Last week, Cisco announced that it was forming a services group to deliver professional and managed security services. The company also announced the hiring of Bryan Palma as Senior VP and GM to lead this new group. Palma comes to Cisco from Boeing where he held the title of VP of cyber and security solutions.
Why is Cisco getting into the “body shop” business? Because that’s where the money is. According to ESG Research, 56% of enterprises using security services will actually increase their spending on professional and managed services in 2013. Furthermore, ESG research indicates that:
- 39% of organizations are increasing their spending on security services because: “Security service providers can perform certain tasks better than we can.”
- 34% of organizations are increasing their spending on security services because: “New types of threats persuaded my organization to seek outside expertise.”
- 29% of organizations are increasing their spending on security services because they: “Don’t have a large enough security staff to handle all security responsibilities.”
- 28% of organizations are increasing their spending on security services because they: “Don’t have specific security skills in-house so the organization decided to outsource certain security tasks.”
So CISOs are outsourcing mundane security tasks and looking for outside expertise to help them move forward dealing with sophisticated needs like advanced malware detection/prevention and security analytics. Cisco certainly wants to be a part of this ongoing trend, but an investment in security services will also help the company:
- Push its security architecture. Like IBM and McAfee, Cisco is pushing its vision of an integrated security architecture built on top of TrustSec, ISE, security intelligence, SDN, pxGrid, and Sourcefire. Good idea but implementing this transition will take planning, design work, and multi-phased project management. Cisco believes that if it owns this work it can help customers accelerate the transition from today’s point tools to a more integrated Cisco-based architecture over the next few years.
- Weave security into the “Internet of Everything.” At a corporate level, Cisco wants its share of big government and industry applications and business process automation. Cisco calls these opportunities the “Internet of Everything.” Based upon recent statements, it seems that John Chambers understands that Cisco needs strong security products and skills when competing with HP, IBM, and Dell for multi-million dollar smart grids, intelligent public transportation, or metropolitan surveillance systems.
As the old saying goes, “if you want something done well, do it yourself.” With security skills in short supply and high demand, Cisco really needs its own security services to push its security and IT agenda. In this context, the Cisco security services announcement is much more strategic than most people think.