Cisco Building a Security Ecosystem Juggernaut with the Recent Acquisitions


Cisco has long made a point of acquiring subsidiaries to extend its specializations into specific tech markets, including in recent years, energy management, machine learning, the Internet of Things (IoT) and cybersecurity. In so doing, the multinational tech conglomerate is building up a security ecosystem juggernaut to contend with the biggest players in the field. According to Ycharts, the company had around $70 billion as of July 2017 to spend on acquisitions.

The move towards becoming a service company has been a necessary move for Cisco. In August 2016, the company cut 7% of its global workforce, or 5,500 jobs. TechCrunch reported that it was part of a wider cost-cutting move by the company to pare down its overall costs by approx. 15%.

In its own words, the company’s aggressive spending on acquisitions is allowing it to restructure “enabling us to optimize our cost base in lower growth areas of our portfolio and further invest in key priority areas such as security, IoT, collaboration, next generation data center and cloud,” the company said in a statement. “We expect to reinvest substantially all of the cost savings from these actions back into these businesses and will continue to aggressively invest to focus on our areas of future growth.”

Cisco’s significant security acquisitions include the following:

Duo Security (intended acquisition) – August 2, 2018

Duo Security is a zero-trust security platform that provides unified access security and multi-factor authentication delivered via the cloud. Duo verifies the identity of users and the trustworthiness of their devices before allowing them access to applications (on premises or in the cloud) in order to prevent cybersecurity breaches. A multicloud environment is increasingly a reality of enterprise. A new networking and security architecture is essential to protect that environment.

In its press release, Cisco explained, “By delivering security capabilities from the cloud that enable organizations to base application access decisions on the trust established in user identities and the trustworthiness of their devices, Duo’s technology is a highly strategic addition to Cisco’s intent-based networking portfolio. Utilizing Duo’s frictionless, cloud-delivered capabilities, Cisco will now be able to securely connect any user to any application on any network”.

Cisco is apparently paying $2.35 billion in cash and assumed equity awards for the security platform. One of the most important issues in cybersecurity is how to authenticate users and prove their identity – it is the gateway to solving many of the cybercrimes most costly to business such as wire fraud, email hacking and theft of IP; thus the expensive Cisco acquisition makes sense.

Its co-founder and CEO Dug Song will continue to head up Duo as General Manager while also joining Cisco’s Networking and Security Business headed up by David Goeckeler, EVP and GM. The 2010 startup will continue to have a strong presence in Ann Arbor, Michigan where it is currently headquartered. Duo also has offices across the U.S. and in London with 700 employees worldwide.

AppDynamics – January 24, 2017

Software leader in application and business performance monitoring AppDynamics was acquired by Cisco in January 2017. Through machine learning, AppDynamics allows enterprises to closely follow each line of code and note how it impacts user experience and the performance of their applications and enterprise infrastructure. The AppDynamics real-time data platform offers business and DevOps teams real-time insights into their entire digital business at hyperscale, giving them the tools to make strategic adjustments to their apps in order to drive business outcomes. Companies can better spot bottlenecks and potential performance issues that could be holding back transactions and/or other kinds of customer actions.

AppDynamics provides performance monitoring to every stage of every software application, helping teams work through an extremely advanced matrix of connected information. Its single source of truth allows teams across the enterprise to collaborate in order to improve application and business performance.

Cisco spent $3.7 billion on the acquisition at a time when AppDynamics was expected to go through an IPO. It’s part of a wider move by Cisco from its core hardware networking business into a newer definition of what networking involves; allowing Cisco to offer a more complete stack to its users to help them run their businesses.

“Applications have become the lifeblood of a company’s success. Keeping those apps running and performing well has never been more important,” the company said in a release. “Unfortunately, that job has only gotten harder, as IT departments and developers struggle with a tangled web of disconnected, complex data that’s hard to understand. The combination of Cisco and AppDynamics will allow us to provide end to end visibility and intelligence from the network through to the application; which, combined with security and scale, and help IT to drive a new level of business results.”

Perspica – October 19, 2017

Cisco acquired Perspica in the fall of 2017 as a follow-on to its acquisition of AppDynamics earlier in the year as part of its overall data-driven strategy. “Perspica provides machine learning and data processing technology and expertise, which will support and accelerate the AppDynamics vision”, the company said in a press statement announcing the acquisition.

Perspica is a machine learning-driven operations analytics firm. It had raised $8.5 million at the time of acquisition. The company’s purchase price was not shared by Cisco.

The addition of Perspica fits well with AppDynamics’ capabilities. Similar to oSplunk, Perspecia’s focus has been on applying machine learning to vast amounts of operations data, and surfacing problems when they are detect i.e. in real-time. Cisco quickly embedded the Perspica engineering team with AppDynamics to help AppDynamics add a real-time intelligence layer to surface more data more rapidly.

Using both services in tandem, Cisco customers will be able to further leverage these machine learning capabilities to analyze large amounts of application-related data “in real-time and with business context, including when an application is deployed in a company’s public, private and multiple cloud environments”.

Viptela – May 1, 2017

Viptela is a software-driven, cloud-first company that delivers a software-defined wide area network (SD-WAN) solution, which simplifies management, furthers agility and brings down costs of interconnecting dispersed enterprise networks. Its network management, orchestration and overlay technologies make it straightforward to deploy and manage SD-WAN.

