At RSA 2023, Cisco’s Jeetu Patel, EVP/GM Security and Collaboration, and Tom Gillis, SVP/GM Security Business Group, sat down for a fireside chat on Cisco’s approach to security. Here are some highlights of the discussion, which was moderated by Prasad Parthasarathi, Senior Director of Cisco Investments.
Why is Cisco in the security business?
Jeetu: You cannot be in the connection business without being in the protection business. Security is not only an important priority but also the most important priority. This is going to be an exciting time to be in this industry and an exciting time to partner with Cisco.
How do you inject a culture of security innovation internally at Cisco?
Jeetu: Innovation is at the heart of Cisco, and we focus our efforts on building solutions internally first. It’s why we’ve assembled a team of security rockstars internally, one of the most recent being Tom Gillis, our SVP/GM Security Business Group. We’re focused on creating a culture where we build great products ourselves, and do things that no one except Cisco can do. And then we partner for the rest.
What do you look for in security partnerships?
Jeetu: I don't believe in partnerships where someone comes to me with a great product and wants to partner with us because we’ve got a great distribution model. It doesn't work. What works is when our joint capacity as partners serves a customer use case far more effectively than either of us could do individually. Then we can create magic together, and that’s how we create an automatic pull in the market.
What is the value of taking a platform-based approach to security?
Jeetu: There are 3,500 security vendors in the security market today, but we’re going to see massive consolidation in the market to where we’ll have a half dozen or fewer major players. We will certainly be one of those. The only way to become a true security platform is if others add value to what you have so that, collectively, the system creates more economic value than what you can do yourself. This is why, to give a couple of recent examples, we’re acquiring Valtix to beef up our multi-cloud network security, and investing in Elevate Security for its proactive risk management platform. If you integrate with us, we want to make sure you’re successful within the market, which in turn makes us more of a platform.
Why does Cisco invest and what constitutes success for the business?
Jeetu: It’s a very simple calculus: we are building a platform. A platform is no use if we're the only ones on it. And we need to make sure there’s an ecosystem that’s taking advantage of the platform. In addition, investing in a company is much more profitable because it allows us to stay close to and influence that company’s strategy and how it takes a product to market so that we can jointly solve customer problems.
How does Cisco think about M&A?
Jeetu: We don't want to be in the business of missing waves and solely buying companies. We want to be in the business of saying we have identified a very clear strategy, and if this strategy has an accelerant with another company that wants to join forces with us, we want to talk with them. Just buying companies doesn't create a unified platform. It creates a holding company. I'm not interested in building a holding company.
How does Cisco’s size help portfolio companies?
Jeetu: There's a tremendous amount of momentum to be gained when a company realizes how to unlock the power of Cisco. If a company comes in, and they want to maintain their culture and independence and not drive the Cisco machine, then they never get to scale. They might get from $20 million to $50 million or even $100 million, but they’re not going to get to $1 billion or $2 billion.
You have to have the mindset that you want to go out and try to make Cisco a trillion-dollar profit and then double the revenue. If you want to be a small part of that, where you actually get to move the stock price one way or the other, that's a very fun mission to embark on. But if working with a big company is not your thing, it’s not going to be great for either one of us. And you'll be frustrated. I'll be frustrated. If we invest in you, it’s because you love your company — it’s your baby — and you want to see it succeed in the market. And in order to succeed in the market, you have to use Cisco as a tailwind.
What trend did you not see coming that’s top of mind for you?
Jeetu: We’ve been talking about AI for the past 15 years, but none of us saw ChatGPT coming with 100 million users in 60 days. Compare other exponential adoption curves like Instagram, which took 2.5 years to reach 100 million, or Facebook which took 4.5 years. As startup founders and software developers, the big takeaway is this: the only way you can create that kind of momentum is by creating product pull. ChatGPT did it because it had a great model and great data and because it nailed the experience. It was magical. You have to nail the experience!
What about security for AI cyber-attacks?
Tom: We’re going to see a whole new industry created around the kind of cyber defenses needed to protect against AI-powered attacks. For example, AI will enable bad actors to write super-convincing phishing emails, which by the way, started 80% of ransomware attacks last year.
Security today is like an uncoordinated orchestra, but two breakthroughs will define the next era of security solutions. One is cross-domain native telemetry that’s completely coordinated and correlated rather than just aggregated. It’s going to fundamentally change how we respond to threats. And the other is the way AI will change our experience with security, the efficacy of security and the practitioner’s efficiency with how they can make their entire security platform more effective.
Isolated defenses can no longer spot attacks or differentiate them from legitimate behavior. What’s needed is an integrated end-to-end platform that will give practitioners a holistic view versus an isolated view. XDR (extended detection and response) is an effective platform that’s able to do this today because it leverages native telemetry and the ability to automate the response. It’s an antidote for the scourge that is ransomware. And when you combine that with a great model, great data and great experience — the way ChatGPT does — you get a platform approach that will reshape the industry and could enable a dramatic reimagining of the SOC analyst experience with AI.