Cisco Systems, Inc. (CSCO) Management Presents at Morgan Stanley Technology, Media and Telecom Conference 2022 Transcript
Cisco Systems, Inc. (NASDAQ:CSCO) Morgan Stanley Technology, Media and Telecom Conference 2022 Call March 10, 2022 4:50 PM ET
Company Participants
Marilyn Mora - Head of Investor Relations
Shailaja Shankar - Senior Vice President and General Manager, Cisco Security Business Group
Conference Call Participants
Meta Marshall - Morgan Stanley
Meta Marshall
Welcome everybody. We're going to have Marilyn come up real quick to read the Cisco Safe Harbor. And then we'll jump into our conversation with Shaila from Cisco. Great.
Marilyn Mora
Thanks Meta. So, I'd just like to remind the audience that we may be making forward-looking statements. So, I refer you to our SEC filings, including the 10-K and 10-Q that were most recently filed on the Investor Relations website.
I'll now turn it back over to you, Meta.
Meta Marshall
Great. Perfect. Welcome everybody. We're delighted to have Cisco here today. For those of you, I am Meta Marshall, I cover the networking space here at Morgan Stanley. We're delighted to have Shaila Shankar, SVP of the Security Group and General Manager of the Security Group. very topical right now. Just given though everything we have with the geopolitical environment.
So, maybe just starting with, security continues to be ex-geopolitical, a huge investment area, not only standalone, but a catalyst for networking purchases. Just how have you seen security needs evolve over the past couple of years, as employees become more distributed and you move to a hybrid work environment?
Shailaja Shankar
Meta, thanks for having me here. This is my first time at this event, so really appreciate the opportunity. Security is definitely top of mind, top to bottom in the organization at this point. Just giving the geopolitical issues that you just talked about, like speaking for right now in the last few weeks. Beyond that over the last couple of years, for sure with employees becoming remote, work becoming remote, it has changed the paradigm for how employer has to be thinking about security. On top of, worker -- workforce being remote, we also have seen workloads going to the cloud. The combination of workforce changing, workplace changing, workloads moving to a different location, all three meant that organizations had to increase their investment in security. Is it me or am I too loud?
Meta Marshall
No, I think you're perfect.
Shailaja Shankar
Okay.
Meta Marshall
All sound like we have an echo right now, but we're good.
Shailaja Shankar
Okay. Sounds good. So, what we have seen is, the spent on security has significantly gone up, along with rapid moment of the cloud, faster digitization and just managing the perimeter.
Question-and-Answer Session
Q - Meta Marshall
Okay. Got it. I mean, maybe just in terms of adding in kind of a Russia/Ukraine, or just more topical geopolitical environment, just -- separate from everybody becoming a little bit more distributed, how have you seen kind of geopolitical play into recent security trends?
Shailaja Shankar
So, we have a phenomenal threat research organization as part of the security group at Cisco. It's called Talos. We have been at the forefront of seeing a lot of things happen in the world way before they actually become public news as you can imagine. We work with -- over 40 different government agencies globally, which means there is a lot of intelligence that we have that we are actually sharing proactively to make sure that the world is a better place.
Our concern right now at Cisco is making sure that the intelligence is getting to the right agency, right organization, right customer. So, they are protected. But starting from dedus [ph] type of activity to breaches, we are seeing all kinds of activity in the cyberspace now.
Meta Marshall
Got it. That's helpful. I think another area that people grapple with insecurity is just -- we're talking about a lot of new security approaches all the time, whether it be cloud, SasS, Zero Trust. One, what do you think that people miss about how Cisco can participate against all these pure play security vendors?
Shailaja Shankar
Yeah. The scale at which we operate, I think is not well understood by the world. The scale of Cisco security means that we look for -- just on MFA alone, for example, over a billion authentications a day, over 500 DNS -- 500 million DNS lookups in half a day. So, the scale is what I think the world misses and also the breadth of our portfolio, I think, is not well recognized too. We have security on all control points. It's on the endpoint, it's in the cloud, it's in the network and also, embedded in data and application security.
So, the breadth of portfolio is what gives us the broadest and deepest visibility and visibility is key when you're trying to protect any organization. So, we have -- as far as the solutions go to, to your point, we have XDR offering. We have a SasS offering. We have Zero Trust offering, for sure. And we feel -- individually, all of them are better because of the scale at which we operate, and one feeds into the other.
