Cisco (CSCO) has exhibited a modest 3.1% average revenue growth and 4.8% average adjusted operating profit growth over the past five years. The company is experiencing a decline in market share within both the networking and security end markets. Consequently, I recommend initiating coverage with a 'Sell' rating and assigning a fair value of $45.

Networking is Losing to Arista

It is evident that Cisco is ceding market share to Arista, with Cisco experiencing low-single-digit growth, whereas Arista (ANET) has achieved double-digit growth over the past few years. The accompanying chart underscores this trend, revealing that Cisco added only 1 million 100/200/400G switch ports compared to Arista's notable 2 million during the same period.

The decline in Cisco's market share can be attributed to several factors. Firstly, a decade ago, as enterprises began migrating their workflows to the cloud, Cisco did not promptly adjust its product strategy to align with the demands of the cloud transition era. Instead, the company maintained its focus on traditional on-premise routers and switching technology, neglecting significant investments in software-defined networking (SDN). SDN-powered switches offer greater suitability for cloud deployment, providing enhanced flexibility and scalability capabilities.

Secondly, a decade ago, Cisco held a dominant position, with traditional networking products generating substantial cash flow and profits. The challenge arose when it became difficult for the company to disrupt its own success and reallocate resources to embrace newly developed technologies.

Lastly, in 2013, Cisco introduced ACI, its premier software-defined networking (SDN) solution for data centers, utilizing the Nexus 9000 series products as spine and leaf switches. While Cisco endeavors to catch up with rivals in providing data center solutions, the company finds itself arriving late to the game. Moreover, Cisco's historical premium pricing is losing favor among enterprises as more budget-friendly options emerge.

Outdated Network Security

Cisco's End-to-End Security business encompasses Cloud and Application Security, Industrial Security, Network Security, and User and Device Security. A decade ago, Cisco's security business thrived as a bundled offering with their networking devices, providing a comprehensive solution for network integration. However, in the current era of cloud computing, their End-to-End Security has become outdated, lagging behind competitors such as Palo Alto (PANW).

In FY23, Cisco's End-to-End Security revenue only experienced a modest growth of 4.3%. It appears that their security products remain hardware-centric, a characteristic ill-suited to the evolving demands of cloud security and comprehensive protection. In contrast, rivals like Palo Alto employ a modular approach, offering multiple modules or subscriptions to counter various internet threats. The accompanying chart illustrates the revenue trends among major cybersecurity companies, highlighting Palo Alto and Fortinet's (FTNT) significant market share gains in exact years. Their success can be attributed to software and module-centric products that align more effectively with the requirements of cloud infrastructure.

For readers seeking a deeper understanding, I recommend referring to my introductory article on Palo Alto Networks.

Splunk Acquisition

Cisco is strategically leveraging M&A to transition a significant portion of their business towards software and services. Noteworthy acquisitions include Splunk, acquired for $28 billion in 2023, IMImobile for $730 million in 2021, ThousandEyes for $1 billion in 2020, and Duo Security for $2.3 billion in 2018.

While the Splunk deal has the potential to enhance Cisco's capabilities in security and observability, it appears that there are limited synergies between Splunk and Cisco. The primary driver behind Cisco's decision to acquire at such a high cost is their struggle with topline growth. Cisco is paying a premium of approximately 30% over Splunk's market price before the deal was announced, with the acquisition price implying over 7x forward revenue.

The accompanying chart illustrates Splunk's revenue growth and adjusted operating margin trend, which is currently standing at around the low-to-mid teens.

Splunk specializes in security data analytics, operating a platform that collects extensive datasets from various sources. However, according to Palo Alto's management, Splunk's solutions may present challenges in promptly investigating cybersecurity incidents. Palo Alto's Security Operations Center (SOC), on the other hand, can seamlessly integrate AI into SOC transformation and automation processes, allowing for faster and more efficient investigation of cyber threats.

It's worth noting that Splunk is actively investing in AI and automation technologies, and its vast datasets remain a key advantage in the cybersecurity space.

In addition, Splunk is endeavoring to expand its presence in the infrastructure observability market. However, as a relatively smaller player in this space, it faces competition from established companies such as Datadog (DDOG) and Dynatrace (DT). It appears that Splunk, entering the field later, may struggle to compete effectively against these specialized players.

According to Datadog's management, Splunk's platform is centralized in security management, presenting a notable difference from Datadog's infrastructure, which operates in real-time. For a more in-depth exploration of observability, I recommend referring to my introductory article on Datadog.

