Turning Data into Action: CISCO & Splunk's Strategic Blueprint on AWS
Overview
- The presentation discusses the acquisition of Splunk by CISCO and how the combined capabilities of the two companies can benefit customers.
- Tony Sager, the Field CTO for Cybersecurity and Infrastructure at Splunk, and Michael Gutsche, the Director of the Security Advisory Organization at Splunk, are the presenters.
Key Takeaways
CISCO's Acquisition of Splunk
- CISCO acquired Splunk in a $27 billion deal, which closed in March 2022.
- The acquisition brings together CISCO's networking and infrastructure expertise with Splunk's advanced data analytics platform.
- CISCO is investing heavily in Splunk, including integrating Splunk's observability capabilities and promoting Splunk's CEO to lead North American sales.
Splunk's Approach to AI
- Splunk is focused on using AI to enhance user experience and operational efficiency, rather than relying on AI models trained on external data.
- Splunk's AI Assistant allows users to use natural language to interact with the platform, and future investments will focus on assisting investigations and proactively identifying threats.
Importance of Data Visibility and Connectivity
- Splunk and CISCO's combined capabilities provide enhanced visibility into data sources, from network and infrastructure to cloud and physical assets.
- This visibility is critical for detecting advanced threats that may not be present in high-value, high-density security data.
Operationalizing Technology
- The presenters emphasize the importance of operationalizing technology, rather than simply acquiring new tools.
- Leveraging existing capabilities, optimizing workflows, and aligning with organizational frameworks are key to deriving value from technology investments.
Cybersecurity Frameworks and Strategies
- The presenters advocate for a proactive, data-driven approach to cybersecurity, focusing on risk management and threat detection.
- Aligning security strategies with frameworks like NIST can help foster cross-functional collaboration and communication.
Splunk's Observability Capabilities
- Splunk is integrating its cloud-based observability solution with CISCO's AppDynamics, providing a comprehensive view of application and infrastructure health.
- This combination aims to deliver enhanced visibility and security capabilities for customers.
Overall, the presentation highlights the strategic benefits of the CISCO-Splunk acquisition and the importance of data-driven, operationalized security and IT strategies.