Meta Marshall
Yeah. Perfect. Where do you think customers are in evaluating some of these architectural decisions? I think we hear some of ours [ph] that we're moving past kind of catch up spend and moving towards greater architectural changes. But are people -- are you seeing real traction of some of these new architectural approaches to security?
Shailaja Shankar
Absolutely. We are seeing more investments going into architectures and lesser investment actually going into the catch up investment as you talked about it. Architecture investment is also key because we are in this hybrid world. As much as we all talk about workloads moving to the cloud, what you find is only 15% to 20% of the workloads are moving to the cloud. Only 5% of IT spend is actually in the cloud. So, customer environment is multi IT. It's on-prem. It's in the cloud. It's in the data center. So, every customer is looking for a security reference architecture. And we invest a lot of time in making sure that we meet the customer where they are, as opposed to prescribing a solution. It's not about ease of deployment and ease of manageability or simplicity of a solution. What is important to us is depth of efficacy. That's what we focus on.
Meta Marshall
Got it. Are you seeing one particular catalyst for change or step that people are taking, or does it tend to be hybrid work is what is kind of catalyzed one move. Just trying to see, is there one particular change that you're seeing that is generally like the first step into some of these new architectures?
Shailaja Shankar
Even before the hybrid work happened, organizations were moving to the cloud. So, what I think is the hybrid work accelerated it, hastened it a little further, but that alone is not a catalyst. It is enabling greater efficiency on the IT side of the organization. That is what has driven this migration.
What I would also say is the scarcity of resources is another factor in SOC side that is making this adoption of the cloud, and focus on implementation of architecture, like an XDR, takeoff faster. Being able to detect what's happening in a customer environment and being able to remediate it at a faster scale, requires that you have -- people that understand that space and with 4 million odd jobs that are unfilled, people are looking for greater automation and an architecture like XDR, for example, delivers that.
Meta Marshall
Okay. Perfect. We'll dive into XDR in a little bit. I guess one of the questions that we often get, around the platform, is just that security has very much been kind of a best of breed market, or just you want to have the most solution so that nothing slips through the cracks. How do you get over a natural resistance of people having all of their eggs, kind of in this Cisco basket, or taking a greater kind of portfolio approach?
Shailaja Shankar
I can see some customers might be having concerns around the kind of scenario you laid out. But when you invest in an architecture, you want to choose an architecture that is open and extensible. A vendor may not be able to deliver all the solution that you're looking for, but you have to invest with one that is open and extensible. So, we focus a lot on how do we coexist with the other security vendors that are in a customer environment. How can we open up our APIs so that we help enable the security of the other providers that are in the environment, as well as we enrich our solutions with the integrations that we do. So, architecture is where we want to see the investment. Architecture is where we are seeing more of the investments go as well.
Meta Marshall
Okay. Perfect. I think another question that we get is just, are you seeing a change in the anchor device of security? I think for so long, it's been the firewall, is SD-WAN kind of becoming central to the security decision. Just what are you seeing as kind of that anchor device?
Shailaja Shankar
So, firewall, we are seeing a lot of strength. Our firewall business is growing. And we are pleased with our customers extending -- the people that are with firewall are extending and buying other solutions from us as well with the credibility that we have built on the firewall side.
Definitely, the SD-WAN migration is allowing for cloud security also be pulled through in that experience by the customers. But I would believe firewall is here to stay. Endpoint is here to stay, and cloud extension security of the application and data is additional layers of security and extension security that we just have to secure.
Meta Marshall
Perfect. Another big question that we get is just the competitiveness of traditional hardware vendors as more SasS functionality moves to the cloud. Just how are you seeing that kind of physical cloud appliance discussion and just where you are seeing kind of that evolution of the discussion go.
Shailaja Shankar
Yeah. When you think about the presence of firewall, or presence of SD-WAN, you're talking about the network edge, you're talking about the data center edge, you're talking about the enterprise edge. It is the enterprise edge that is also pulling through to the SasS opportunity. Our SD-WAN implementation integrated with our umbrella offering, the cloud security offering is seeing a lot of uptick because of that enterprise edge moment that we are seeing.
