What John Chambers Never Told You About Cisco Security

John Chambers is a prominent figure in the world of technology and business, best known for his significant contributions to Cisco Security. Serving as the CEO of Cisco Systems, Inc. from 1995 to 2015, Chambers played a pivotal role in transforming the company from a small networking equipment manufacturer into a global technology powerhouse.

Cisco Security Expansion

Under his leadership, Cisco Security expanded its product portfolio, focusing on networking, cybersecurity, and cloud solutions. Chambers’ visionary approach and strategic thinking were instrumental in shaping the future of the internet and communication technology. His commitment to innovation, customer-centric approach, and emphasis on corporate social responsibility earned him recognition and respect throughout the industry. John Chambers is not only a seasoned executive but also a thought leader who has left an indelible mark on the tech world.

John Chambers is currently a venture capitalist and the founder and CEO of JC2 Ventures, which invests in a wide range of start-ups.

During Chambers’ time at Cisco Security, he oversaw billions of dollars in security-related acquisitions. I was an employee at Cisco, in the security business units, at that time and saw the good and the bad when it came to those acquisitions.

Recent Acquisitions by Cisco Security

Here is a list of some of the most recent security-related acquisitions by Cisco Security after Chambers departed:

1. Talos (formerly Sourcefire VRT) (2013)
2. Sourcefire (2013)
3. OpenDNS (2015)
4. Umbrella (formerly OpenDNS Umbrella) (2015)
5. Lancope (2015)
6. Portcullis Computer Security (2015)
7. Observable Networks (2017)
8. Duo Security (2018)
9. Sentryo (2019)
10. Kenna Security (2021)
11. Valtix (2023)
12. Lightspin (2023)
13. Oort Inc (2023)
14. Splunk (2023): Their largest acquisition to date, paying $28B for Splunk.

Some tech companies pursue acquisitions primarily for the technology and customer base they acquire, and in some instances, this can result in the termination of existing employees. When a company identifies a smaller firm with valuable technology or a substantial customer base that aligns with its strategic goals, it may choose to acquire the assets and intellectual property while discontinuing the acquired company’s operations. This approach can help the acquiring company expand its market reach and bolster its technological capabilities swiftly.

However, it can also raise concerns about job security and disrupt the lives of the employees of the acquired company. It is essential for companies to approach such acquisitions with sensitivity, considering the impact on the affected employees and taking steps to provide support or opportunities for them where possible. Balancing technological gains with the well-being of the workforce is a critical consideration in these situations.

Potential Pitfalls

Acquisitions can be challenging to integrate for several reasons:

1. Cultural Differences: Companies often have distinct corporate cultures, values, and ways of doing things. Merging these cultures can be difficult and may lead to resistance or conflicts among employees.
2. Organizational Complexity: Integrating two organizations with different structures, processes, and systems can be complex and time-consuming. Streamlining operations and aligning workflows can take a significant effort.
3. Technology Integration: If the acquired company uses different technologies or software, integrating these systems into the acquiring company’s IT infrastructure can be a major hurdle, often requiring substantial time and resources.
4. Talent Retention: Acquiring companies may struggle to retain key talent from the acquired company, which can impact the success of the integration and the long-term performance of the merged entity.
5. Communication Challenges: Effective communication is crucial during an acquisition, both internally and externally. Miscommunication or a lack of transparency can lead to misunderstandings and anxiety among employees and stakeholders.
6. Regulatory and Legal Compliance: Complying with various regulatory and legal requirements, such as antitrust laws or industry-specific regulations, can be complex and may necessitate careful planning and legal expertise.
7. Customer and Vendor Relations: Maintaining customer and vendor relationships during the integration process is critical. Changes in ownership can raise concerns among customers and suppliers, potentially impacting business relationships.
8. Financial Integration: Combining financial systems, reporting, and budgets can be intricate, especially if the companies have different accounting methods or fiscal calendars.
9. Strategic Alignment: Ensuring that the strategic goals of both companies align and that the acquisition adds value to the acquiring company can be challenging. Failure to align strategies can lead to integration difficulties.
10. Human Resources and Employee Morale: Managing workforce issues such as layoffs, role changes, and compensation adjustments can impact employee morale and productivity, making it crucial to handle these aspects with care.

The success of an acquisition’s integration depends on careful planning, effective leadership, and a deep understanding of the challenges involved. Companies that prioritize these factors and invest in a well-thought-out integration plan are more likely to navigate these complexities successfully. What happens more times than most CEOs will tell you is that the acquisition integration doesn’t go well, and most of the folks with the knowledge leave once their contractual obligations are over. This leads to a product that never evolves.

Acquisition Challenges

Several cybersecurity companies or products have faced challenges or have been discontinued after being acquired by larger organizations. These outcomes can occur due to a variety of reasons, including integration issues mentioned above, strategic shifts, or changes in market conditions. Here are a few examples:

1. FireEye’s Mandiant Redline: FireEye, a prominent cybersecurity company, acquired Mandiant in 2013. While Mandiant’s services continued to thrive, its standalone product, Redline, was discontinued after the acquisition.
2. Websense: Websense, a web filtering and cybersecurity company, was acquired by Raytheon and Vista Equity Partners in 2015. The Websense brand was eventually merged into Raytheon Cyber Products.
3. McAfee EMM (Enterprise Mobility Management): McAfee acquired several companies over the years, and some of their products underwent changes or discontinuation. For instance, McAfee EMM, a mobile device management solution, was transitioned to another vendor after the company’s acquisition by Intel.
4. Intel Security Group (formerly McAfee): Intel acquired McAfee in 2011 and later rebranded it as the Intel Security Group. In 2016, Intel sold a majority stake in the security division to TPG Capital, and the McAfee brand was reinstated. The complex changes during and after the acquisition impacted some of its product lines.
5. Symantec’s Norton IoT Security: Symantec’s acquisition of Norton LifeLock (formerly known as Norton by Symantec) led to changes in its product offerings. Symantec’s IoT (Internet of Things) security product line was discontinued as the company shifted its focus.
6. RSA Security (BSAFE and Data Protection Manager): RSA Security, a division of Dell Technologies, acquired various companies and product lines over the years. Some products, such as BSAFE (cryptography toolkit) and Data Protection Manager, have undergone changes or discontinuation.

It’s important to note that these outcomes may vary, and some acquired products may continue to evolve or be incorporated into the acquiring company’s broader cybersecurity offerings. The fate of a cybersecurity company or product after acquisition depends on numerous factors, including the acquirer’s strategy and market conditions. It is also worth noting that some of the above have been spun-in and spun-out several times, which ultimately leads to unhappy customers and demoralized employees.

Small, Nimble, Customer-focused

Large organizations like Cisco Security often make grand announcements that get the market thinking. However, it may take years for what was promised in the announcement to come to fruition, if it ever does. Smaller and more nimble organizations such as Banyan are extremely customer-focused and are at the stage where we develop a true, direct partnership with each customer.

To learn more about how our solution can work for you today and how we can help you achieve your vision for security and access, set up a meeting with one of our Zero Trust experts.