Conf24: Splunk Partners Crucial to Success of Cisco Combo

Splunk kicked off Conf24 with the unveiling of new generative AI assistants for security and observability, providing improved IT visibility and proactive threat mitigation capabilities. AI solutions have been embedded across Splunk’s portfolio to boost digital resilience.

Splunk’s AI tools across its product portfolio enable organizations to automate routine tasks and enhance their ability to get insights from data. With Splunk’s generative AI-powered assistants, every user can become a security and observability expert. 

Additionally, the company has made its Splunk AI Assistant generally available, helping customers derive insights from Splunk using natural language. Moreover, Splunk unveiled new AI capabilities for IT service intelligence (ITSI), including Configuration Assistant, aimed at streamlining configuration processes and optimizing operational efficiency, along with drift detection for KPIs and entity-level adaptive thresholds for more accurate detection.

Hao Yang, vice president and head of AI at Splunk, said AI is the cornerstone to his company’s strategy, driving enhancements to “our industry-leading security and observability solutions.”

“Our AI assistants are designed to help users do their jobs easier and faster,” he said. “We are currently embedding generative AI into our products to accelerate detection, investigation and response workflows.”

Tom Casey, Splunk’s senior vice president and general manager of product and technology, said input from partners plays a key role in his company’s product strategy.

“So in terms of us gathering input from partners, we absolutely did,” he said. “We just came off of our global partner conferences at Splunk. We've had a series of partner conferences with Cisco team members, in addition to a lot of ongoing meetings and engagement we do with partners. One of the great promises of Splunk being a part of Cisco is increased global reach and our ability to have access to a stronger global partner network. But that signal from that expanding global partner network and certainly from our longtime Splunk partners has been a key part of not just the announcements that we'll make, but a lot of the underlying improvements we made to the products for day-to-day use, many of the smaller features as well, because those are the things that very often enable time to value for those partners, and allow them to bring their specialization and expertise in focus. So partners and customer feedback are always a part of what we're doing.”

Splunk's Tom Casey

In terms of cybersecurity specifically, there are areas of opportunity where partners stand out, Casey said.

“Helping customers federate analytics and really develop a full data strategy for themselves, where they're starting to understand, not just that they're required to log a bunch of stuff, but what the best place is to go put that and how to use Splunk to enable that, that’s a tremendous opportunity that our partners have expressed excitement about because that is very much an extension of a practice that they already have ... and gives them an opportunity to come in and engage,” he said. “And because you're not just saying filter all your data out before it comes to Splunk, you're saying, 'Let Splunk help you do that.' That means that partner gets really good visibility into where that data is and what might be useful for the next project in the future. So their feedback on that has been really strong.”

Since the acquisition, many Splunk partners have started the process of partnering with Cisco, Casey said.

“They seem very excited about the broader opportunity in both the integrated value proposition with Splunk as part of Cisco, as well as what we're doing around extending analytics to really embrace a federated environment and the future of a federated security operations center (SOC)," he said.

During the Global Partner Summit, Chuck Robbins, Cisco’s CEO and chair, and Gary Steele, Splunk’s former president and CEO, now Cisco’s president of go-to-market, addressed partners, saying they are crucial to the two companies coming together.

Seventy-five percent of Splunk’s partners are also Cisco partners.

Steele said partners have always been an important part of Splunk’s growth strategy and story, “and that needs to continue.”

“As we become more integrated into Cisco, we appreciate everything that you’ve done in the past and want to embrace that for the future as well,” Steele said. “And one of the things I’m particularly excited about is were doing a lot of really good work to bring one product line more tightly aligned with Cisco’s security product line. I would encourage all of you to get to know more about the Cisco security product line. We can help facilitate that because I think it brings more value that you can deliver to our mutual customers. I just think there’s a tremendous opportunity continuing on the path that you’re on, but extending it more broadly with Cisco’s security product line.”

Robbins said the future is all about data, and with the portfolio Cisco had before, “we had visibility to lots of data and lots of insights for our customers, but we hadn’t always structured that data to give our value from that.”