In summary, the potential for synergies between Cisco and Splunk is questionable. This uncertainty arises from the fundamental differences in Splunk's business model, centered around subscription-based solutions, and Cisco's traditional hardware-centric business model.

Isovalent Deal

Cisco announced its acquisition of Isovalent in December. Cisco had previously participated in the startup's Series A funding at the end of 2020. Isovalent, a cloud-native security and networking startup, is expected to enhance Cisco's security capabilities for cloud infrastructure.

Isovalent leverages eBPF and Cilium to gather data sets from both Linux and Windows, integrating with various platforms and applications such as Splunk, Datadog, and Isovalent itself. I believe the acquisition of Isovalent will benefit Splunk's ecosystem. It's important to note that Isovalent, while a small company, faces competition from several alternatives in the market.

Financial Results and Outlook

During Q1 FY24, Cisco achieved a robust 7.6% revenue growth and an impressive 27.6% growth in adjusted net income, reaching the upper end of their guidance range.

Their balance sheet remains strong with $23.5 billion in cash and cash equivalents. Operating activities generated $2.4 billion in cash, and they returned $2.8 billion to shareholders through dividends and share repurchases.

For FY24, revenue guidance is set to be between $53.8 billion and $55 billion, with Non-GAAP earnings per share ranging from $3.87 to $3.93. The guidance suggests one or two quarters of low revenue growth followed by a return to normal growth. The subdued growth in the upcoming quarters is attributed to implementation constraints, with large customers working through elevated product shipments from previous quarters. Essentially, Cisco over-earned in the prior fiscal year. The current full-year guidance implies an approximately -5% revenue growth rate, a reasonable expectation given the over-earning in the preceding fiscal year.

The table below provides an overview of Cisco's historical financials. In summary, they have demonstrated a low growth rate in both topline and bottom-line figures, with an average of 3.1% revenue growth and 4.8% net income growth. Their balance sheet remains robust with a net positive cash position, and their dividend payout and share buyback activities are deemed decent.

Valuation

The revenue growth assumption for FY24 takes into account the near-term headwinds stemming from elevated inventory shipped to their large customers, aligning with their provided guidance. When projecting normalized revenue growth, the model assumes 3% for organic revenue growth and 0.7% for acquisition growth, consistent with their historical average.

Given the sluggish top-line growth, the likelihood of generating significant operating leverage is low. The estimate suggests only a 10 basis points leverage annually.

The model employs a 10% discount rate, assumes a 3% terminal growth rate, and considers a 19% tax rate. Based on these parameters, the calculated fair value is $45 per share.

Key Risks

Weak Growth in Q2 and Q3 FY24: As discussed in their Q1 FY24 earnings call, the management anticipates a challenging Q2 and Q3, attributing it to the elevated inventory shipped to their large customers. I believe the subdued growth in the upcoming quarters is temporary, and their growth rate should resume once these customers have successfully digested their inventories.

Collaboration Business Decline: The collaboration business, contributing over 7% to Cisco's total revenue, faced a decline of 9.4% in FY23 and 5.4% in FY22. Cisco encompasses Meetings, Collaboration Devices, and Contact Center businesses within this segment. The significant rise of Zoom (ZM) has introduced considerable downside risk for Cisco's collaboration business, and I anticipate ongoing pressure on this business segment in the future.

Conclusion

In light of the challenges Cisco is facing in the cloud transition era and the perceived erosion of their competitive advantages, particularly in the realm of on-premise networking, I am initiating a 'Sell' rating. I assign a fair value of $45.

News Summary:

• Cisco intends to acquire privately held Isovalent, Inc., a leader in open source cloud native networking and security. 
• Together, Cisco and Isovalent will build leading edge protection for every workload on every cloud.
• Cisco is committed to nurturing, investing in and contributing to eBPF, Cilium, Tetragon, and cloud native open source communities. 

SAN JOSE, Calif., Dec. 21, 2023 /PRNewswire/ -- Cisco (NASDAQ: CSCO) today announced the intent to acquire Isovalent, a leader in open source cloud native networking and security, to bolster its secure networking capabilities across public clouds.

The acquisition of Isovalent will build on the Cisco Security Cloud vision, an AI-driven, cloud delivered, integrated security platform for organizations of any shape and size. The Cisco Security Cloud enables customers to abstract security controls from multicloud infrastructure to provide advanced protection against emerging threats across any cloud, application or workload.

