Cisco's Splunk Acquisition 'True Bombshell Move,' Will Have Massive Impact on Cybersecurity

The combination should present immediate upsell opportunities.

Edward Gately, Senior News Editor

September 21, 2023

6 Slides
Cisco's Splunk acquisition a bombshell

Already have an account?

Dean Drobot/Shutterstock

Cisco’s $28 billion Splunk acquisition is a “true bombshell move” that will have a “seismic” impact on the entire enterprise cybersecurity landscape, and may foreshadow more consolidation.

That’s according to Eric Parizo, managing principal analyst at Omdia, which shares a parent company with Channel Futures (Informa). Splunk is a security information and event management (SIEM) market leader.

Parizo-Eric_Omdia.jpg

Omdia’s Eric Parizo

“First rumored more than 18 months ago, the deal will immediately make Cisco one of the dominant players in next-gen SIEM, a market segment that Omdia forecasts will grow to nearly $4 billion in global annual revenue by 2027,” he said. “Splunk’s established position as a premium offering with the deep resources of Cisco’s global salesforce should present immediate upsell opportunities.”

Cisco tells us Splunk’s security capabilities complement its existing portfolio, and together will provide “leading security coverage from devices to applications, to clouds.” The integration of Cisco’s extended detection and response (XDR) and Splunk’s SIEM offering will give customers a “comprehensive security platform for threat detection and response.”

The Splunk management team, under both current CEO Gary Steele and former leaders Doug Meritt and Graham Smith, deserve “tremendous credit” for dramatically accelerating the company’s transition to a cloud-based platform, and revamping its pricing model to encourage more usage and provide better value for customers, Parizo said.

Splunk Acquisition Far From Final

“Omdia anticipates little strategic change in the next nine to 12 months until the purchase is finalized following regulatory approval,” Parizo said. “In 2025, Omdia expects to see the first efforts to integrate with the Cisco Secure product portfolio, most notably Cisco’s XDR solution and the Cisco Kenna Risk-Based Vulnerability Management offering.”

There are some redundancies with Cisco and Splunk in the area of observability, but the overlap is minimal, Parizo said.

Allie Mellen, security and risk analyst at Forrester, said Cisco’s Splunk acquisition is a “massive win” for Cisco’s security business.

Mellen-Allie_Forrester.jpg

Forrester’s Allie Mellen

“What they do with it will determine if it’s a win for practitioners,” she said. “Cisco has long been a case study for acquisitions that don’t live up to their initial promise and suffer from underinvestment and a lack of focus. That said, in recent years they have maintained the Duo acquisition. To keep Splunk’s massive, loyal user base, Cisco needs to let Splunk deliver what Splunk does best: a flexible, powerful SIEM and observability offering.”

Most XDR vendors have shifted to having a SIEM or SIEM-alternative offering in their portfolios, Mellen said.

“This acquisition positions Cisco to have both sides of the coin — XDR with Cisco XDR, and a SIEM with Splunk,” she said. “This solidifies Cisco as a key player in two massive markets: XDR and SIEM.”

See our slideshow above for more on Cisco’s Splunk acquisition, including how Microsoft might benefit.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like