Ker-Splunk! Cisco closes $28 billion analytics acquisition

Job one: Splunkify Talos threat intelligence, then do the same all over the Cisco portfolio

Cisco has closed its $28 billion acquisition of Splunk.

A Monday regulatory filing [PDF] made it official, meaning Cisco's recent hint that the deal could conclude late in the first quarter of 2024 proved correct.


Competition is decreasing in enterprise IT – and you'll be poorer and dumber for it


Cisco must now therefore digest its largest-ever acquisition, in terms of the price paid. The networking giant is famed for having built a process to ingest acquired orgs, but Splunk will prove a challenge – it employed over 7,000 people who will swell Cisco's headcount by around ten percent.

Switchzilla CEO Chuck Robbins and Gary Steele – who went to bed on Sunday as Splunk's CEO and on Monday became a Cisco executive vice president and general manager of Splunk – together detailed a plan to integrate the two brands' wares.

"Over the next several months, we intend to incorporate Cisco's Talos threat intelligence into Splunk," the pair wrote.

Next will come an effort to "unify our AI assistants for security, so security professionals have one common experience when utilizing AI to analyze issues and perform tasks across the combined portfolio."

The duo also teased plans "to enable Splunk's market-leading SIEM and SOAR platform to utilize cloud, network, and endpoint analytics available from Cisco's security portfolio, enabling new ways for customers to detect, investigate, and respond to threats that can only be identified via lateral movement in the network."

Also on the agenda is building a multi-cloud observability platform.

But wait: there's more. The two execs wrote that Cisco will "focus on building and delivering best-in-class integrations between Cisco and Splunk products."

"We will drive new innovations with a unified data platform that integrates application, fraud, network, multi-cloud, security, user, and other data sources to address cyber, technical, and business risks throughout the entire portfolio," they added. Those plans call for the combined entity to "continue our extensive use, support, and contribution to the open source community such as OpenTelemetry, eBPF, and more."

Absent from the post is a timeframe for any of this to happen.

Will it work? Tech history is littered with examples of mergers that sought to combine theoretically complementary portfolios.

Symantec's acquisition of Veritas, for example, was designed to pull off the entirely sensible-sounding feat of merging security and data management tools. It flopped. Microsoft tried to buy market share for Windows Mobile when it swallowed Nokia – matching the integration of mobile OS and hardware that made Apple a success – and failed. As did Google, when it acquired Motorola for similar reasons.

The biggest analytics acquisition before Cisco's Splunk slurp was probably HP buying Autonomy – and we know how wretchedly that's turned out. ®

More about


Send us news

Other stories you might like