Is it me or is Cisco now content to minimize its security focus? When it comes to information security, networking giant Cisco seems like its at a crossroad. In 2009, Cisco acquired cloud security provider ScanSafe for $183 million and it announced security products and services for the iPhone earlier this year. That said, 2009 seems to be highlighted by noteworthy security issues. For example:1. Cisco hinted that it will end-of-life both CSA and MARS. A few short years ago, these products seemed like they would anchor Cisco’s security strategy.2. Cisco’s main message throughout 2009 was around cloud security. Fine for vision but since cloud computing is a confusing category in its infancy, these messages probably didn’t help move any products.3. In several discussions with Cisco sales reps and channel partners, security products have become a low priority. To paraphrase one sales person, “I have no time to work on a $100k sale when my quota is in the $10s of millions range.” I also noticed a lot of network security deal bake-offs between folks like Check Point, Crossbeam Systems, Juniper, McAfee, Sourcefire, and TippingPoint but not Cisco.4. Instead of buying a DLP player (a growing software category), Cisco chose to partner with RSA. Fine but not typical Cisco behavior. 5. Cisco walked away from Guardium, a database security company it invested in, and then let IBM acquire the company unchallenged. Cisco has a huge installed base and an unbelievable halo effect. Given these assets, I’m sure a “bad” year for Cisco security still produced plenty of revenue. Nevertheless, Cisco seems much more passive and confused about its security play then it did a few years ago when it seemed intent on owning all-things security — from the network (firewall, NAC, IDS/IPS), to clients and servers (CSA), to network applications (email, XML) to identity (entitlement management).Cisco’s 2009 rhetoric about cloud security, collaboration, and reputation were pretty weak — not what you’d expect of a leader. In 2010, Cisco must establish itself in the server market, press forward on Telepresence and Tanberg, and fight on all fronts without the help of HP or IBM. Can it do all this and re-establish itself in information security? Maybe, but I believe this is a tall order. Moving forward, information security seems like a tactical market for Cisco at best. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe