If you’ve spent any time in IT and cybersecurity, you’ve inevitably heard of the networking giant Cisco. Historically known for its hardware and device product portfolio, the company continues to reinvent itself, focusing on the future of cloud-native cybersecurity and artificial intelligence (AI). In this analysis, I’ll evaluate Cisco’s recent acquisitions and moves, as well as commentary from its leadership that speaks to the strategic direction it’s taking.
In 2023, Cisco completed its largest acquisition ever, in a deal worth roughly $28 billion, acquiring cybersecurity and asset management company Splunk.
Splunk is the cybersecurity industry leader when it comes to activities including monitoring, analyzing, and visualizing data from various data sources. This information is typically fed into security information and event management (SIEM) platforms and enables activities such as security operations, threat hunting, and incident response. Splunk also helps with the emerging field of observability which couples data and AI to drive key insights in risk mitigation.
Cybersecurity is increasingly becoming a data-driven activity. As the number of devices, applications, microservices, and all of their associated telemetry grow, organizations struggle to make sense of the overwhelming volume of data and to derive signals from the noise. Key players such as Splunk help organizations aggregate, enrich, analyze, visualize, and report on the data, empowering security leaders to make data-driven decisions to mitigate organizational risk.
Cisco realizes the challenges posed by the dynamic threat landscape, and the company pointed out that with Splunk, it will be able to mature from threat detection and response to a model of threat prediction and prevention. Additionally, in the acquisition announcement, Cisco specifically called out the AI capabilities of both Splunk and Cisco as another key differentiating capability of the combined companies.
In addition to the plethora of data discussed above, most organizations are struggling with sufficient cybersecurity talent and resources. Splunk offers “Splunk AI”, which is aimed at accelerating human decision-making and guiding automated detection and response activities for security operations and engineering teams. Organizations can integrate Splunk AI into their existing workflows and bring together the rich resources of data and drive automated risk reduction activities and alerting.
Isovalent Brings Cloud-Native Observability
Furthering their investment in observability and cloud-native security, Cisco closed out 2023 with the acquisition of Isovalent. Isovalent is a cloud-native security and networking company with ties to the Cloud Native Computing Foundation (CNCF). Visibility and observability are a key theme again, with Isovalent having deep expertise in extended Berkeley Packet Filter (eBPF) and Cilium, both of which aid visibility in cloud-native distributed environments such as microservices.
Cilium, for example, is supported by managed Kubernetes services such as Google Kubernetes Engine and AWS EKS. This builds further observability and cloud security expertise for Cisco, as more workloads operate in containerized cloud environments running on top of various iterations of Kubernetes, the container orchestration tool.
Cisco was no stranger to Isovalent, having participated in the company’s Series A and B investment rounds in 2020 and 2022.
The addition of Isovalent complements the acquisition of Splunk, empowering Cisco to be a leader in observability, data aggregation, enrichment, analysis, reporting, and visualizations. All of this data can now be delivered to customers to empower visibility in complex technical environments and is underpinned by unique AI capabilities to facilitate predictive analytics and risk reduction to stay ahead of threats.
As we head into 2024, it is clear Cisco is placing big bets on the role of observability, telemetry, automation, and AI to power the modern digital enterprise and aid CISOs and security leaders. It is looking to provide visibility into cloud-native environments on top of its extensive history as a hardware and device leader and is leaning into AI technologies and capabilities to facilitate automation in the evolving environment of attacks, incidents, and data breaches.
I’ve heard a lot about the risks and concerns associated with AI, but it is great to see industry leaders such as Cisco investing in AI to power modern cybersecurity use cases and bring focus to a dizzying influx of noise and alerts creating cognitive overload that has many security teams struggling to keep up.