As illustrated by Google’s recent acquisition of Mandiant and Cisco’s increasing focus on security, a convergence between tech hardware and cybersecurity software has been taking place, a move that should intensify over coming years.
For networking hardware specialists such as Cisco and Juniper, implementing firewalling and threat detection software in their routers and switches is a natural move as those devices are the point of entry into their clients’ networks. The role of a router/switch is basically to transfer data packets either within a network (East-West traffic), or inside/out of the network (South-North traffic). Integrating security functions where the data transits then eliminate the need to add other dedicated pieces of hardware, a source of cost optimization and reduced complexity for customers.
Convergence also takes place the other way around when cybersecurity vendors integrate networking capabilities in their solutions. One illustration is Fortinet, which offers the FortiOS operating system on its legacy firewall appliances that come with purpose-built security processors (SPUs) that avoid network performance bottlenecks linked to security. According to John Maddison, Fortinet Chief Marketing Officer, and VP of products: “Rather than relying on a series of discrete security components, a modern security strategy needs to start with a unified security platform that encompasses the entire network development and deployment life cycle. This approach helps ensure that security functions as the central consideration for all business-driven infrastructure decisions.”
Interestingly, recent research by Gartner states that 75% of organizations are consolidating their cybersecurity stack, notably due to operational complexity and a need for improved risk mitigation, compared to only 29% two years ago. Against this backdrop, several significant security vendors have expressed a desire to combine and develop a more integrated security offering in recent years. As an example, Crowdstrike’s CEO stated that companies want “fewer point products, fewer agents and technologies that consume fewer resources,” and that enterprises must streamline activities in their IT and security stacks to reduce complexity.
For the cybersecurity pure players, the implications from this convergence are two-fold. In the short term, they could benefit from commercial partnerships with Tech companies and takeover speculation, keeping in mind that Tech giants have massive M&A ammo and can afford high price multiples for businesses that have strategic importance. The 57% premium paid by Google for Mandiant is telling.
Longer term, they could be at risk of being marginalized in an industry dominated by giants should they fail to strike these partnerships or M&A deals.
And for Tech companies with a hardware-driven business such as Cisco, cybersecurity represents the opportunity to gain budget share with their customers by offering them new products and easier IT infrastructure management, and to accelerate their transition to a more recurring software and cloud-based revenue model. For instance, Cisco’s Networking as a Service (NaaS) will completely remove the need for clients to manage hardware and IT teams, as all the work will be performed by Cisco upon subscription.
Cloud Giants And Semiconductor Companies Also Follow The Convergence Path
This convergence is also visible at cloud and semiconductor companies that roll out SmartNICs with built-in security capabilities. SmartNICs are the latest iteration of Network Interface Cards and oversee the unloading of core computing power from routing data packets or virtualization in datacenters. As data packets go through the datacenter, these cards operate as a panel of experts who decide how to process and route the packets.
Security-wise, SmartNICs can protect datacenters against DDoS attacks (distributed denial of service), host the software for threat detection and response and take on the task of encryption/decryption. They also add a layer of security between the core server’s operating system and the network because they have their own OS that is on the forefront when an attack occurs.
The following illustration shows how software-defined networking and security functions are putting a burden on core GPUs/CPUs that are mainly built to perform specific computations. By adding SmartNICs in the equation, the overall computing power of datacenter is restored as each of its components is performing the task it was designed for.
Given the strategic nature and expected growth of SmartNICs (+26% CAGR until 2026 according to Dell’Oro), it’s not surprising to see a great deal of M&A activity in this space from semi companies. For instance, back in 2020, Nvidia acquired Mellanox, a company specialized in high-speed networking equipment for $7 billion, to strengthen its BlueField SmartNICs product line. The same strategy was followed by AMD which acquired earlier this year Pensando and its leading data processing units (DPU – another name for SmartNICs) portfolio for $1.9 billion.
The growth in data centers and processor-intensive enterprise workloads, such as high-performance computing (HPC) and AI, are the drivers for a broadscale SmartNICs adoption. The role of SmartNICs (or accelerators) is in fact so important that several cloud giants are developing their own proprietary smart network interface cards. Indeed, Amazon Web Services, following the acquisition of Annapurna labs, developed its Nitro SmartNICs. Similarly, Microsoft Azure have its proprietary AccelNet accelerators.
All in all, we see the convergence between Tech hardware (networking equipment, semiconductors…) and security as a major positive for both large Tech companies looking to tap cross-selling opportunities and expand their recurring revenue profile and for cybersecurity vendors likely to attract continued takeover interest.