Cybersecurity

As Splunk and Cisco learn to work together, exec keeps an eye on threat surface

“We weren’t small,” exec tells IT Brew. “But Cisco has a much bigger operating environment.”
article cover

Kilito Chan/Getty Images

3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

When global network behemoth Cisco bought data processing company Splunk in March 2024, the two came together more like a merger than an acquisition.

That meant new job titles for some Splunk executives, like former SVP and General Manager of Security Mike Horn. Today, Horn is SVP and General Manager of Splunk Security Products at Cisco, a role that reflects his work to help ease the transition from an 8,000-strong company to one that in 2023, claimed more than 84,000 employees.

“We weren’t small,” Horn told IT Brew at Cisco Live in early June. “But Cisco has a much bigger operating environment where we can take advantage of [things like] ‘Hey, you’re making an investment in AI. Can we piggyback on that investment? We’re both doing work on ML—how can we get our teams working together so we can get an expanded set of capabilities?’”

On the lookout. Horn’s still keeping an eye on security threats. And in a sector that’s changing fast, especially with the introduction of AI on both the defender and attacker side, he said it’s important to stay on top of trends—be they new technologies or new ways of distributing attacks.

“Customers are looking at AI as being able to hopefully help them level the playing field,” Horn said. “[To] attackers, it costs them almost nothing to send out all these emails and credit phishing links, and you can—if you’re familiar with the ecosystem from the attacker’s perspective—you can get malware as a service. You can get phishing as a service.”

Security experts at this May’s RSA Conference in San Francisco said the same. The changing ransomware threat surface means that criminals are coordinating to an unprecedented degree. Druva CSO Yogesh Badwe said that he’s seeing a difference in how attackers are working together.

“It’s different groups, collaborating together in a way, with some sort of loose trust between them and handing off incidents,” Badwe previously told IT Brew.

Do the robot. But AI adds to the danger. A survey of IT leaders showed that most defenders feel they’re unprepared for AI-assisted attackers. And as Keeper Security CEO and co-founder Darren Guccione told IT Brew in May, criminals will utilize AI to “attack any particular endpoint that they can possibly get into, and then they’ll work in permeating at least horizontally and attack throughout an organization.”

That’s the kind of threat that worries Horn. He warned that as generative AI in particular becomes more sophisticated, the kind of phishing scams most people laugh at—obviously fake texts from your boss, for example—will become harder to detect.

“I do think that attackers are learning how to use these tools,” Horn said. “And so it’s going to require this elevation of the defenders.”

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.