Meta Marshall
Okay. Perfect. Circling back to XDR, this is a market that we've written about kind of being a $28 billion opportunity as security analytics, and then observability converge, what moves has Cisco made to kind of converge those capabilities acquired from kind of your security and observability portfolios to kind of present your product to the market?
Shailaja Shankar
Yeah. So, XDR, as I mentioned, makes it easy for a SOC analyst to make sure that they have the greater visibility into the environment, they understand the risk and they're able to remediate it quickly. We're always thinking about how do we deliver value? There are two metrics we focus on meantime to detect and meantime to remediate. That's the purpose of XDR as an offer.
And in our world, we get intelligence from every product that we have that feeding into our SecureX platform from email, from endpoint, from network analytics, the entire portfolio feeds into XDR, and XDR is also an open platform. And so far we have done about 400 odd integrations so that we are helping a customer environment protected. And the recent acquisition that we have done with Kenna, we are also able to bring in the context of risk where our intent is to focus, not just on alerts, but actually make it a context sensitive. And risk-based XDR is how we are thinking about it as a problem that we want to solve.
Meta Marshall
Got it. I mean, does that open platform almost make it easier for you to incorporate a lot of the Cisco pieces that you have acquired over the years or trying to integrate as well?
Shailaja Shankar
That's correct. And we want to actually pull in the data from other products that are in a customer environment, even beyond Cisco's own products.
Meta Marshall
Got it. Similar to the question on SasS and some of the new architecture, where do you think customers are kind of in the adoption or knowledge of what is going to be their XDR approach?
Shailaja Shankar
So, right now, you've -- for all those conversations we are having, only 5% of the customers have actually implemented XDR in their environment. They're still on the journey from EDR to XDR, the endpoint detection response to XDR. So, the opportunity is still quite a big, 95% that we can go after. But as the value gets realized by customers, I would expect over the next four or five years, at least 40% to 50% of the customers adopting an XDR solution.
Meta Marshall
Okay. That's a pretty quick transition, but a lot of value to be added. What would kind of lead to that is what you mentioned is that security, are security organizations need to automate more? There's just too many open job fillings spaces. But where do you think there is in that comfort with the increased automation or getting people over the idea that there needs to be this human to be that last line of defense?
Shailaja Shankar
It's interesting. You use the word comfort. When we are thinking about the security, we are always thinking about the paranoid people. We want people to be paranoid. We're never thinking about that comfort, because you never know when that next threat enters your organization and you want to be ready. You have preventative technologies, but you also want to be ready to react when that incident happens. As you know, in the security industry, we always say, it's not a matter of if, it's a matter of when. Every organization has a potential to be impacted.
So, back to your comment about comfort, we look for people to be investing in the right architecture, have yet -- knowledge that protecting an environment is always a combination of machine and human intelligence coming together, because there is always that incident that happens for the first time, there is a patient zero that you have to be ready for.
Meta Marshall
Right. Okay. Perfect. Another question that we've gotten is just, what part is, or what is the role of identity as part of the security purchase and just your kind of portfolio that addresses the identity market.
Shailaja Shankar
Yeah. So, Zero Trust is born out of, the need to make sure identity is the first line of defense for any organization. If you think -- talk to customers, they think of internet as the new network and identity as the first thing that need to be protected -- identity being the new perimeter that need to be protected. Our Duo acquisition, we have done really well. That is the franchise that we have taken on to extend it to the Zero Trust construct as well. We have actually contributed as Cisco to the nest standards definition. And we also partner with the CSPs with Amazon, with Google, with Microsoft, to -- we have some exciting announcements to come.
Meta Marshall
Marilyn is getting you the hook. So, we're good. Identity is an exciting area of development. We got it.
Shailaja Shankar
That's right.
Meta Marshall
Supply chain has clearly been a headwind for much of Cisco business, but clearly the firewall business as well. Is any of a cloud software growth you're seeing in the security portfolio driven by that temporary election of, I need a firewall, just move it to the virtual substitute -- or just what is kind of leading to some of the underlying traction you're seeing on the cloud side.
Shailaja Shankar
Yeah. We have -- I've acknowledged the supply chain challenges that we have seen. We have seen improvement from where we were last year to now. And I would see some challenges to continue until the end of the fiscal year 2022. And it gets better from there on. Customers are adopting to the -- moving into the cloud and adopting the virtualized and continuous solutions. That is also a use case based migration and need based migration, not just because there's a challenge on supply chain side.
