Cisco signaled it intends to reshape safe info and occasion administration (SIEM) by pulling the set off on a deal to amass Splunk for $28 billion. The all-cash settlement, announced right this moment, requires Cisco to buy Splunk shares at $157 every, a 31% premium over the closing value of Splunk’s inventory on Wednesday.
The deal can be Cisco’s largest thus far. Whereas rumors surfaced in early 2022 that the 2 corporations had been in acquisition talks, no deal materialized. Shortly after, Splunk tapped longtime Proofpoint CEO Gary Steele as its CEO. Steele stated he’ll be a part of Cisco after the transaction closes.
Including Splunk may considerably enhance Cisco’s already formidable cybersecurity safety portfolio. “Our combined capabilities will create an end-to-end data platform to enhance digital resiliency,” stated Cisco chairman and CEO Chuck Robbins throughout an investor name to announce the deal. Robbins anticipates the deal will shut within the third quarter of 2024, pending shareholder and regulatory approvals.
Though regulators worldwide have extra intensely scrutinized and infrequently nixed many giant offers just lately, Robbins is assured they’ll clear this deal. Emboldening his confidence is that the settlement does not must be accredited in China as a result of Splunk has a minimal presence there.
Whereas getting giant offers accredited by regulators within the US and Europe has additionally develop into tougher, Robbins argued that there is little overlap between the 2 corporations’ choices.
“Through the integration of Cisco’s extended detection and response platform, our best security insights, and Splunk security information and event management offering, we will be able to help our customers move from threat detection and response to threat prediction and prevention,” Robbins stated.
Deal Comes as a Shock
There was little current indication that Cisco was considering a take care of Splunk, which mande the announcement a shock to trade watchers. In a LinkedIn submit, Omdia managing principal analyst Eric Parizo referred to as the Cisco-Splunk deal “a true bombshell move that will have a seismic impact on the entire enterprise cybersecurity landscape,” including it could foreshadow extra consolidation.
Parizo believes the deal will place Cisco as one of many dominant gamers in next-generation SIEM (NG-SIEM)a market that Omdia forecasts will develop to almost $4 billion in world annual income by 2027. “Splunk’s established position as a premium offering with the deep resources of Cisco’s global salesforce should present immediate upsell opportunities,” he provides.
Forrester analyst Allie Mellen agrees the deal could possibly be a major boon for Cisco’s safety efforts, however the impact on safety practitioners stays to be seen. Mellen warns that Cisco has a checkered previous with a few of its largest acquisitions.
“Cisco has long been a case study for acquisitions that don’t live up to their initial promise and suffer from underinvestment and a lack of focus,” Mellen says. “To keep Splunk’s massive, loyal user base, Cisco needs to let Splunk deliver what Splunk does best: a flexible, powerful SIEM and observability offering.”
Fueling Subsequent-Technology SIEM
The deal comes amid a rising highlight on next-generation SIEM and organizations needing to maneuver from legacy platforms to those who assist multicloud and cloud-native purposes and infrastructure. It additionally comes as platform suppliers are increasing their XDR capabilities.
For instance, at this week’s CrowdStrike Fal.Con 2023 convention in Las Vegas, CrowdStrike launched the “Raptor” model of its Falcon platformwhich integrates an enhanced iteration of LogScalethe corporate’s NG-SIEM providing. LogScale is the outgrowth of CrowdStrike’s $400 million acquisition of logging and occasion administration supplier Humio. Designed to ingest petabytes of third-party knowledge, CrowdStrike’s Raptor launch gives real-time occasion info natively in Falcon.
Over time, CrowdStrike CEO George Kurtz asserted SIEM will likely be subsumed into XDR. “XDR, in my opinion, will replace SIEM; call it next-gen SIEM,” Kurtz stated throughout a media briefing this week. “[Customers] want the ability to ingest data at scale … to store that data, [and] they want the ability to search that data and query it,” he stated. “And they want the ability to take an action, and if we put it all in one spot.”
Analysts say CrowdStrike’s objectives are bold. “LogScale is a first step toward SIEM, but is essentially more of a proprietary log management system tailored for its own solutions,” Parizo notes. “But if it has the bandwidth and appetite to quickly catch up on SIEM, there are certainly viable acquisition targets out there.”
Mellen notes that the majority XDR distributors have shifted to having a SIEM or a SIEM-alternative of their portfolio. “This is a massive shift in the market that gives CrowdStrike and other XDR vendors an opportunity to use to their advantage,” she says.
Cisco’s acquisition of Splunk would give Cisco “both sides of the coin: XDR with Cisco XDR, and a SIEM with Splunk,” she provides.
Roger Thornton, normal accomplice at VC agency Ballistic Ventures, believes that within the brief time period, clients could develop into extra open to various SIEM choices. “Customers, particularly big ones, don’t like it when their favorite vendors get acquired,” Thornton says. “Integration always has an impact on support, account management, and the senior sponsors. It will definitely give Google Chronicle SIEM and Microsoft something to talk about with the Splunk installed base.”
Writer: Jeffrey Schwartz, Contributing Author, Darkish Studying
Date: 2023-09-21 20:42:00