Observability and Security: Thoughts on the Cisco-Splunk Acquisition

The tech world is now trying to work out exactly what the news of Cisco’s acquisition of Splunk signifies, and for good reason. This merger has the significant potential to reshape the observability and security landscape as it stands today. The combination of Cisco’s networking and security capabilities with Splunk’s extensive data and security analytics, observability and machine learning gives the combined company an opportunity to deliver new AI-guided solutions. 

The AI transformation factor

Such offerings could provide improved options in how organisations monitor, secure, and optimise their IT infrastructure. But what could this mean for observability and security? The obvious place to start is with AI. It is clear that the massive amounts of data generated by modern IT environments makes traditional monitoring and security tools almost impossible to utilise effectively, especially given the scarcity of skilled security analysts. Partly as a consequence, many vendors are developing AI and machine learning tools. 

The combined technology solutions coupled with the extensive experience and knowledge of Cisco and Splunk means the company is well positioned to develop advanced AI algorithms. Such tools could potentially detect anomalies, identify security threats  and possibly even predict service outages in real-time. The ultimate goal will be for the monitoring tools to proactively alert you to potential issues and respond before they impact your users, or to enable the security system to automatically isolate and contain a breach before it spreads. 

A new step in Observability and Security

Beyond AI, the Cisco-Splunk fusion could also pave the way for a more unified and integrated approach to observability and security. Today, many organisations struggle with a patchwork of disparate tools and data silos, making it difficult to get the proverbial holistic view of their environment. Cisco’s strengths in network and application performance monitoring merged with Splunk’s expertise in log management and SIEM provides an opportunity to build a comprehensive, ‘end-to-end’, solution and provide a single pane of glass for IT professionals. This could not only simplify operations and reduce operational costs but also enable a more proactive and efficient approach to service and security management in an increasingly dynamic world.

The combination of Cisco and Splunk clearly will have an impact in the fiercely competitive observability and security market where a host of established players and innovative startups are active.  Thus the combination of Cisco and Splunk could create a powerful player able to challenge incumbents such as Datadog, Dynatrace and New Relic as well as the extensive range of security solution incumbents . Its extensive customer base and financial resources coupled with its broad portfolio of products does mean the company could have the scale and resources to drive innovation and market disruption.

Broader market impact

There is also the possibility that the merger could stimulate a wave of consolidation and M&A activity among other vendors. It is by no means unlikely that more strategic partnerships and mergers follow as companies look to create their own end-to-end observability and security suites. As ever, if these events take place, customers may well benefit  from innovative competition and maybe even better pricing. But extensive market consolidation activity could also create uncertainty and complexity as the market evolves.

Thoughts for customers

So where does this leave organisations looking to enhance their observability and security capabilities given It is very likely the market will continue to evolve rapidly in the coming years? As ever, the key is to stay agile and adaptable and seek to not get too locked into any one vendor or tool set. Instead, focus on building a flexible and modular technology approach able to integrate with new solutions as they emerge. Evolving standards such as Prometheus, OpenTelemetry (OTel) and Open Cybersecurity Framework (OCSF) have an important role to play here, a factor worth considering as you take your own strategy forward and make vendor decisions.

And finally, keep in mind that this general area is being flooded with marketing dollars at the moment, so it’s important not to get too caught up in any vendor marketing hype. 

Click here for more posts from this author

Tony is an IT operations guru. As an ex-IT manager with an insatiable thirst for knowledge, his extensive vendor briefing agenda makes him one of the most well informed analysts in the industry, particularly on the diversity of solutions and approaches available to tackle key operational requirements. If you are a vendor talking about a new offering, be very careful about describing it to Tony as ‘unique’, because if it isn’t, he’ll probably know.