Tom Gillis And Cisco’s Vision For Security

By Will Townsend, Patrick Moorhead - May 11, 2023

Cisco may be the best-kept secret in the cybersecurity realm. The networking giant is known broadly for its Talos Intelligence Group, regarded as one of the world's largest commercial threat intelligence teams. However, many may not be familiar with its depth in endpoint, email, malware, firewall, router and workload security, among other areas.

To learn more, I recently spoke with Tom Gillis, who leads Cisco’s security effort. During our one-on-one, we discussed several topics ranging from his vision as the newly appointed leader to the challenges associated with zero-trust whitewashing, the convergence of networking and security and the sprawl of point solutions for security. It was an enlightening conversation that I am eager to share, so let’s dive in.

A return home

Gillis may be in a new role at Cisco, but he knows the company well. His first tenure with Cisco began more than 15 years ago when Cisco acquired IronPort Systems, antispam and antivirus startup that he co-founded and where he managed product and outbound marketing. More than a decade later, he has returned to the fold after with advisory board experience as well as nearly five years managing the networking and security business group at VMware.

It’s a perfectly tailored pedigree, especially given the continued convergence of networking and security. Gillis believes that this convergence must go deeper, given the need for context and visibility to harden security and eliminate gaps that continue to plague organizations of all sizes. These gaps are no small matter, because they leave companies vulnerable to malware, ransomware and denial of service (DDoS) attacks. To achieve his vision, Gillis is placing his bets on the cloud.

Security in the cloud

Cisco Security Cloud aims to deliver an open, integrated security platform for multi-cloud environments. Provided as a service, it leverages Talos threat intelligence, Cisco’s firewall capabilities, secure access from Cisco’s Duo acquisition and more. What I like about it is the ability for an organization to eliminate many point solutions and consolidate spending for security, treating all of it as an operational expense. This approach is especially compelling for customers given recent inflationary pressures.

Security point solution sprawl is a huge challenge. In speaking with Gillis and with leaders from many other companies over the last few years, I’ve heard again and again that managing dozens (or more!) of security products has become untenable. No single security platform can address it all, but sharply reducing the number of solutions can make the lives of networking and security operators much more manageable, allowing them time to focus on more value-added activities. Another bonus of a security cloud approach is that it can facilitate a legitimate zero-trust deployment. This is realized through the resulting context and policy support to authenticate users to applications, versus the limitations of a flat network.

Wrapping Up

Cisco is on the right track with its security portfolio after a few starts and stops in the past. The company delivers a good balance of coverage while making it easy for customers to acquire, deploy and manage it all. I’ve been pre-briefed, and Cisco will reveal more enhancements to its security portfolio at the upcoming RSA Conference, further strengthening its value proposition.

During our conversation, Gillis told me that his mother is a pianist, his father is an engineer and he’s a mix of both. In my mind, that makes him a great conductor for Cisco’s security strategy now and well into the future.

+ posts

Will Townsend manages the networking and security practices for Moor Insights & Strategy focused on carrier infrastructure providers, carrier services, enterprise networking and security. He brings over 30 years of technology industry experience in a variety of product, marketing, channel, business development and sales roles to his advisory position.

+ posts

Patrick founded the firm based on his real-world world technology experiences with the understanding of what he wasn’t getting from analysts and consultants. Ten years later, Patrick is ranked #1 among technology industry analysts in terms of “power” (ARInsights)  in “press citations” (Apollo Research). Moorhead is a contributor at Forbes and frequently appears on CNBC. He is a broad-based analyst covering a wide variety of topics including the cloud, enterprise SaaS, collaboration, client computing, and semiconductors. He has 30 years of experience including 15 years of executive experience at high tech companies (NCR, AT&T, Compaq, now HP, and AMD) leading strategy, product management, product marketing, and corporate marketing, including three industry board appointments.