"Together with Isovalent, Cisco will build on the open source power of Cilium to create a truly unique multicloud security and networking capability to help customers simplify and accelerate their digital transformation journeys," said Jeetu Patel, executive vice president and general manager of Security and Collaboration at Cisco. "Imagine in today's distributed environment - of applications, virtual machines, containers and cloud assets - having security controls with total visibility, without hindering networking and application performance. The combination of Cisco and Isovalent will make this a reality."

Isovalent's team is a major contributor to the open source technology eBPF, and has led the development of Cilium, the leading cloud native solution for networking and security. eBPF provides unmatched visibility into the inner workings of the operating system - an ideal interface for building security systems that can protect a workload while it runs. Cilium provides IT and platform engineering teams with powerful networking capabilities and unparalleled visibility into the behavior and communication of cloud native applications, enabling seamless policy definition of software-defined networks. Isovalent has also recently introduced:

• Cilium Mesh:  allows for the easy connection of Kubernetes clusters with existing infrastructure across hybrid clouds,
• Tetragon: an eBPF-based open source security solution that provides visibility to and enforces runtime behavior within an application and on the network.  
• Isovalent Enterprise: an enterprise distribution of Cilium and Tetragon

Cisco intends to continue offering and building on Isovalent's slate of innovations for customers, including Isovalent Enterprise.

"Cisco is committed to nurturing, investing in, and contributing to the eBPF and Cilium open source communities," said Stephen Augustus, Head of Open Source at Cisco. "Isovalent's team will join Cisco's deep bench of open source governance and technical leadership to solve complex cloud native, security, and networking challenges. Their knowledge will accelerate innovation across the business and help further strengthen the Cisco Security Cloud platform to meet the growing demands of our customers."

Isovalent holds leadership positions in the Cloud Native Computing Foundation and eBPF Foundation, in addition to upstream software contributions, and this acquisition strengthens Cisco's role in supporting the open source ecosystem. Together as leaders in networking and security, Cisco and Isovalent will build solutions powered by eBPF technology that aim to solve the challenge of protecting workloads no matter where they reside. Cisco is committed to Cilium and Tetragon as open source projects and intends to create an independent advisory board to help steer Cisco's contributions to these important efforts in a way that is aligned with the needs of the open source community. 

The Isovalent team will join the Cisco Security Business Group once the acquisition closes, which is expected in the third quarter of fiscal year 2024. 

Additional Resources  

About Cisco
Cisco (NASDAQ: CSCO) is the worldwide technology leader that securely connects everything to make anything possible. Our purpose is to power an inclusive future for all by helping our customers reimagine their applications, power hybrid work, secure their enterprise, transform their infrastructure, and meet their sustainability goals. Discover more on The Newsroom and follow us on X at @Cisco.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.

View original content to obtain multimedia:https://www.prnewswire.com/news-releases/cisco-to-acquire-isovalent-to-define-the-future-of-multicloud-networking-and-security-302021005.html

SOURCE Cisco

Cisco Systems is stepping up its investment in the channel with the rollout of a simplified partner-led sales model aimed at enabling the networking leader to respond more quickly in the sales trenches to fend off competitors, said the company’s top sales executive.

Cisco channel partners will see more resources, stronger marketing and faster decision making from the networking leader, all as a result of its dramatic restructuring, said Rob Lloyd, executive vice president, worldwide operations at Cisco, San Jose, Calif, in an exclusive interview with CRN.

"We're going to move faster," said Lloyd. If we need to make a decision or a change on something, we're going to move more quickly. I expect we'll react in competitive situations in a more aggressive fashion and continue to deliver the consistency our partners expect of us."

Cisco will be pumping more money to back its channel-facing field sales teams and its channel support efforts, he said.

"My expectation is that more of those resources will be in the field teams that face our partners every day and engage in our partners, but I'll be very candid that we will put more into marketing programs over the next year. More into systemic investment to support the relationships with partners, their sales teams and their engineering teams and more into helping them build their practices," Lloyd said.

Lloyd, who is widely viewed as a potential successor to Cisco Chairman and CEO John Chambers, emerged this year as the public face of Cisco's defense against competitors like Hewlett-Packard, which are looking to eat into its lucrative networking sales and pull away channel partners. In the interview, Lloyd again went on the offensive, describing how Cisco's restructuring efforts will benefit the channel.

Going forward, Cisco will have two go-to-market models: "customer-led," which will be Cisco's traditional high-touch selling motion for large and strategic enterprise accounts, and what Cisco's calling "partner-led," which according to Cisco means a greater focus on sales through channel partners to all but its most strategic global accounts.

