Having successfully targeted and gone on to dominate the networking and datacenter server markets, Cisco has set its sights on security, and from a new marketing slogan to its latest end-point protection product and pricing announcements, the company is committed to dominating this market too. “The two things that I think are going to be most important: Number one is security … and then moving fast in innovating over and over,” said Cisco CEO Chuck Robbins.
Over the years, Cisco has mastered the art of using market transitions to capture share, and it appears it is well on its way to doing so in the security market, said Zeus Kerravala, founder and principal analyst of ZK Research. The market transition that’s changing security is digital transformation. Digital businesses need to move with speed and be agile, but they also must be secure, but the traditional security model in most companies doesn’t allow this, he noted.
Earlier this year the company changed its brand promise to: ‘We securely connect everything to make anything possible.’ Robbins added “securely” to the sentence, and the security team is now involved in virtually everything Cisco does. Security-by-design is the standard, he said.
“Cisco is making good progress and achieving strong results along the way,” blogged Jon Oltsik, Senior Principal Analyst and the founder of Enterprise Strategy Group’s cybersecurity service, and is executing accordingly to take their [along with IBM] cybersecurity businesses to $5 billion and beyond.
The company’s security business is now at a $2 billion run rate, doubling its AMP for Endpoint customers from 8,000 in November 2015 to 17,000 as of August 2016. It was Cisco’s largest growth area (up 16% year over year) during its recent fiscal fourth quarter, to $540 million, the third straight quarter of double-digit revenue growth.
This growth comes at a good time, because while spending may be inching upward when it comes to overall IT budgets, security is expected to grow at a compound annual growth rate of 8.3% through 2020, from $73.6 billion in 2016 to more than $100 billion. Other estimates put this year’s cybersecurity spend at $122.45 billion, and a 10.6% CAGR to $202.36 billion by 2021.
If the cybersecurity market has been looking good to Cisco, the endpoint security market, which is ripe for disruption, could be even more attractive. “In 2016, IDC expects security start-ups to continue to penetrate the enterprise endpoint security market segment as enterprises seek innovative solutions to detect ransomware and targeted attacks” noted Robert Westervelt, IDC research manager, Security Products and lead of IDC’s Data Security practice.
Gartner puts the Endpoint Protection Platform (EPP) market at $3.2 billion in 2014, and experiencing low single-digit growth since. The large enterprise EPP market is still dominated by Symantec, Intel Security and Trend Micro, which represent approximately 65% of the total revenue of Magic Quadrant participants; Sophos and Kaspersky Lab are the two other global Leaders, and collectively bring the total market share up to 81%.
At last week’s Cisco Partner Summit the company unveiled AMP for Endpoints, what it called a new approach to endpoint security. It combines prevention, detection and response to simplify endpoint security, allowing customers to ‘see and stop more threats, faster.’
We’re announcing a transformation in the market, beyond prevention, said Tom Stitt, Cisco’s Director of Product Marketing of Advanced Malware Protection Technologies. “AMP for Endpoints is a force multiplier and the effectiveness is the broader architecture,” he told IT Trends & Analysis. “The endpoint is dead center of the architecture and the strategy.”
In addition to extending the focus from prevention, which isn’t working, to detection and remediation, there’s also the issue of time to detection, he added. The industry average is 100 days; in almost all breaches (93%), it took attackers minutes or less to compromise systems, and data exfiltration occurred within minutes in 28% of the cases, so three months to recognize there’s a problem is three months too late.
Cisco says its threat-centric security architecture ensures that customers see more threats, faster. In recent testing by NSS labs, Cisco achieved the fastest TTD (time to detection) with 91.8% of threats detected in under three minutes. As of July, the company says it has reduced its own median time to detection to 13 hours from 17.5 last October.
The EPP market may be seeing minimal growth, but that’s not the case with the next generation endpoint segment, said Stitt. It’s growing at 48% a year, he said, and customers are also looking for a standalone solution.
The company also extended its Cisco ONE software licensing program to advanced security. That means the more than 14,000 customers, including 91% of the Fortune 100, that have purchased it can now buy the three new security software suites — Threat Defense for Data Center, Threat Defense for WAN and Edge, and Policy and Threat Defense for Access — on a subscription (SaaS) basis.
Overall, security customers are voting with their dollars, when it comes to Cisco. Stitt said there have been “tremendous uptake of customers”, with 5.7 million enterprise endpoints. With the movement to digital, customers are looking for more than prevention, and “in order for that business to work, it has to be more secure.”