Cisco Systems Inc. reorganized its professional services business to create a Cisco Services Security Practice, and hired an information security executive from Boeing to head the venture.
The move reflects two stated priorities of Cisco CEO John Chambers: to bolster Cisco's overall security business and to rapidly expand Cisco Services operation in an effort to become the world's largest IT company. In other words, Chambers wants to transform Cisco into an IBM with networking roots.
Cisco appointed Bryan Palma as senior vice president and general manager of the Services Security Practice, which will provide consulting, product implementation and managed services. "There are some pre-existing assets within those areas that Cisco has today that will be consolidated under my leadership," Palma said. "Then we will put together a plan to see where we want to expand."
Palma was most recently the vice president of cyber and security solutions at Boeing. He has also served as a security executive for Hewlett-Packard and PepsiCo. As an agent of the U.S. Secret Service, he helped develop the agency's cybercrime prevention capabilities.
"Cisco has always offered security services in many areas, mostly around products and services," said Greg Young, research vice president for Stamford, Conn.-based Gartner Inc.
Customers are demanding broader professional services from their network security vendors because they'd rather get incident response help from a vendor they are already working with rather than create a new relationship with a third-party provider, Young said.
"Network security vendors are being dragged into incident response," Young said. "Quite often [a vendor's] services were [centered] around, 'We're going to install your product and support and maintain it.' Anything beyond that -- they were uncomfortable with."
Now network security vendors in general are building out professional services that go beyond product support to managed services and incident response, he said.
Cisco aims to create complete transparency between its security services and products so customers see the two as one overall solution that takes the complexity out of securing their infrastructure and data, Palma said. "Over time [customers] can expect a holistic portfolio of security solutions that includes both products and services integrated so that we can become the number one trusted security partner for our customers," he said.
Cisco is a big company with a large partner ecosystem. Palma knows that he faces a challenge in steering this new Services Security Practice.
"The biggest challenge will be getting the power of Cisco, its partners, sales force and field folks behind what we're doing and deliver that out to customers," Palma said. "It is a big organization and the security market is changing quickly. We've got to deliver on performance and expectations. I've been a Cisco customer and I understand what it feels like to be on the customer side. That's the experience I'm going to use to build these services."
Generally, IT vendors struggle to provide both services and products because of potential conflicts of interest, Gartner's Young said. The company's consultants might be working with a customer to develop the best security solution, while the sales organization is trying to push the customer toward the company's own products.
"IBM has been very good at security services because it doesn't have a broad portfolio of security products, so there is no conflict of interest," Young said.