That partner-led model, said Lloyd, will mean more of Cisco's overall resources -- not less -- are headed for the Cisco channel.

Lloyd also said the company will become more nimble, allowing it to react in competitive situations much more aggressively and with less time spent mired in deal-weakening bureaucracy.

"We expect we're going to move faster," said Lloyd. "We've done a lot of things so that as we enter the next fiscal year, we're going to be faster in decision making with more accountability, less people who need to be in a room to make a decision, and more people who will be empowered to say 'yes.'"

Cisco needs to be simpler in its execution and get decisions made a lot more quickly on behalf of partners, he said.

"Sometimes when I visit with partners, when I visit with customers with our partners, there seems to be too many people required to make decisions," he said. "The networking industry has never moved more quickly than it is today. What we're doing is aligning our resources in a way in which there's much clearer accountability for decision making. [When it's] a matter to make a decision on a deal with our partner, we're going to do that faster, require less internal approvals to make these things happen."

"I would say we don't need as many people involved in decisions," Lloyd added. That he said, leads to more accountability and gets decisions "faster to the 'yes.'"

Cisco's focus will be on faster time-to-market, Lloyd said. It will also be getting more partners selling behind Cisco's architecture strategy, which allows partners to elevate the conversation with their customers on the basis of selling not only point products but future-ready network and data center architectures.

"The sustainable differentiation our partners bring is to have that conversation: here's how it all works together. [Partners can say] 'I have a practice that technically helps you do that, I believe the conversation is in the future, and I also have a service offering that will help you accelerate the results of that architecture,' Lloyd said. "That's what we're working on with partners: deploying the systems and architecture that personify the Cisco differentiation and we will continue the road we set."

NEXT: Cisco Partners Win In Services, Says Lloyd

As Cisco is continuously challenged by HP, Juniper and other aggressive threats to its core networking businesses, Lloyd contends Cisco will reinvest in partners to make them more profitable selling Cisco. One of the biggest advantages Cisco partners have is that Cisco turns over a majority of services opportunities to partners -- something that won't falter, Lloyd said.

"We build practices to accelerate the adoption of converged data center, private cloud, collaboration, virtualization, expert solutions that our customers can see and demand. [Partners] need to help build those practices they take into their services and into their businesses. That's the Cisco model," he said. "We're not out there at the end of the day competing with them and creating a hard deck of customers: 'You can go out and work with these players and we're going to take these ones direct.' That's not the Cisco model."

Cisco solution providers contacted by CRN said Cisco has a long way to go to make good on its promises of more resources and more profitably for partners as a result of the restructuring. But most agreed Cisco is saying all the right things as it attempts to right its ship.

"I am optimistic about the Cisco restructuring efforts – they are saying the right things so far," said Andy Cadwell, vice president of sales for INX, a Dallas-based solution provider and Cisco Gold partner. "As we all know now, Cisco as a whole has become a more bureaucratic, layered organization and more confusing to work with even with good channel support staff. Having U.S. field sales and channels across segments reporting up to a single head should foster more accountability and agility."

Cadwell said he's hopeful Cisco's restructuring will mean better alignment between Cisco and its channel partners at a strategic level.

"Re-examining channel partner profitability for their most loyal partners, getting much more succinct on Cisco's business-technology value proposition, defining Cisco's services posture and supporting vertically oriented partners like INX should all be top of mind as they move forward," Cadwell said.

Bob Venero, CEO of Future Tech, a Holbrook, New York solution provider, said it remains to be seen how the restructuring will ultimately impact partners.

"I don't know what the end result is going to be for the partner community," he said. "It's too early to tell. It takes a good amount of time to be able to turn a very large aircraft carrier like Cisco two or three degrees. It is going to take a while to see what the results will be. The hope is we'll be able to see something in the next two quarters that shows they are serious (about the partner led sales model) so we can see exactly how it will impact our business."

Steve Burke contributed to this article

Earning specialized certifications is a surefire way to advance your career in the IT field, regardless of industry or current career level. The right certification validates your skills and knowledge, which makes you more desirable to future employers who want to attract and retain the best employees. Below, we’ll explore the top IT certifications and share how to examine your goals to choose the right path forward. 

Cisco (NASDAQ: CSCO), the leader in enterprise networking and security, today unveiled the Cisco AI Assistant for Security.

This marks a major step in making artificial intelligence (AI) pervasive in the Security Cloud, Cisco’s unified, AI-driven, cross-domain security platform.

The AI Assistant will help customers make informed decisions, augment their tool capabilities and automate complex tasks.

“To be an AI-first company, you must be a data-first company. With our extensive native telemetry, Cisco is uniquely positioned to deliver cybersecurity solutions that allow businesses to confidently operate at machine scale, augmenting what humans can do alone,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Today’s announcement is a monumental step forward. This advancement will help tip the scales in favor of defenders, empowering customers with AI built pervasively throughout the Cisco Security Cloud.”

As cyber-attacks continue to evolve, organizations’ defenses must, too.

Ransomware and extortion attacks continue to persist at a steady pace, making up 20 percent of Cisco Talos Incident Response engagements this year, according to the new Talos 2023 Year in Review report.

Talos also observed an increase in sophisticated attacks on networking devices this past year, particularly by state-sponsored actors.

The increased speed and sophistication of malicious actors requires the adoption of machine scale defenses.

With unmatched visibility across the network and security, Cisco works with more machine-driven telemetry and on a scale larger than most in the industry.

The new Cisco AI Assistant for Security is trained on one of the largest security-focused data sets in the world, which analyzes more than 550 billion security events each day across web, email, endpoints, networks and applications.

It can understand event triage, impact and scope, root cause analysis and policy design. With this data, the AI Assistant aims to close the gap between cybersecurity intent and outcomes.

All of Cisco’s AI capabilities are built securely and align with Cisco’s Responsible AI Framework. 

Continuing the rapid pace of innovation, today Cisco is introducing:

• AI Assistant for Firewall Policy: The Cisco AI Assistant for Security is first going live within the Cisco Cloud-delivered Firewall Management Center and Cisco Defense Orchestrator to solve the big challenge of setting and maintaining complex policies and firewall rules. Administrators can now use natural language to discover policies and get rule recommendations, eliminating duplicate rules, misconfigured policies and complex workflows with increased visibility as well as accelerated troubleshooting and configuration tasks.

• AI-powered Encrypted Visibility Engine for All Firewall Models: Most data center traffic today is encrypted and the inability to inspect encrypted traffic is a key security concern. Decrypting traffic for inspection is resource-intensive and fraught with operational, privacy and compliance issues. With the 7.4.1 Operating System now available across the entire Cisco Secure Firewall family, customers see AI go even further via the Encrypted Visibility Engine. The Encrypted Visibility Engine leverages billions of samples, including sandboxed malware samples, to determine if the encrypted traffic is transporting malware. It can tell which operating system the traffic is coming from and what client application is generating that – all without the need for decryption.

“The ability for AI to reshape our daily lives and professional landscapes is immense. As a longstanding Cisco partner, we’re excited about the new Cisco AI Assistant for Security and how this will empower our customers with AI-driven efficiencies,” said Graham Robinson, Chief Technology Officer, Data#3. “The introduction of the AI Assistant to Cisco Firewall Management Center will help our customers quickly and easily configure policy changes. When combined with the new features in the 7.4.1 software release and the Encrypted Visibility Engine, this offers a truly compelling overall experience.”

To learn more visit cisco.com/go/security.

- Advertisement -

Starcevic/Getty Images

Configuration complexity and rules are among organizations’ most lethal, accidental risks when configuring networks and firewalls. Gartner predicts that misconfigurations will cause 99% of all firewall breaches this year. It’s the perfect use case for AI to prove its value to CISOs and CIOs. Not getting a hybrid cloud configuration right or a misconfigured firewall can lead to a breach no one has discovered until it’s too late. 

Cisco has been battling these risks on behalf of its customers for years. They’ve decided to go all in with AI and take on these challenges with their recently announced Cisco AI Assistant for Security and the AI-powered Encrypted Visibility Engine. The AI Assistant is trained on one of the largest security-focused data sets in the world, which analyzes more than 550 billion security events daily.

Cisco leveraged its deep network expertise by launching its Encrypted Visibility Engine. As the company told VentureBeat it’s designed to inspect encrypted traffic without the operational, privacy and compliance issues typically associated with decrypting traffic for inspection.

“One of the things that we wanted to do was make sure that AI was pervasive as part of the core fabric of Cisco security cloud, and every aspect of what we do in Cisco security, that’s what we’ve been working on,” Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco told VentureBeat during a exact interview.

