David Goeckeler, executive vice president of Cisco’s networking and security business, really likes to talk about security technology.
Prior to his promotion in May 2016 to head both networking and security at Cisco, Goeckeler led the security group. And he clearly finds the topic fascinating.
Speaking at the Deutsche Bank 2017 Technology Conference in Las Vegas this week, Goeckeler said, “You don’t have to be in the security market for long to realize something very, very clear. The most important thing you think about when you run a security business is it’s a market where you have an active adversary.”
Compared to other businesses where executives think about the company’s customers, suppliers, and competitors, in the security business they must also think about a hostile adversary. “You have somebody that is actively trying to attack your customer, and that person is a human being and has a profit and an ego motive,” said Goeckeler, according to a Seeking Alpha transcript of the Deutsche Bank event.
That’s kind of exciting stuff.
Goeckeler talked about the company’s encrypted traffic analytics (ETA), which is part of Cisco’s intent-based networking initiative. ETA brings the ability to find malware in encrypted traffic. “I think that was kind of an unexpected thing to bring to market,” he said.
Cisco used data analytics and applied mathematics to it to help create ETA. “We can actually use the patterns of traffic as they arrive at a switch: what’s the length of the packets, what are the sequence of packets, and some other information to derive what is malware without unencrypting the traffic,” he said. “In the past we had to look inside all of the flows to find out what was malware and what wasn’t. And now, we’re using analytics techniques to figure that out on encrypted traffic.”
When Cisco announced ETA back in June, Goeckeler said, “Cisco’s encrypted traffic analytics solves a network security challenge previously thought to be unsolvable.”
Security in General
At the Deutsche Bank event, Goeckeler said, “The important thing on our security business is that the market has realized that an endless supply of point products in the security space is not a strategy.”
Customers have gotten into a painful cycle of constantly adding more point products. “I would argue that all of this complexity of all of these different point products and the ability for the average customer to try and knit those together, that creates security vulnerabilities all by itself,” he said.
Cisco is focusing on combining security along with networking. It wants its security products to span the network, the cloud, and the endpoints, all tied together.
“I am pretty well-versed in the security market, having focused solely on our security business for four years,” he said. “I think we’ve arrived at a point in the world where you cannot build a world-class enterprise security architecture without leveraging the network. Perimeter-only security is not the security approach you can rely on.”
He said security and networking must intersect with automation and analytics.