How Cisco is establishing itself as a cybersecurity leader

Welcome to the new home of my blog here at CSO!  I spent a few days at CiscoLive last week, Cisco’s annual user conference, in steamy Las Vegas.  As a cybersecurity professional, I really filtered out a lot of other content to focus on all-things infosec.  Here are a few of my observations:

1.      As the fastest growing business unit at Cisco, cybersecurity certainly received plenty of top billing.  CEO Chuck Robbins highlighted security in his keynote and even chatted cybersec with Apple CEO, Tim Cook during his presentation.  In fact, Apple and Cisco announced a partnership to secure iOS devices moving forward.

2.      If your image of Cisco is firewalls and IDS/IPS, you’re kind of stuck in a 2005 mindset.  Cisco has a wide assortment of products for cloud security, endpoint security, security analytics, etc.  Cisco is even investing heavily in cybersecurity services to help its customers impacted by the cybersecurity skills shortage.

3.      Speaking of services, Cisco seems to understand that services are becoming a part of a majority of security sales.  These aren’t just implementation or maintenance services either – many deals include high-value/high-margin consulting or managed services components.

4.      In the past, Cisco operated like a holding company for business units that seemed oblivious to each other.  A Cisco “solution” often involved 4 or 5 different Cisco products, each with its own management portal and reporting.  The ‘new’ Cisco seems to understand that it must do better.  Granted, the company has lots more integration work ahead but slowly but surely it is making progress – at least as much as any other security vendor.

5.      I like Cisco’s messages around intent-based networking but boy does it have a lot of work ahead to educate the market, train armies of CCIEs/CCNEs, and actually program the network.  If it can pull this off, there are definite security benefits to be had.

6.      Cisco announced something it calls ETA which stands for encrypted traffic analytics.  ETA’s model is like Cylance for encrypted traffic.  In other words, Cisco applies a bunch of analysis on a whole bunch of attributes of encrypted streams and then uses machine learning to decide whether the traffic is malicious or benign.  Why is this important?  Because at least 40% of network traffic is encrypted and decrypting and inspecting all those packets can be costly and time consuming.  Cisco ETA isn’t perfect but I do see it to reduce some of the noisiness associated with threat detection.

7.      Cisco faces a dilemma with regards to its cybersecurity business:  Should it be tightly coupled to networking or run as a completely independent business?  Cisco has mismanaged this balancing act in the past.  Moving forward, innovations like intent-based networking, ETA, and others may lead to another power grab by the networking side of the house but this will only alienate CISOs who have far more authority and accountability than they did in the past.  Cisco’s security renaissance over the past few years may help it maintain its focus on the cybersecurity side.

8.      Cisco’s biggest market advantage may be as simple as its enterprise license agreement.  Once a customer buys into this, they are incented to use as much Cisco product as they can.

9.      Cisco has some successful security products that few know about.  For example, it’s AMP for endpoint business is much bigger than I thought, and I closely watch this space.  Meraki is a $1 billion+ business, and Tetration seems to be gaining momentum.  Who knew?

10.   This last point leads me to Cisco’s biggest challenge – it’s broad product portfolio is difficult if not impossible to navigate.  Although I’ve never been a Cisco employee, I feel like I have a PhD in Cisco and even I can’t follow all the product names, brands, acronyms, initiatives, etc.  EVP of worldwide sales, Chris Dedicoat, laughingly admitted that this continues to be a big problem for Cisco sales and channel partners.  This seems like a silly problem in the scheme of things but if your customers can’t make heads or tails of your product portfolio, they’ll go elsewhere.

Cisco is one of only a handful of $2 billion+ cybersecurity vendors that can grow its security revenue to over $5 billion by 2020.  Cisco has some internal work to do but it’s biggest obstacle may be on the demand-side of the equation as many cybersecurity professionals still think of Cisco as a networking company.  Aside from internal advances, Chuck Robbins and company must continue to invest in market education, though leadership, and cybersecurity professional networks to bulk up on cybersecurity street cred over the next few years.