When it comes to firewalls, complexity kills 

Cisco chose the right threat surface to go after with its most comprehensive AI cybersecurity release to close out 2023. Any CISO and members of their teams will admit that configuring firewalls, keeping the current patches and policies in place, and staying on top of any potential common vulnerabilities and exposures (CVE) is time-consuming and often gets ignored.

The greater the complexity of a firewall, the greater the chance it will get breached. Complexity will kill even the most effective cybersecurity strategy and well-implemented tech stack. Cybersecurity Insiders found that 58% of organizations have more than 1,000 firewall rules, with some extending into the millions. 

As a technology category that’s been around for decades, firewalls are ripe for more innovation. Gartner predicts that by 2026, more than 60% of organizations will have more than one type of firewall deployment, prompting the adoption of hybrid mesh firewalls. By that same year, more than 30% of the new deployments of distributed branch-office firewalls will be of firewall-as-a-service offerings, up from less than 10% in 2022.

Bringing policy chaos under control with AI

“Cisco is harnessing AI to reframe how organizations think about cybersecurity outcomes and tip the scales in favor of defenders. Cisco combines AI with its breadth of telemetry across the network, private and public cloud infrastructure, applications, internet, email, and endpoints,” Patel said.

Cisco based their AI Assistant for Security and AI-powered Encrypted Visibility Engine development efforts on their customers’ high priorities of streamlining firewall management. Patel said that when he and his team spoke with customers they kept hearing of the same challenges.

Patel added that customers wanted a more automated approach to checking configuration details, more insight when troubleshooting and an AI-based approach to optimizing rulesets. Patel explained that customer needs drove the three use cases the DevOps and engineering teams concentrated on. They include assisting (policy identification and reporting), augmenting (troubleshooting) and automating (policy lifecycle management). 

Cisco chose to develop the AI Assistant for Security inside their cloud-delivered Firewall Management Center (cdFMC) so they could leverage the latest large language models (LLMs). 

Raj Chopra, SVP and Chief Product Officer of the security business group at Cisco writes, “We created a generative tool designed to simplify firewall management for both seasoned admins and novice users. Utilizing advanced natural language processing (NLP) and machine learning (ML), it provides answers in seconds rather than forcing an administrator to spend their time sorting dependencies, network maps, and documentation.” 

What’s also evident from how AI Assistant for Security is architected is that Cisco will integrate more assistants across a wide spectrum of roles in their Security Cloud. The goal is to build out their cross-domain security platform with AI assistants available for automating security analysis and reporting tasks. 

AI still needs to have a human-in-the-middle to work 

There is a common trait across the rush to solve complex firewall policy problems and automate and streamline SOC team workflows with AI Assistants. That trait is the need for all of these tools’ models to keep learning and course correcting with human input while providing contextually useful information.  

VentureBeat spoke with Merritt Baer, Field CISO, Lacework, whose company recently introduced Lacework AI Assist. She told VentureBeat that AI-driven engines designed to parse policies help internal users understand their permissions better and that external users can better interact with their security insights and analytics. 

“Security product folks hope that these types of reasoning and query capabilities will allow users to better understand what might be layers of policies, which can be hard for humans to reason about— and product folks hope that this can help to do security more effectively. It’s no panacea—you still need to do something with that information. And folks should still ask their vendors about their internal security policies when using custom LLMs like this,” says Baer. 

On a broader scale, VentureBeat observes in most briefings on AI Assistants that the human-in-the-middle workflows are now table stakes in their product design. That’s evident in how well they are architected to flex between different roles. Ciscos’ AI Assistant for Security follows this paradigm and supports several standard configuration roles at launch.   

Just as AI assistants from Airgap Networks, CrowdStrike with Charlotte AI, Google Cloud Security AI Workbench, Lacework AI Assist,  Microsoft Security Copilot, Zscaler, and others can be configured for various roles, Cisco’s AI Assistant can flex from one role to another in security operations centers (SOC) with no re-configuration needed. 

CrowdStrike’s Charlotte AI also supports role-based AI-defined workflows and can integrate multiple best-of-breed AI models from third-party, open-source, or in-house development, ensuring the most appropriate LLM is used for a given task. Lacework AI Assist is also designed to scale across different roles, typically in a SOC. LaceWork AI Assist is unique in its ability to tailor and personalize insights while scaling between novice and expert cybersecurity professionals who can rapidly interpret and act on complex security data. 

Bottom line: How effective cybersecurity providers are at planning for the human-in-the-middle dynamics of their AI Assistants will directly impact their adoption and long-term contribution to securing organizations.