Cisco Moves Into SIEM With $28B Deal to Acquire Splunk

Ciscos surprise agreement could reshape secure information and event management (SIEM) and extended detection and response (XDR) markets.

Cisco signaled it intends to reshape secure information and event management (SIEM) by pulling the trigger on a deal to acquire Splunk for $28 billion. The all-cash agreement,
announced
today, calls for Cisco to purchase Splunk shares at $157 each, a 31% premium over the closing price of Splunks stock on Wednesday.
The deal would be Ciscos largest to date. While
rumors surfaced
in early 2022 that the two companies were in acquisition talks, no deal materialized. Shortly after, Splunk tapped
longtime Proofpoint CEO Gary Steele
as its CEO. Steele said he will join Cisco after the transaction closes.
Adding Splunk could significantly boost Ciscos already formidable cybersecurity protection portfolio. Our combined capabilities will create an end-to-end data platform to enhance digital resiliency, said Cisco chairman and CEO Chuck Robbins during an investor call to announce the deal. Robbins anticipates the deal will close in the third quarter of 2024, pending shareholder and regulatory approvals.
Although regulators worldwide have more intensely scrutinized and often nixed many large deals recently, Robbins is confident they will clear this deal. Emboldening his confidence is that the agreement doesnt have to be approved in China because Splunk has a minimal presence there.
While getting large deals approved by regulators in the US and Europe has also become more difficult, Robbins argued that theres little overlap between the two companies offerings.
Through the integration of Ciscos extended detection and response platform, our best security insights, and Splunk security information and event management offering, we will be able to help our customers move from threat detection and response to threat prediction and prevention, Robbins said.
There was little recent indication that Cisco was contemplating a deal with Splunk, which mande the announcement a surprise to industry watchers. In a LinkedIn post, Omdia managing principal analyst Eric Parizo called the Cisco-Splunk deal a true bombshell move that will have a seismic impact on the entire enterprise cybersecurity landscape, adding it may foreshadow more consolidation.
Parizo believes the deal will position Cisco as one of the dominant players in
next-generation SIEM (NG-SIEM)
, a market that Omdia forecasts will grow to nearly $4 billion in global annual revenue by 2027. Splunks established position as a premium offering with the deep resources of Ciscos global salesforce should present immediate upsell opportunities, he adds.
Forrester analyst Allie Mellen agrees the deal could be a significant boon for Ciscos security efforts, but the effect on security practitioners remains to be seen. Mellen warns that Cisco has a checkered past with some of its largest acquisitions.
Cisco has long been a case study for acquisitions that dont live up to their initial promise and suffer from underinvestment and a lack of focus, Mellen says. To keep Splunks massive, loyal user base, Cisco needs to let Splunk deliver what Splunk does best: a flexible, powerful SIEM and observability offering.
The deal comes amid a growing spotlight on next-generation SIEM and organizations needing to move from legacy platforms to those that support multicloud and cloud-native applications and infrastructure. It also comes as platform providers are expanding their XDR capabilities.
For example, at this weeks CrowdStrike Fal.Con 2023 conference in Las Vegas, CrowdStrike released the Raptor version of its
Falcon platform
, which integrates an enhanced iteration of
LogScale
, the companys NG-SIEM offering. LogScale is the outgrowth of
CrowdStrikes $400 million acquisition
of logging and event management provider Humio. Designed to ingest petabytes of third-party data, CrowdStrikes Raptor release provides real-time event information natively in Falcon.
Over time, CrowdStrike CEO George Kurtz asserted SIEM will be subsumed into XDR. XDR, in my opinion, will replace SIEM; call it next-gen SIEM, Kurtz said during a media briefing this week. [Customers] want the ability to ingest data at scale ... to store that data, [and] they want the ability to search that data and query it, he said. And they want the ability to take an action, and if we put it all in one spot.
Analysts say CrowdStrikes goals are ambitious. LogScale is a first step toward SIEM, but is essentially more of a proprietary log management system tailored for its own solutions, Parizo notes. But if it has the bandwidth and appetite to quickly catch up on SIEM, there are certainly viable acquisition targets out there.
Mellen notes that most XDR vendors have shifted to having a SIEM or a SIEM-alternative in their portfolio. This is a massive shift in the market that gives CrowdStrike and other XDR vendors an opportunity to use to their advantage, she says.
Ciscos acquisition of Splunk would give Cisco both sides of the coin: XDR with Cisco XDR, and a SIEM with Splunk, she adds.
Roger Thornton, general partner at VC firm Ballistic Ventures, believes that in the short term, customers may become more open to alternative SIEM offerings. Customers, particularly big ones, dont like it when their favorite vendors get acquired, Thornton says. Integration always has an impact on support, account management, and the senior sponsors. It will definitely give Google Chronicle SIEM and Microsoft something to talk about with the Splunk installed base.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Cisco Moves Into SIEM With $28B Deal to Acquire Splunk