“So coming together, when you think about security from networking, you think about observability and data in general, and what our customers are trying to achieve, and you layer AI on top of that, I think the opportunity is great and I don’t think there’s another company on the planet that can actually give our customers greater insights as to what’s going on in their technology infrastructure," he said. "And we with you are better equipped to do this, better than anybody else.”

Cisco accelerates Splunk’s journey by giving broader access to customers, continuing to drive innovation and focusing on more things that are important to Splunk partners, Steele said.

“We are going to continue on this path of innovation,” he said. “We’re going to continue to deliver on our road map. At the end of the day, we’re going to go solve customers’ problems and we want you on that journey with us. We will demonstrate that we are better together by delivering on this path of innovation.”

“You have a unique capability because you understand an area of our customers’ infrastructure and SOC, and security architecture that a lot of our traditional partners have not historically played in," Robbins said, describing his “vision” for Splunk partners' success.

“The opportunity for you is you can actually represent to the customer what we believe is the value of this combination of these two companies,” he said. “That’s what you can do because you’re uniquely positioned, assuming you take the time to come learn the Cisco security portfolio. You clearly already know the Splunk thing. I promise you picking up our security stuff will be easier than what you’ve already done on the Splunk side.”

Rodney Clark, Cisco’s channel leader, joined Splunk’s Gretchen O’Hara on stage to talk about the two companies coming together and what it will mean for partners.

Clark said he joined Cisco last November, in part, because he knew the Splunk integration was “in the works” and he wanted an opportunity to “basically join and marry these two amazing ecosystems together and to see what we can do in terms of changing the industry, and security and observability, and all things digital resilience.”

Cisco recognizes the skills and capabilities of Splunk’s partners, Clark said.

“Our job is to continue to support a path that is world-class around security information and event management (SIEM), security orchestration, automation and response (SOAR), and observability, but more importantly, how we get our customers really looking at this opportunity that we’ve created together,” he said. “And to that end, out of the gate, we’ve created a pilot program where we have some of our large Cisco partners who haven’t been traditionally invested in Splunk and we’re engaging our field teams and working together to get partners integrated and focused on those opportunities. So immediately, we’re focused on how we support this long-term with continued investment and how we support it short-term, signaling to our customers that we have this capability and then putting our partners on the path to delivering that value.”

The fact that 75% of Splunk partners are already Cisco partners was an “awesome revelation,” Clark said.

“This means we get off to a running start immediately,” he said. “The work that Splunk has done with Partnerverse, and how revered Splunk is as a world-class partner ecosystem and program, and similarly with Cisco, we have a world-class program … the key thing is we are working to make sure that every single one of our Splunk partners has a path to sell broader Cisco technology … looking at what it means to bring a Splunk partner into the broader ecosystem. We now have partners who can cover customer opportunities end to end, and we really wanted that, and the fact that we have thousands of partners who are already invested in both Cisco and Splunk technology means a lot. We’re not going to leave any Splunk partner behind. We are investing to make sure you have a firm place inside of our broader Cisco experience, and likewise providing the training, the enablement and the capabilities so you can bring your businesses up to speed with Cisco and that we can have a broader set of opportunities that we chase and manage together.”

Christian Smith, Splunk’s chief revenue officer, told partners there’s “never a better time” to be Splunk partner. In the past year, partners brought 521 new customers to Splunk.

In the past year, Splunk has “methodically” focused on how it would become a better partner organization, he said.

“We knew we had to lean in, reduce friction and be more specific,” Smith said. “We reduced friction points. We simplified our rules of engagement and are enforcing them. We tried to be clear with roadmaps.”

And with Cisco, this will either improve or remain consistent, he said.

“We’re trying to get away from transactions and focus on value,” Smith said. “That means we rely on partners even more. We cannot continue this journey without your help. We're continuing investment in Partnerverse. It’s not changing, it’s  going to get better.”

Smith outlined three “big rocks” for partners. Those include: positioning prescriptive use cases, focusing on global priority accounts (GPAs), and scaling the unified engagement model (UEM). GPAs represent an immediate $12 billion opportunity. And UEM is focused on customers and getting them what they need.

