Cisco Strikes into SIEM with $28B Deal to Purchase Splunk #Imaginations Hub

Cisco Strikes into SIEM with B Deal to Purchase Splunk #Imaginations Hub
Image source - Pexels.com



Cisco signaled it intends to reshape safe info and occasion administration (SIEM) by pulling the set off on a deal to accumulate Splunk for $28 billion. The all-cash settlement, introduced right now, requires Cisco to buy Splunk shares at $157 every, a 31% premium over the closing worth of Splunk’s inventory on Wednesday.

The deal could be Cisco’s largest to this point. Whereas rumors surfaced in early 2022 that the 2 corporations had been in acquisition talks, no deal materialized. Shortly after, Splunk tapped longtime Proofpoint CEO Gary Steele as its CEO. Steele mentioned he’ll be a part of Cisco after the transaction closes.

Including Splunk may considerably enhance Cisco’s already formidable cybersecurity safety portfolio. “Our mixed capabilities will create an end-to-end knowledge platform to boost digital resiliency,” mentioned Cisco chairman and CEO Chuck Robbins throughout an investor name to announce the deal. Robbins anticipates the deal will shut within the third quarter of 2024, pending shareholder and regulatory approvals.

Though regulators worldwide have extra intensely scrutinized and sometimes nixed many giant offers lately, Robbins is assured they are going to clear this deal. Emboldening his confidence is that the settlement would not must be authorized in China as a result of Splunk has a minimal presence there.

Whereas getting giant offers authorized by regulators within the US and Europe has additionally grow to be harder, Robbins argued that there is little overlap between the 2 corporations’ choices.

“Via the mixing of Cisco’s prolonged detection and response platform, our greatest safety insights, and Splunk safety info and occasion administration providing, we will assist our prospects transfer from menace detection and response to menace prediction and prevention,” Robbins mentioned.

Deal Comes as a Shock

There was little current indication that Cisco was considering a cope with Splunk, which mande the announcement a shock to trade watchers. In a LinkedIn put up, Omdia managing principal analyst Eric Parizo known as the Cisco-Splunk deal “a real bombshell transfer that may have a seismic affect on your complete enterprise cybersecurity panorama,” including it could foreshadow extra consolidation.

Parizo believes the deal will place Cisco as one of many dominant gamers in next-generation SIEM (NG-SIEM), a market that Omdia forecasts will develop to almost $4 billion in international annual income by 2027. “Splunk’s established place as a premium providing with the deep assets of Cisco’s international salesforce ought to current fast upsell alternatives,” he provides.

Forrester analyst Allie Mellen agrees the deal may very well be a big boon for Cisco’s safety efforts, however the impact on safety practitioners stays to be seen. Mellen warns that Cisco has a checkered previous with a few of its largest acquisitions.

“Cisco has lengthy been a case examine for acquisitions that do not dwell as much as their preliminary promise and undergo from underinvestment and an absence of focus,” Mellen says. “To maintain Splunk’s huge, loyal consumer base, Cisco must let Splunk ship what Splunk does greatest: a versatile, highly effective SIEM and observability providing.”

Fueling Subsequent-Era SIEM

The deal comes amid a rising highlight on next-generation SIEM and organizations needing to maneuver from legacy platforms to those who assist multicloud and cloud-native functions and infrastructure. It additionally comes as platform suppliers are increasing their XDR capabilities.

For instance, at this week’s CrowdStrike Fal.Con 2023 convention in Las Vegas, CrowdStrike launched the “Raptor” model of its Falcon platform, which integrates an enhanced iteration of LogScale, the corporate’s NG-SIEM providing. LogScale is the outgrowth of CrowdStrike’s $400 million acquisition of logging and occasion administration supplier Humio. Designed to ingest petabytes of third-party knowledge, CrowdStrike’s Raptor launch offers real-time occasion info natively in Falcon.

Over time, CrowdStrike CEO George Kurtz asserted SIEM will likely be subsumed into XDR. “XDR, for my part, will change SIEM; name it next-gen SIEM,” Kurtz mentioned throughout a media briefing this week. “[Customers] need the flexibility to ingest knowledge at scale … to retailer that knowledge, [and] they need the flexibility to look that knowledge and question it,” he mentioned. “And so they need the flexibility to take an motion, and if we put it multi functional spot.”

Analysts say CrowdStrike’s targets are formidable. “LogScale is a primary step towards SIEM, however is actually extra of a proprietary log administration system tailor-made for its personal options,” Parizo notes. “But when it has the bandwidth and urge for food to rapidly make amends for SIEM, there are actually viable acquisition targets on the market.”

Mellen notes that almost all XDR distributors have shifted to having a SIEM or a SIEM-alternative of their portfolio. “This can be a huge shift available in the market that provides CrowdStrike and different XDR distributors a chance to make use of to their benefit,” she says.

Cisco’s acquisition of Splunk would give Cisco “each side of the coin: XDR with Cisco XDR, and a SIEM with Splunk,” she provides.

Roger Thornton, common accomplice at VC agency Ballistic Ventures, believes that within the quick time period, prospects might grow to be extra open to different SIEM choices. “Clients, significantly large ones, do not prefer it when their favourite distributors get acquired,” Thornton says. “Integration all the time has an affect on assist, account administration, and the senior sponsors. It would undoubtedly give Google Chronicle SIEM and Microsoft one thing to speak about with the Splunk put in base.”


Related articles

You may also be interested in