Cisco Systems (CSCO) has made ten acquisitions so far this year, and three of them are in security. Growth in security software capabilities is a key growth area for Cisco. The networking giant is already a security leader, with a $2 billion annual run rate, which would make it number two in the industry behind Symantec, per Gartner’s league table for the $21 billion industry sector. “Security is a number one priority for Cisco,” explained Cisco Senior VP David Goeckeler in an interview with the Daily Cloud. “We are investing heavily in the space.”
Security is clearly a major issue for every IT executive, whether they are operating in the public cloud or running their own private IT infrastructure. To cite just one current example, an Internet service provider in Britain called TalkTalk (TALK.L) was victim of a hacking last month in which some 20,000 customer bank account numbers were stolen. So far, the $2.7 billion (revenue) company has seen a 30% loss in its stock market value over the past month, pundits are warning of lawsuits, self-appointed experts and watchdogs have criticized the company and called for CEO Diana Harding to resign, and Parliament recently confirmed that she is to be summoned to testify before a Parliamentary committee on TalkTalk’s security defenses. As if that were not enough, British police have arrested four British men (three of them teenagers) for involvement in the hacking without yet providing an explanation of their alleged role, guaranteeing that the saga will continue to run in the newspapers for months to come. It is like watching a slow-motion car wreck and nothing good for TalkTalk is likely to come of it.
“Security is a highly fragmented market,” says Goeckeler. He says that many Cisco customers have 50 or more different security products within their IT infrastructure, and they often need to be managed separately. “Our goal is to bring all of these together, in an architectural approach. Find the threat actors and develop ways to stop them, whether they are in the network, the cloud, or at the endpoints.” Under the name Security Everywhere, the Cisco strategy, he says, embraces the “before”, “during”, and “after” of a security attack. For the “before” phase: “you need to set up a strong perimeter and keep everybody out. We have a whole range of products to do that, including next-generation firewalls, access control systems, and software segmentation of the network.”
Of course, even the best security cannot prevent every attack from getting through that perimeter. For the “during” phase, Cisco has products that constantly scan the infrastructure, such as email gateways, and Sourcefire’s intrusion detection system based on the respected open source Snort technology. Cisco acquired Sourcefire for $2.7 billion in 2013.
In the after phase, Cisco has solutions like advanced malware protection that detect and remediate the attack. “The average time to find a threat inside a corporate network is 100 to 200 days,” Goeckeler says. “They’ve been in there a long time by the time you find it. With advanced malware protection, we have shrunk that down to 46 hours.”
Acquisitions play a key role in Cisco’s growth strategy for security, as they do in most Cisco business strategies. Last month, Cisco announced the $425 million acquisition of Lancope, a startup that analyzes the Netflow information generated by routers to hunt out anomalies. In June, Cisco acquired for $635 million OpenDNS, a startup that operates 25 data centers worldwide to track the protocol that translates website names into IP addresses. “It’s very fast and ubiquitous,” Goeckeler explains. “If we find a malicious IP address, we can block users going to that site. OpenDNS provides the cloud [Internet] layer and can enforce that globally in a simple but powerful way.”
Aside from acquisitions, Cisco has a partnership program called pxGrid, which enables Cisco and 30 partner companies to share security data and create and enforce security policies jointly through APIs. pxGrid includes public companies like Checkpoint (CHKP) and Infoblox (BLOX) as well as many startups. In addition, Cisco develops its own in-house security solutions. Goeckeler leads a team of 5,000, of which 3,000 are engineers focused on product development.
In Cisco’s most recent quarterly report, for the quarter ended last July, the company said its security revenue was $464 million, or 4% of its total quarterly revenue of $12.8 billion. Its guidance to investors was that security revenue should grow at between 10% and 15% in the current fiscal year (ending next July). That compares with analyst expectations of 4% growth in total revenue. Goeckeler points out that Cisco finished the quarter with $15.2 billion in deferred revenue, evidence that it is selling more software-as-a-service, part of new CEO Chuck Robbins’ promised transformation into a more software-centric company. “Our overall goal is to drive more software recurring revenue and security is in the forefront of that transition,” Goeckeler says.
Last month, President Obama’s new Chief Information Officer Tony Scott, a former VMware executive, said that large public cloud providers can do “a much better job of security than any one company or any one organization can probably do.” Goeckeler says it’s not easy to make such sweeping generalizations. “There are pluses and minuses to each architecture. With the cloud, you are expanding the attack surface, the perimeter is now moving, and you have workloads outside the enterprise,” he says. While a large cloud provider can afford to build a team of security experts that most individual enterprises cannot, an enterprise can call on the security expertise of a company like Cisco which, thanks to the dominant position of its networking gear in LANs and the Internet, has unrivaled visibility into worldwide networks, and is constantly beefing up that expertise with acquisitions of hot startups. The startups provide the excitement of the latest technology and the youthful vibe (see video screencaps below), while Cisco provides the global visibility into the world’s network and also the sales reach into the enterprise and service provider customer base.
Looking for the next acquisition is an important part of Goeckeler’s remit. “We will continue to acquire where we find the right assets that match our strategy and our architectural approach,” he says.
Backup and archiving storage leader Iron Mountain is partnering with cloud & software provider Virtustream to add cloud capabilities to Iron Mountain's storage infrastructureRead More
Apollo Education Group (APOL), parent company of the University of Phoenix, may be the largest privately-owned for-profit university system in the world. Read more
UC provider 8×8 announced a deal to provide communications systems to Regus plc, the world’s largest provider of temporary office space. Read More
"From Physical to Virtual" With Big Switch, Red Hat & Dell... all based on open source, and created a carrier-class cloud."Read More