Cisco’s Digital Network Architecture (DNA) was a good fit for Viptela’s WAN, helping Cisco’s strategic transition toward software-driven, automated networks that offer greater flexibility, responsiveness and dynamism. Viptela’s cloud-first approach also complements Cisco’s on-premises routing platform, giving its customers easier control management and orchestration capabilities. The company paid $610 million for the acquisition of the 2012 startup with Viptela becoming a part of Cisco’s Enterprise Routing Team within Networking and Security.

A year following the acquisition, two of Viptela’s key SD-WAN specialists jumped ship to form a new tech startup, backed by two big VC players, Sequoia Capital and Kleiner Perkins Caulfield & Byers. The new startup is called Alkira and like Viptela, is based in San Jose, California. The company is currently keeping its plans a secret, along with funding raised, revealing only the names of its key backers. For Cisco, it means the loss of some of the human resource intelligence it paid for only last year.

However, Cisco still has big plans for Viptela, including potentially gaining new customers who are leveraging AWS cloud services.

Observable Networks – July 13, 2017

Observable Networks is a cloud-security provider HQ’ed in St Louis that specializes in modeling network behavior to monitor networks, detect unusual activity and provide alerts. The company’s technology is founded on dynamic behavioral endpoint modeling of all devices on the network to allow security analysts the capacity to gain real-time situational awareness of every user and device, thus all network traffic, whether in the data center or the cloud. If devices begin to behave outside of normal behavioral patterns, alerts are sent in real-time to IT teams to allow them to rapidly identify those indicators and investigate any potential threats before they have a significant impact on the organization.

Cisco’s acquisition of Observable Networks came amidst a (continued) growing threat landscape and an increasing demand for security services, in particular for companies moving to cloud-based infrastructures. All its employees joined Cisco as part of the deal; the terms of which were not disclosed publicly. Observable was founded in 2011 by Patrick Crowley (who became CTO). Cisco said Observable’s cloud-native forensics applications would become a part of its Stealthwatch Product Team.

In a press statement announcing the deal, Cisco said, “Together, Cisco and Observable Networks will extend our Stealthwatch solution into the cloud with highly scalable behavior analytics and comprehensive visibility.”

OpenDNS – June 30, 2015

Back in June 2015, Cisco acquired OpenDNS, a Software as a Service vendor that provides advanced threat protection for all devices regardless of location and time. The goal was to add “broad visibility and threat intelligence” from OpenDNS’ cloud-delivered platform to Cisco’s Security Everywhere approach.

OpenDNS had also recently launched analytics tool NLPRank, which creates a threat model for detecting domains deployed in criminal and nation-state targeted attacks.

Hilton Romanski, head of business development at Cisco, said the acquisition built on the company’s strategy to add a cloud security layer.

“The acquisition will extend our ability to provide customers enhanced visibility and threat protection for unmonitored and potentially unsecure entry points into the network, and to quickly and efficiently deploy and integrate these capabilities as part of their defense architecture,” Romanski wrote in in his blog post.

Cisco spent $635M on the security acquisition following on from 2014 acquisitions of service provider Neohapsis and malware analysis firm ThreatGRID, and the massive 2013 $2.7 billion purchase of Sourcefire.

CloudLock – June 28, 2016

CloudLock’s main focus is cloud access security broker (CASB) technology that offers enterprises full visibility and forensic analytics around user behavior and sensitive data in cloud services, including SaaS, IaaS and PaaS. Its goal is to help accelerate enterprise use of the cloud through securing cloud identities, data and apps, in addition to combating data breaches and account compromises, while facilitating compliance through its straightforward automated API-driven approach.

The acquisition was intended to further enhance Cisco’s security services, offering protection from the cloud to the network to the endpoint. In the press statement accompanying the purchase, Cisco’s Rob Salvagno, VP of Corporate Development said, “As companies are migrating to the cloud, they need a technology partner that can accelerate that transition and deliver critical security capabilities for all their users, apps and data in a seamless way.” Salvagno added, “CloudLock brings a unique cloud-native, platform and API-based approach to cloud security which allows them to build powerful security solutions that are easy to deploy and simple to manage.” The purchase cost Cisco $293M in a mix of cash and equity.

CloudLock’s services offer support to the growing “consumerization” trend beyond the use of APIs to implement services: in which people are using their own (typically unsecured) devices for work and in a variety of environments from their homes to places where they are connecting by (also usually unsecured) public WiFi networks.

Skyport Systems – January 24, 2018

Cisco acquired privately-held server security startup Skyport Systems earlier this year. The company has a hyper-converged infrastructure (HCI) solution that distinguishes itself through the way it can secure workloads. NetworkWorld described it as the only HCI vendor around “to design security into the solution instead of relying on policies or encryption”. By encasing a secure layer around each workload, Skyport makes it significantly harder to breach.

Cisco takes a similar full turnkey approach to optimizing software and hardware as Skyport, which was probably one of the reasons behind the purchase.

The financial details behind the purchase were not publicly disclosed. A Cisco spokesman told eweek that Cisco spokesperson said the company doesn’t plan to continue marketing existing Skyport System server security products, but rather wil support Skyport’s existing customer base through contract termination dates.

In discussing the purchase, Cisco said it would enable them to “utilize Skyport’s intellectual property, seasoned software and network expertise to accelerate priority areas across multiple Cisco portfolios”.

All Cisco’s acquisitions are listed by year here, dating all the way back to 1993.

Scroll to Top