“We are going full into this and the partner role is a critical piece of that,” he said.

Smith asked partners to think about innovations to fit use cases.

“If you’re not a Cisco partner today, you should join,” he said. “Someday the programs will come together. Join it because there will be a need to bring solutions into use cases.”

Also during Conf24, Splunk released a new global report, “The Hidden Costs of Downtime,” which highlights the direct and hidden costs of unplanned downtime.

The survey calculated the total cost of downtime for Global 2000 companies to be $400 billion annually, or 9% of profits, when digital environments fail unexpectedly. The analysis revealed the consequences of downtime go beyond immediate financial costs and take a lasting toll on a company’s shareholder value, brand reputation, innovation velocity and customer trust.

Unplanned downtime — any service degradation or outage of a business system — can range from a frustrating inconvenience to a life-threatening scenario for customers, it said.

The report surveyed 2,000 executives from the largest companies worldwide and showed downtime causes both direct and hidden costs as defined below:

The report also highlighted the origins of downtime — 56% of downtime incidents are due to security incidents such as phishing attacks, while 44% stem from application or infrastructure issues like software failures. Human error is the No. 1 cause of downtime and the biggest offender for both scenarios.

However, there are practices that can help reduce downtime occurrences, and lessen the impacts of direct and hidden costs. The research revealed an elite group of companies — the top 10% are more resilient than the majority of respondents, suffering less downtime, having lower total direct costs and experiencing minimal impacts from hidden costs. These organizations are defined as resilience leaders and their shared strategies and traits provide a blueprint for bouncing back faster. Resilience leaders are also more mature in their adoption of generative AI, expanding their use of embedded generative AI features in existing tools more than at four times the rate of other organizations.

“Disruption in business is unavoidable,” Steele said. “When digital systems fail unexpectedly, companies not only lose substantial revenue and risk facing regulatory fines, they also lose customer trust and reputation. How an organization reacts, adapts and evolves to disruption is what sets it apart as a leader. A foundational building block for a resilient enterprise is a unified approach to security and observability to quickly detect and fix problems across their entire digital footprint.”

Also during Conf24, Splunk released a new global report, “The Hidden Costs of Downtime,” which highlights the direct and hidden costs of unplanned downtime.

The survey calculated the total cost of downtime for Global 2000 companies to be $400 billion annually, or 9% of profits, when digital environments fail unexpectedly. The analysis revealed the consequences of downtime go beyond immediate financial costs and take a lasting toll on a company’s shareholder value, brand reputation, innovation velocity and customer trust.

Unplanned downtime — any service degradation or outage of a business system — can range from a frustrating inconvenience to a life-threatening scenario for customers, it said.

The report surveyed 2,000 executives from the largest companies worldwide and showed downtime causes both direct and hidden costs as defined below:

The report also highlighted the origins of downtime — 56% of downtime incidents are due to security incidents such as phishing attacks, while 44% stem from application or infrastructure issues like software failures. Human error is the No. 1 cause of downtime and the biggest offender for both scenarios.

However, there are practices that can help reduce downtime occurrences, and lessen the impacts of direct and hidden costs. The research revealed an elite group of companies — the top 10% are more resilient than the majority of respondents, suffering less downtime, having lower total direct costs and experiencing minimal impacts from hidden costs. These organizations are defined as resilience leaders and their shared strategies and traits provide a blueprint for bouncing back faster. Resilience leaders are also more mature in their adoption of generative AI, expanding their use of embedded generative AI features in existing tools more than at four times the rate of other organizations.

“Disruption in business is unavoidable,” Steele said. “When digital systems fail unexpectedly, companies not only lose substantial revenue and risk facing regulatory fines, they also lose customer trust and reputation. How an organization reacts, adapts and evolves to disruption is what sets it apart as a leader. A foundational building block for a resilient enterprise is a unified approach to security and observability to quickly detect and fix problems across their entire digital footprint.”