Cisco's strategy is showing promising signs of integration and innovation. Although the full potential of unifying security, observability, networking, and collaboration into a cohesive story is still in progress, the groundwork laid is commendable. Cisco's strategy is both intriguing and multifaceted. I am optimistic about the potential synergy between their security and networking efforts, which are gradually converging. This integration is crucial as each currently requires distinct sales strategies, partner engagement models, and support systems tailored to each component's unique demands.
Conversely, distinct sales strategies, partner engagement models, and support needs for these components could highlight Cisco's adaptability and commitment to tailoring solutions that meet diverse requirements. This multifaceted strategy could demonstrate Cisco's agility and dedication to delivering excellence across its portfolio.
When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.