With the $28 billion acquisition of
Splunk
by network-equipment giant
Cisco
Systems, Splunk and Cisco hope to build AI-backed cybersecurity monitoring tools that can detect hacking threats closer to real time, letting businesses stop cyberattacks before they damage corporate networks.
Splunk, a 20-year-old technology company that has never been profitable, had been chasing that goal and will benefit from Cisco’s resources, including access to troves of data from Cisco’s big customer base,
Gary Steele,
Splunk’s chief executive, said in an interview.
“This puts us in a really interesting position,” Steele said.
Splunk’s estimated $4 billion in recurring revenue from product and service subscriptions immediately gives Cisco a bigger hold in cybersecurity, Cisco CEO
Chuck Robbins
added, in the interview.
“This is a very good deal, financially,” he said.
The market for the cybersecurity services Splunk provides, known as security information and event management, has grown substantially just as other areas of cybersecurity services face financial pressure, with
Microsoft
and Google investing in the area. Google bought cyber giant Mandiant last year for $5.4 billion.
“Cisco is simply following market demand by offering this technology stack,” said Mitchell Schneider, senior principal analyst at consulting firm
Gartner.
Because Cisco doesn’t have significant experience in security operations, it will likely rely on Splunk’s expertise, he said.
Splunk uses various forms of AI in its products, which primarily handle threat detection and management, while Cisco is known for hardware such as routers and switches, though it also provides software products and security services.
“AI is nothing without data, and the acquisition of Splunk not only enables Cisco to sell more recurring software, but also moves Cisco out of the plumbing business and into the data business,” said Rama Sekhar, a partner at venture-capital firm Norwest Venture Partners who was an engineer at Cisco early in his career.
In July, Splunk said it had incorporated generative AI capabilities via a suite of software named Splunk AI, designed to parse data generated by large networks and assist human staff in detecting potential cyberattacks.
Mergers and acquisitions can help to slim the number of vendors offering similar services, but market consolidation risks locking security chiefs into business with fewer providers, said John-Claude Hesketh, CEO at Marlin Hawk, a global recruitment firm.
To decrease that risk, security chiefs should negotiate the right to review contracts if a key vendor is being acquired, Hesketh said, noting that as the landscape shifts “clients are asking lots of questions, including about the right to exit contracts.”
As cyber consolidation continues, companies face a trade off between fewer choices and more integrated products and services, said Scott Hawk, chief information security officer at wireless network company Velaspan. The Splunk acquisition “is definitely more evidence of consolidation. The same thing happened in telecom years ago,” he said.
Splunk’s customers may face some initial difficulty dealing with a larger company, said Roger Thornton, co-founder and general partner at venture-capital firm Ballistic Ventures. On the other hand, he said, the acquisition could provide stability for Splunk customers, given the company’s financial difficulties.
Steele and Robbins said their respective large customers welcomed the combination of complementary products.
“In the long term, it may have just made the Splunk product line more likely to be around for a long time,” Thornton said. A giant company spanning hardware and software security may also prompt rivals to seek acquisitions, he said, to keep pace with their new, large competitor.
—Catherine Stupp and Steven Rosenbush contributed to this article.
Write to James Rundle at [email protected] and Kim S. Nash at [email protected]
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8