When one thinks of Cisco, it is typically in regard to networking infrastructure and the associated products, software and services. However, I wanted to learn more about the company’s focus on security, an area where I have recently expanded my coverage as an analyst. The other day I had the opportunity to speak with Gee Rittenhouse, who leads Cisco’s Security Business Group as General Manager and Senior Vice President. During our one-on-one, we discussed several topics, including his overall vision for security, three critical priorities for Cisco’s SecureX portfolio and Cisco’s contributions to the global cybersecurity community.
Deep experience forged in the cloud and security
Before jumping into our conversation, it is helpful to know Mr. Rittenhouse’s background. In total, he has been at Cisco for over a decade, heading up the security division for the last five years, and the Cloud and Virtualization Group for the seven years prior to that. This is an impressive pedigree for his position, given how cloudified and virtualized in nature connectivity is today. Furthermore, these days it is delivered increasingly as a service with integrated security, such as Secure Access Service Edge (SASE). Before Cisco, Mr. Rittenhouse served as president of Bell Labs that capped a nearly fifteen-year total tenure with Alcatel-Lucent. As far as education goes, he holds a Ph.D. in electrical engineering and computer science from the esteemed Massachusetts Institute of Technology.
A vision rooted in three key priorities
During our conversation, Mr. Rittenhouse shared his overall vision for Cisco’s security portfolio. At the heart of it all, Cisco’s goal is to reduce the complexity of deploying and managing security within the enterprise. This is no easy task. There is considerable research that supports the fact that the average midsized to large company often manages more than thirty or more security endpoint solutions. These offerings come in the form of firewalls, antivirus, virtual private networking (VPN), web filtering, threat hunting, active defense and many others.
Cisco aims to “democratize security” making it more accessible and easier to deploy and manage through three key priorities:
- Simplify and automate security. Cisco plans to offer a highly integrated set of offerings to accomplish this objective. I know first-hand that charging customers for integration services is a significant revenue stream for many security companies.
- Reduce the cyberthreat scope through a zero-trust approach that goes beyond access. Many companies claim zero trust these days, but by my estimation, most solutions stop at access.
- Protect the workload from on-premises to edge to cloud and help enterprises navigate the complexities of disaggregation and virtualization. Cisco’s multi-domain approach to deploying networking infrastructure and its significant, preexisting install base should help with this mission.
SecureX
To simplify security, one year ago Cisco unified its security portfolio under a single brand – SecureX. SecureX claims to be the broadest, most integrated security platform available, delivering orchestration, threat response, device visibility and actionable insights. As with any solution, you can infer SecureX’s value through its adoption rate. Today, Cisco claims over 7,000 active customer accounts—an impressive ramp. If you would like to learn more, visit here.
Mr. Rittenhouse and I also discussed some tenants that anchor the SecureX platform, such as its high threat visibility, vulnerability analysis and customer data protection. The latter is what I find most impressive about Cisco’s approach. Mr. Rittenhouse maintains that Cisco does not collect user data; instead, it helps customers better use their data through an application program interface (API) approach (which still ensures interoperability with other security solutions). This philosophy and open deployment model contrasts with many other cybersecurity solution providers, which tend to create “walled gardens” that lock in customers or only support optimization with other cross-sellable adjacent security solutions.
An example of Cisco’s commitment on this front is the Cyber Threat Alliance. Co-founded by Cisco, this non-profit organization’s mission is to improve the global digital ecosystem’s cybersecurity through the real-time sharing of high-quality cyber threat information. I believe that Cisco’s contributions to the alliance are significant given it has one of the largest commercial threat intelligence teams on the planet with Cisco Talos.
Wrapping up
I believe that Cisco is on the right path to simplify the deployment and management of security through its highly integrated yet open platform. I am also impressed with its willingness to share its learnings from significant breaches such as the SolarWinds supply chain hack and the recent devastating ransomware attacks. That transparency has more than likely contributed to SecureX’s success. I do not doubt that the networking giant can continue to build momentum and drive adoption of its security portfolio, if it continues to execute on Mr. Rittenhouse’s playbook.
Disclosure: My firm, Moor Insights & Strategy, like all research and analyst firms, provides or has provided research, analysis, advising, and/or consulting to many high-tech companies in the industry, including Cisco Systems, cited, or related to this article. I do not hold any equity positions with any companies cited in this column.