Meta Marshall
Got it.
Shailaja Shankar
As I mentioned earlier, we are seeing good traction on our firewall business.
Meta Marshall
Right. I mean, how much of that -- another question that we get is just the impact of a refresh cycle on the firewall business. And just whether -- where you are seeing where you are kind of in that refresh cycle.
Shailaja Shankar
I would not -- no, I would not attribute that to the refresh cycle. No.
Meta Marshall
Okay. Perfect. You've mentioned kind of a number of acquisitions that have helped bolster the portfolio, but just how do you see the need for continued M&A to kind of advance that portfolio?
Shailaja Shankar
Yeah. For any organization, when you're thinking about innovation, you have a strategy of build, you have a strategy of buy and you have a strategy of partner. Cisco, like every other company, we are all constantly looking at what makes sense for us. So, we are looking for strategic fit, and we'll do the right thing for our shareholders. What is right for the shareholders, for our employees, our customers, but we are more guided by what the market needs are, what we are hearing from our customers. And, of course, what is the right financial decision as we make it. But yeah, it's part of our strategy.
Meta Marshall
Yeah. Obviously, Cisco is a -- has always had M&A as part of the strategy. I guess, kind of circling up as we conclude this discussion, it's just a -- there's a lot of different approaches. And so, I guess, what I'm trying to get to is, how holistic is this decision being made in terms of an architecture versus -- okay, I need to think about Zero Trust and I need to think about SasS and then I need to think about XDR like. Or where are you seeing customers kind of take a higher level view of their security architecture?
Shailaja Shankar
XDR is definitely one place where we are seeing convergence of strategy that this being realized, granted in small portion of the customers, as we are seeing it today. Zero Trust is definitely emerging as an end-to-end security architecture philosophy, as customers are thinking about it. And for us, for Cisco, I actually think that our unique value proposition is that we -- because we have presence on all critical control points, because our SasS connects to -- connects to our XDR and our Zero Trust connects to our SasS and XDR, we are able to bring all the is three architectures together into a singular platform and making it easy to deploy and easy to consume for our customers. And a lot of investments that we are making at this point are going into that platform.
Meta Marshall
Got it. Another question that I had is just in terms of -- maybe wrapping it down to kind of Russia and Ukraine again, and just concerns around kind of the cyber environment. I know we touched on this at the beginning, but just what does Cisco kind of proactively do to let customers know that they're kind of helping address a more active cyber threat environment?
Shailaja Shankar
Yeah. We have threaten -- just like other companies, we also have incident response teams. We also have an incident response as a service, managed detection response also available as a service. Several of our large customers are subscribers to those -- that service. So, whether they're subscribed to the service or not, obviously if we see something, we will proactively reach out to the customers and let them know. If they see something, even if they're not our customers, we will let them know. And there's no construct of them having to become our customers, for sure. But the incident response is one way our customers make that commitment to make sure that they -- they're kept abreast of it.
Meta Marshall
Got it. And then maybe final question. And this comes up a lot in our reseller checks about security pulling through additional networking purchases. And we've spent a lot of time kind of talking about the security portfolio, obviously being your expertise. But just how often are you kind of getting pulled into a conversation where it's leading to a larger sale or you're getting pulled into, I need to a refresh my campus, which is -- and then kind of thinking overall on overall security purchase.
Shailaja Shankar
Yeah. Definitely, as Cisco networking is a core franchise for us, security is a unique value proposition that we have. When you are an expert in one, and then you have a big presence on the networking side, you will see a lot of combined transactions happening. And there are times the networking is pulling security through -- the time security is pulling the networking side through as well. But if you think about SasS, the reason we are all excited about that is how it is actually bringing the integrated security into the networking side and a better security value proposition overall is make -- it's making it easy to be delivered.
Meta Marshall
Okay. Perfect. Well on that, I think that that's perfect to end it with kind of the networking and security kind of combined discussion. So, Shaila, thank you so much for being here today and walking us through the security portfolio.
Shailaja Shankar
Well, thanks for having me.
Meta Marshall
Perfect. Thank you.
Gloss